w3snoop.com Open in urlscan Pro
18.159.80.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://w3snoop.com/
Submission: On December 29 via manual (December 29th 2021, 9:38:11 pm UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 63 HTTP transactions. The main IP is 18.159.80.129, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is w3snoop.com.

This is the only time w3snoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	18.159.80.129 18.159.80.129	16509 (AMAZON-02) (AMAZON-02)
1 6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::ac43:a1d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	13.32.29.201 13.32.29.201	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	2600:9000:214... 2600:9000:214f:1400:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	51.75.146.199 51.75.146.199	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
63	20

20 18.159.80.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

w3snoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:a1d1 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:1400:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.199 (France)

ASN16276 (OVH, FR)
PTR: p12.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	w3snoop.com w3snoop.com	284 KB
13	googlesyndication.com pagead2.googlesyndication.com a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com tpc.googlesyndication.com	65 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	187 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	44 KB
4	amazon-adsystem.com c.amazon-adsystem.com	41 KB
3	google.com 1 redirects adservice.google.com www.google.com	2 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	id5-sync.com cdn.id5-sync.com id5-sync.com	11 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	google.co.uk adservice.google.co.uk	792 B
1	ezoic.net go.ezoic.net	2 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	ezodn.com go.ezodn.com	108 KB
63	14

	Domain	Requested by
20	w3snoop.com	w3snoop.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	1 redirects w3snoop.com securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	c.amazon-adsystem.com	w3snoop.com c.amazon-adsystem.com
3	www.gstatic.com	a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
3	fonts.googleapis.com	w3snoop.com a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagservices.com	a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	go.ezoic.net	w3snoop.com
1	cdn.id5-sync.com	w3snoop.com
1	www.googletagmanager.com	w3snoop.com
1	go.ezodn.com	w3snoop.com
63	20

This site contains links to these domains. Also see Links.

Domain
google.com.w3snoop.com
youtube.com.w3snoop.com
tmall.com.w3snoop.com
qq.com.w3snoop.com
baidu.com.w3snoop.com
sohu.com.w3snoop.com
facebook.com.w3snoop.com
taobao.com.w3snoop.com
360.cn.w3snoop.com
amazon.com.w3snoop.com
pronhub.net.w3snoop.com
proptexx.com.w3snoop.com
180sites.com.w3snoop.com
boxbrownie.com.w3snoop.com
steamunlocked.net.w3snoop.com
upstore.net.w3snoop.com
dvla.gov.uk.w3snoop.com
infochannel.info.w3snoop.com
dramacool.sk.w3snoop.com
consumotic.mx.w3snoop.com
liveappsearch.com.w3snoop.com
shahavani.com.w3snoop.com
watch321.com.w3snoop.com
baihe.com.w3snoop.com
8xlinks.mobi.w3snoop.com
bnmla.com.w3snoop.com
userdrive.com.w3snoop.com
moviz4u.in.w3snoop.com
sdmoviepoints.com.w3snoop.com
zapatopi.net.w3snoop.com
facebook.com
www.ezoic.com

Subject Issuer	Validity	Valid
w3snoop.com R3	`2021-11-29` - `2022-02-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.ezoic.net Amazon	`2021-02-15` - `2022-03-16`	a year	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://w3snoop.com/
Frame ID: 7EB8A4E6C14C266E632AC7A2883D25D1
Requests: 46 HTTP requests in this frame

Frame: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D582EDA2F723520E9F1092FC870CC396
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9DAA964A434AAFE1D38C450951023ED5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 08E7F5B28B2E4CB05B6E5EFABEABA0ED
Requests: 2 HTTP requests in this frame

Frame: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BD61A6192DBF2BFC13A44F867C9EBC6E
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 798CA73E519635FCAAE8AAB8041D4B82
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 56130BE7B48DB6F644C9F9B1F5C58A38
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

W3 Snoop - Snoop any website!

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

63
Requests

68 %
HTTPS

74 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

840 kB
Transfer

2478 kB
Size

21
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://google.com.w3snoop.com/
Title: google.com

Search URL Search Domain Scan URL

URL: https://youtube.com.w3snoop.com/
Title: youtube.com

Search URL Search Domain Scan URL

URL: https://tmall.com.w3snoop.com/
Title: tmall.com

Search URL Search Domain Scan URL

URL: https://qq.com.w3snoop.com/
Title: qq.com

Search URL Search Domain Scan URL

URL: https://baidu.com.w3snoop.com/
Title: baidu.com

Search URL Search Domain Scan URL

URL: https://sohu.com.w3snoop.com/
Title: sohu.com

Search URL Search Domain Scan URL

URL: https://facebook.com.w3snoop.com/
Title: facebook.com

Search URL Search Domain Scan URL

URL: https://taobao.com.w3snoop.com/
Title: taobao.com

Search URL Search Domain Scan URL

URL: https://360.cn.w3snoop.com/
Title: 360.cn

Search URL Search Domain Scan URL

URL: https://amazon.com.w3snoop.com/
Title: amazon.com

Search URL Search Domain Scan URL

URL: https://pronhub.net.w3snoop.com/
Title: pronhub.net

Search URL Search Domain Scan URL

URL: https://proptexx.com.w3snoop.com/
Title: proptexx.com

Search URL Search Domain Scan URL

URL: https://180sites.com.w3snoop.com/
Title: 180sites.com

Search URL Search Domain Scan URL

URL: https://boxbrownie.com.w3snoop.com/
Title: boxbrownie.com

Search URL Search Domain Scan URL

URL: https://steamunlocked.net.w3snoop.com/
Title: steamunlocked.net

Search URL Search Domain Scan URL

URL: https://upstore.net.w3snoop.com/
Title: upstore.net

Search URL Search Domain Scan URL

URL: http://dvla.gov.uk.w3snoop.com/
Title: dvla.gov.uk

Search URL Search Domain Scan URL

URL: https://infochannel.info.w3snoop.com/
Title: infochannel.info

Search URL Search Domain Scan URL

URL: https://dramacool.sk.w3snoop.com/
Title: dramacool.sk

Search URL Search Domain Scan URL

URL: https://consumotic.mx.w3snoop.com/
Title: consumotic.mx

Search URL Search Domain Scan URL

URL: https://liveappsearch.com.w3snoop.com/
Title: liveappsearch.com

Search URL Search Domain Scan URL

URL: https://shahavani.com.w3snoop.com/
Title: shahavani.com

Search URL Search Domain Scan URL

URL: https://watch321.com.w3snoop.com/
Title: watch321.com

Search URL Search Domain Scan URL

URL: https://baihe.com.w3snoop.com/
Title: baihe.com

Search URL Search Domain Scan URL

URL: https://8xlinks.mobi.w3snoop.com/
Title: 8xlinks.mobi

Search URL Search Domain Scan URL

URL: https://bnmla.com.w3snoop.com/
Title: bnmla.com

Search URL Search Domain Scan URL

URL: https://userdrive.com.w3snoop.com/
Title: userdrive.com

Search URL Search Domain Scan URL

URL: http://moviz4u.in.w3snoop.com/
Title: moviz4u.in

Search URL Search Domain Scan URL

URL: https://sdmoviepoints.com.w3snoop.com/
Title: sdmoviepoints.com

Search URL Search Domain Scan URL

URL: https://zapatopi.net.w3snoop.com/
Title: zapatopi.net

Search URL Search Domain Scan URL

URL: https://facebook.com/w3snoop

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 20

http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
https://cdn.id5-sync.com/api/1.0/id5-api.js

Request Chain 62

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

63 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
w3snoop.com/ 88 KB
25 KB 421ms
407ms Document
text/html 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://w3snoop.com/

Protocol

HTTP/1.1

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9ca39dc95cd0c5de57ac55fee382dc528e94630f6595f45edbfae5e43153da38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Dec 2021 21:38:06 GMT
Display: pub_site_sol
Etag: W/"61cc4f92-390a-gzip"
Expires: Tue, 28 Dec 2021 21:38:06 GMT
Last-Modified: Wed, 29 Dec 2021 12:07:46 GMT
Pagespeed: off
Response: 200
Server: nginx
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Ez-Minify-Html: 6.71% 85941 / 92124
X-Frame-Options: SAMEORIGIN
X-Middleton-Display: pub_site_sol
X-Middleton-Response: 200
X-Sol: pub_site
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

78 KB
27 KB

47ms
26ms

Script
text/javascript

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: w3snoop.com
URL: http://w3snoop.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1086 / 482 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26915
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 Dec 2021 21:38:06 GMT

Redirect headers

Date: Wed, 29 Dec 2021 21:32:33 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 333
Content-Type: text/html; charset=UTF-8
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control: public, max-age=1800
Content-Length: 249
X-XSS-Protection: 0
Expires: Wed, 29 Dec 2021 22:02:33 GMT

GET
H/1.1 200
OK dall.js Show response
go.ezodn.com/hb/ 362 KB
108 KB 63ms
46ms Script
application/javascript 2606:4700:3036::ac43:a1d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://go.ezodn.com/hb/dall.js?b=adyoulike,amx,ix,medianet,onetag,pubmatic,pulsepoint,rhythmone,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-32
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:a1d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd08b268f597f39e5f54945d26faeea6a016f0f16a0613ef33c0ab2e2773ea1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:06 GMT
content-encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 29 Dec 2021 21:38:06 GMT
Server: cloudflare
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKkUxZgBpM5haySc8P3%2BOrrjaqx35QRMmk27%2Bj1fLo1PKjciQl3ga4enzNkUlxi61bZ3U3E4ZvVX0ciUduSquQiOdy41I08iCq3Pz7CrfaT6fcXVHLlvu4pD5QUgYu%2BNjWqYgNwkc3tPiJI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: public, max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c562c668faa4ac3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 13ms
7ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/
Protocol: HTTP/1.1
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
Content-Encoding: gzip
ETag: 1e39d25f07f5619925357b752ab10d04
Age: 142
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Server: Server
x-amz-rid: 0P58CK5CH6MPMRAJ2K8Q
Date: Wed, 29 Dec 2021 21:35:44 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
Cache-Control: public, max-age=900
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: vgD3apAiJYexEH4z61jJcy-xC9gR-Ea9YfS6zdajz_Qvc1mdGKzsPw==

GET
H2 200 app.css
w3snoop.com/css/ 27 KB
6 KB 411ms
386ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w3snoop.com/css/app.css?ez_used_css_s=17

Requested by

Host: w3snoop.com
URL: http://w3snoop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b7cd9dfcbe5985af9d5ec32bbdfcc8aaee61aba8378d1aa937cd11227a625ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-xss-protection: 1; mode=block
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ec50a0d-8c9a-gzip"
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 app.js Show response
w3snoop.com/js/ 505 KB
152 KB 1246ms
1221ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w3snoop.com/js/app.js?v=6

Requested by

Host: w3snoop.com
URL: http://w3snoop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b1fd003241addf4bc00b090f2bf310d957b30536c3cb84680563ac7fd8d25805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-xss-protection: 1; mode=block
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ebe3a4d-7e222-gzip"
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
x-ez-minify-js: 0.00% 516642 / 516642
expires: Sat, 01 Jan 2022 21:38:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 41ms
19ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-123359880-1

Requested by

Host: w3snoop.com
URL: http://w3snoop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32df3e1b5e01eb956d7ea17009afa83a186574c8050fbcda1dc7d10a1630657d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36180
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Dec 2021 21:38:06 GMT

GET
H/1.1 200
OK consentsettings.js Show response
w3snoop.com/detroitchicago/ 1 KB
965 B 10ms
10ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/detroitchicago/consentsettings.js?cb=2
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Dec 2021 05:43:17 GMT
Server: nginx
Etag: "5be-5d4426a229a5e;5c701b9c2cf40-gzip"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 587

GET
H2 200 logo.png
w3snoop.com/images/interface/ 25 KB
11 KB 437ms
436ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w3snoop.com/images/interface/logo.png

Requested by

Host: w3snoop.com
URL: http://w3snoop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d3d0691529584a990bbfe5c69c8e6830d63a35527415bc77368f99ee18707c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
display: staticcontent_sol
etag: "5e49f91d-6397-gzip"
x-frame-options: SAMEORIGIN
content-type: image/png
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
x-middleton-response: 200
vary: Accept-Encoding, Origin,Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK banger.js Show response
w3snoop.com/porpoiseant/ 53 KB
13 KB 14ms
13ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/porpoiseant/banger.js?cb=195-7&bv=93&v=57&PageSpeed=off
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 953c30c206b021f7cc294421bc798b2877bd33e1caf0adaf1f4f9fddc9aece26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:06 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
X-Robots-Tag: noindex

GET
H/1.1 200
OK ezcl.webp Show response
w3snoop.com/utilcave_com/inc/ 1 KB
2 KB 25ms
19ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:06 GMT
X-Sol: middleton
Server: nginx
Display: staticcontent_sol
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: staticcontent_sol
Cache-Control: max-age=86400
X-Ez-Minify-Js: 0.00% 1337 / 1337
Content-Length: 1337

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Requested by

Host: w3snoop.com
URL: https://w3snoop.com/css/app.css?ez_used_css_s=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 21:38:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 21:38:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 21:38:06 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
739 B 28ms
10ms XHR
application/json 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fw3snoop.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 19:27:11 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
server: Server
age: 7855
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://w3snoop.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
content-length: 385
x-amz-cf-id: bUjqP28ANfrMjUYwmuCK5Mjo_2xo25FZkEL1_LOQUCC6ZmvfDmS-5w==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 65ms
52ms XHR
text/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fw3snoop.com%2F&pid=CGJkhBkwc7Awf&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-box-4-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-box-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-box-3-0%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-box-3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-medrectangle-2-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-medrectangle-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-box-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-medrectangle-1-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-medrectangle-1%22%7D%5D&schain=1.0%2C1!ezoic.ai%2C89dda44f243a7dcabff588800a1bcd4f%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.29.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-29-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:06 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: HX8EJS6ZRQD1DCQYV3NP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://w3snoop.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: mPsqzfM13sh_L-2-E55bdELKraLBaQCfWn1nENaJHVGDsYBb8QDSSQ==

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 227ms
222ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
X-Amz-Cf-Pop: FRA56-C2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 22 Dec 2021 01:41:37 GMT
Server: AmazonS3
ETag: W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
x-amz-version-id: L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
Via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Content-Type: application/javascript
X-Amz-Cf-Id: 6fXnFvXnhVihVF-J_qSbkb0zVypzZSu8ZzTuV6aDZ2dVd3lma7ozzw==

GET
H/1.1 200
OK cmbv2.js Show response
w3snoop.com/detroitchicago/ 86 KB
26 KB 46ms
41ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx20x1fx21x34x57
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7e73dbc5e80ebea2bbadea11f37f99ee2b8924c4a837dc08d3571693b8a8a6f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:06 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: max-age=31536000, public, max-age=31536000, public
Transfer-Encoding: chunked
X-Robots-Tag: noindex

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://w3snoop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 460698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 13:39:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 28ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://w3snoop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 13307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 17:56:19 GMT

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 22ms
21ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 Dec 2021 21:38:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 105 B
113 B 31ms
15ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=w3snoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

df284f49648bc1773d5355d800f10b758d2248e7d8ab3112c7f93f088c9c5c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 21:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88
x-xss-protection: 0
expires: Wed, 29 Dec 2021 21:38:06 GMT

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55d4281576433134d8b17334e25dc390a6062aee7a6da5ceab383a407c660855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

id5-api.js Show response
cdn.id5-sync.com/api/1.0/
Redirect Chain

http://cdn.id5-sync.com/api/1.0/id5-api.js
https://cdn.id5-sync.com/api/1.0/id5-api.js

37 KB
10 KB

44ms
9ms

Script
text/javascript

46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: w3snoop.com
URL: http://w3snoop.com/

Protocol

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 29 Dec 2021 21:13:46 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10430
x-request-id: 447643882

Redirect headers

Location: https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason: HSTS

GET
H2 200 url.png
w3snoop.com/images/icons/ 375 B
511 B 366ms
366ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w3snoop.com/images/icons/url.png

Requested by

Host: w3snoop.com
URL: https://w3snoop.com/css/app.css?ez_used_css_s=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

544a07ea785fbf3038bff6880b444664138c3aa00e89858cf9fb9c76e2bc94f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3snoop.com/css/app.css?ez_used_css_s=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
content-length: 379
x-xss-protection: 1; mode=block
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e49f91d-177-gzip"
vary: Accept-Encoding, Origin,Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000

GET
H/1.1 200
OK houston.js Show response
w3snoop.com/detroitchicago/ 4 KB
2 KB 11ms
11ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/detroitchicago/houston.js?gcb=7&cb=16
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:06 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: max-age=31536000, public
X-Robots-Tag: noindex
Content-Length: 1459

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 55ms
7ms Image
image/png 2600:9000:214f:1400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 07:27:28 GMT
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
x-sol: middleton
age: 223839
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: UAJcjikx77FAlhDAxECD7jH1TwsE2iHt1z2aEdo3cgq91iL34yR0sg==
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
display: staticcontent_sol
expires: Mon, 03 Jan 2022 07:27:28 GMT

GET
H/1.1 200
OK nmash.js
w3snoop.com/porpoiseant/ 24 KB
6 KB 12ms
12ms Other
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/porpoiseant/nmash.js?v=93
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Dec 2021 23:12:18 GMT
Server: nginx
Etag: "6003-5d43cf3e8c070;5c701b9c2cf40-gzip"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-Robots-Tag: noindex

GET
H/1.1 200
OK imp.gif Show response
w3snoop.com/detroitchicago/ 43 B
370 B 17ms
17ms XHR
image/gif 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%226%2C3%2C2%2C5%2C1%2C4%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A5%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A86868%2C%22domain_test_group%22%3A20210303%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22619%22%2C%22iab_category_2%22%3A%2258%22%2C%22iab_category_3%22%3A%2253%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1118%2C1121%2C1136%2C1142%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%220e6f4be8-af5a-4af8-6146-336966255839%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2260313%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A14602%2C%22response_time_orig%22%3A173%2C%22serverid%22%3A%2218.192.3.91%3A27244%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1118%2C1121%2C1136%2C1142%22%2C%22t_epoch%22%3A1640813886%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22http%3A%2F%2Fw3snoop.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A299%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx20x1fx21x34x57
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:07 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: imp_sol
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Tue, 28 Dec 2021 21:38:06 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 app.css
w3snoop.com/css/ 27 KB
27 KB 679ms
678ms Image
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w3snoop.com/css/app.css?ez_used_css_s=17

Requested by

Host: w3snoop.com
URL: http://w3snoop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-xss-protection: 1; mode=block
response: 200
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ec50a0d-8c9a-gzip"
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: text/css
cache-control: public, max-age=31536000

GET
H/1.1 200
OK cmbdv2.js Show response
w3snoop.com/detroitchicago/ 47 KB
12 KB 17ms
16ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/detroitchicago/cmbdv2.js?gcb=195-7&cb=03-5y0c-5y18-4y35-23y58-21&cmbcb=20&sj=x03x0cx18x35x58
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f4713b0b38d1191bce32a595e82a19faf3c1bdab050e0853ccd9bed58cb4bcfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:07 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: max-age=31536000, public, max-age=31536000, public
Transfer-Encoding: chunked
X-Robots-Tag: noindex

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123359880-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 193
date: Wed, 29 Dec 2021 21:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 29 Dec 2021 23:34:54 GMT

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 213 B
528 B 98ms
24ms XHR
application/json 51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

74baa76684bc1d6e9929a2de4f56e61ce05319b32e72a4c9685a248857ea3840

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://w3snoop.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://w3snoop.com
Date: Wed, 29 Dec 2021 21:38:06 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1691770639&t=pageview&_s=1&dl=http%3A%2F%2Fw3snoop.com%2F&ul=en-us&de=UTF-8&dt=W3%20Snoop%20-%20Snoop%20any%20website!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=678068517&gjid=1844440130&cid=865095631.1640813887&tid=UA-123359880-1&_gid=1353659580.1640813887&_r=1&gtm=2ouc10&z=1230431319

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://w3snoop.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 21:38:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://w3snoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 37ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=w3snoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 21:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=w3snoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 21:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 116 KB
30 KB 417ms
416ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2782220042437421&correlator=4130429535327538&output=ldjh&impl=fifs&eid=31061814%2C31063378%2C44756717&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211229&iu_parts=1254144%3A15511903%2Cw3snoop_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ga%3D2497208%26tap%3Dw3snoop_com-pixel1-8330882913297631%26ezoic%3D1%26ap%3D9999%26iid1%3D8330882913297631%26bra%3Dmod13-c&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1640779666&dt=1640813888002&dlt=1640813886443&idt=582&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=1377911083&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fw3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=865095631.1640813887&ga_sid=1640813888&ga_hid=1691770639&ga_fc=true&fws=2&ohw=0&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

47e4894fbcc2aa22238784b488b9297ccc8099114eb2b442181c2440ab68cae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30743
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://w3snoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 62ms
27ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

109d592765e1cf9eadfc84b719323564f572bcb51c52738d54c9f19313d5977e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 21:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8518
x-xss-protection: 0

GET
H2 200 container.html Show response
a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D582 6 KB
4 KB 78ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 29 Dec 2021 21:38:08 GMT
expires: Thu, 29 Dec 2022 21:38:08 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 15ms
14ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 Dec 2021 21:38:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Wed, 29 Dec 2021 21:38:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9DAA 13 KB
5 KB 24ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 29 Dec 2021 21:02:15 GMT
expires: Thu, 29 Dec 2022 21:02:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 08E7 783 B
1 KB 37ms
15ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad7971778b16709fcfad7f8ab72f0a537303f9912324a2eb7a2b03ef81094cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2wIHzXhfG+5JyQ7wkXLsJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 29 Dec 2021 21:38:08 GMT
date: Wed, 29 Dec 2021 21:38:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2wIHzXhfG+5JyQ7wkXLsJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DAA 35 KB
13 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 19:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Dec 2022 19:12:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 08E7 0
0 42ms
42ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2782220042437421&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2782220042437421&bg=!xcalxoLNAAZKWFskSlg7ACkAdvg8Wm0WN8kg-_Kd3hPuZPsCUKkmrMfo8YQXPbEFi4ofxxoqdQiPCQIAAAA_UgAAAApoAQeZArIeTxZiEbhEsnbsUW4WvB4dOVzVMjSYy-kmrmQ28aqa1-5UkHxcLXiYkkqBTQEdiAeCzh4o73sRP25n_8SJ8fz9JDw44LetDsVQ2ySdDzA5UsKyIYq2a-wSh8G6e6ohpdSq4y386mYzf8FtaU1wOq__EeWZldHNW9ofW10lQylIVXrKRQsxMbSEk9WRKnOUlraIwjQdeK3RFp74SB5Cp8sM4pwzjnyUeG0DpzmS2F8xUeCailN3N_FhIUF5zEa1OFoRq3OTEhwycnE0Ch5Z3JoNVvPkI1VmIS7W81Qm0lapCe9DnTHbwN-JQ3mo8BoSf_vLoiVpkVTWqYS9zpKE5yFUfY2NKtqrJ_WfjlW3M8NvqUI1lGJ-BxKDBlpVm-rJFEr_UPcyn3cbo9yzbnGKzXZp-bspZHVHcqvT9gYlSvMkJQlKo8lhJaAwtICUK8Y2px2SKSUPUd1hHKVZmdtVAfI9Gj12_ZXStnvSj4LnJC38rOK0k6PMcPyHysFmdHM-lCsOT3TgXdWVvw454Sa4X_jRdzspMwuMCx1Tc2jDSmzRm4u_6T_khH-TZSTcSU_XVVLW1FSt3b40zehDGE6tnHCyP0LLvf3jY6717PV9bhOPbxBdyUOebIA_2FHmcViqVZd1Ywsps-oa1zCo_6jxDs8TWO7k6GVCTtLQNycUiSAbae6SBWBw-qz7a7PNOv0DdmBN_Rj9AMgnaNV4Mb9wQaZLtfwbZ1zaMq4WTH1GUuANm2xpNJ0pEjzanWut3nqgxPQ9v-Rc5HiMjI_aMLimtAhikUzC3MfY2ZJ4tPuTjDrNN6If7JN-jH700xHVcqLP706cvcCwfoCWuaQF55uuZW57cfJ6QiO1V6lL1jHNe7htBYkchDriZVu_WLw3dR6LJdhW9-78LAXQSFl4frQs8U4AWdI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 21:38:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BD61 6 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 29 Dec 2021 21:38:08 GMT
expires: Thu, 29 Dec 2022 21:38:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK greenoaks.gif Show response
w3snoop.com/detroitchicago/ 0
319 B 9ms
9ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZTZmNGJlOC1hZjVhLTRhZjgtNjE0Ni0zMzY5NjYyNTU4MzkiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDA4MTM4ODYsImRhdGEiOlt7Im5hbWUiOiJkZXZpY2Vfd2lkdGgiLCJ2YWwiOiIxNjAwIn0seyJuYW1lIjoiZGV2aWNlX2hlaWdodCIsInZhbCI6IjEyMDAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZTZmNGJlOC1hZjVhLTRhZjgtNjE0Ni0zMzY5NjYyNTU4MzkiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDA4MTM4ODYsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTEyLTI5In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMjEifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMyJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMGU2ZjRiZTgtYWY1YS00YWY4LTYxNDYtMzM2OTY2MjU1ODM5IiwiZG9tYWluX2lkIjoiODY4NjgiLCJ0X2Vwb2NoIjoxNjQwODEzODg2LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZTZmNGJlOC1hZjVhLTRhZjgtNjE0Ni0zMzY5NjYyNTU4MzkiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDA4MTM4ODYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMGU2ZjRiZTgtYWY1YS00YWY4LTYxNDYtMzM2OTY2MjU1ODM5IiwiZG9tYWluX2lkIjoiODY4NjgiLCJ0X2Vwb2NoIjoxNjQwODEzODg2LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX1d
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx20x1fx21x34x57
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:08 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Middleton-Display: ezp_sol
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Content-Length: 0
Expires: Tue, 28 Dec 2021 21:38:06 GMT

GET
H/1.1 200
OK greenoaks.gif Show response
w3snoop.com/detroitchicago/ 0
319 B 8ms
8ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZTZmNGJlOC1hZjVhLTRhZjgtNjE0Ni0zMzY5NjYyNTU4MzkiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDA4MTM4ODYsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjE1In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiI0MjIifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjcifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiNTM5In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiNTM5In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjEyNDcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZTZmNGJlOC1hZjVhLTRhZjgtNjE0Ni0zMzY5NjYyNTU4MzkiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDA4MTM4ODYsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjkxOCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjBlNmY0YmU4LWFmNWEtNGFmOC02MTQ2LTMzNjk2NjI1NTgzOSIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidF9lcG9jaCI6MTY0MDgxMzg4NiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI5MTgifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZTZmNGJlOC1hZjVhLTRhZjgtNjE0Ni0zMzY5NjYyNTU4MzkiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDA4MTM4ODYsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZTZmNGJlOC1hZjVhLTRhZjgtNjE0Ni0zMzY5NjYyNTU4MzkiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDA4MTM4ODYsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2Rvd25saW5rIiwidmFsIjoiOS41In1dfV0=
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx20x1fx21x34x57
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:08 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Middleton-Display: ezp_sol
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Content-Length: 0
Expires: Tue, 28 Dec 2021 21:38:07 GMT

GET
H/1.1 200
OK greenoaks.gif Show response
w3snoop.com/detroitchicago/ 0
319 B 10ms
10ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZTZmNGJlOC1hZjVhLTRhZjgtNjE0Ni0zMzY5NjYyNTU4MzkiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDA4MTM4ODYsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZTZmNGJlOC1hZjVhLTRhZjgtNjE0Ni0zMzY5NjYyNTU4MzkiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDA4MTM4ODYsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTk3NyJ9XX1d
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx20x1fx21x34x57
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:08 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Middleton-Display: ezp_sol
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Content-Length: 0
Expires: Tue, 28 Dec 2021 21:38:08 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame BD61 4 KB
634 B 30ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 21:21:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 21:38:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 21:38:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 798C 3 KB
579 B 21ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 20:10:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 21:38:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 21:38:08 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 798C 1 KB
880 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 21:37:25 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 798C 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 21:29:37 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 798C 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 21:31:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 798C 119 KB
37 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Dec 2021 21:38:08 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 798C 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 21:28:31 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 798C 27 KB
12 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 22:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 22:16:39 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame BD61 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 21:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
server: cafe
etag: 3177319193432224586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 21:08:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BD61 205 B
295 B 27ms
9ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 15:22:16 GMT
x-content-type-options: nosniff
age: 22552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 29 Dec 2022 15:22:16 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BD61 604 B
919 B 26ms
8ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 15:01:37 GMT
x-content-type-options: nosniff
age: 110191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 28 Dec 2022 15:01:37 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5613 143 B
426 B 27ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 29 Dec 2021 21:04:54 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK greenoaks.gif Show response
w3snoop.com/detroitchicago/ 0
319 B 10ms
10ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZTZmNGJlOC1hZjVhLTRhZjgtNjE0Ni0zMzY5NjYyNTU4MzkiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDA4MTM4ODYsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9sb2FkIiwidmFsIjoiMjA4NyJ9XX1d
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx20x1fx21x34x57
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:08 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Middleton-Display: ezp_sol
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Content-Length: 0
Expires: Tue, 28 Dec 2021 21:38:14 GMT

GET
H/1.1 200
OK army.gif Show response
w3snoop.com/porpoiseant/ 0
319 B 9ms
9ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODMzMDg4MjkxMzI5NzYzMSIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidW5pdCI6Inczc25vb3BfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NDA4MTM4ODYsImF1Y3Rpb25fZXBvY2giOjE2NDA4MTM4ODksImFkX3Bvc2l0aW9uIjo5OTk5LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiMGU2ZjRiZTgtYWY1YS00YWY4LTYxNDYtMzM2OTY2MjU1ODM5IiwiYmlkX2Zsb29yX2luaXRpYWwiOm51bGwsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjpudWxsLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1NDAsIm11bHRpX2FkX3VuaXQiOm51bGwsIm11bHRpX2FkX2NvdW50IjpudWxsLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx20x1fx21x34x57
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:08 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Middleton-Display: ezp_sol
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Content-Length: 0
Expires: Tue, 28 Dec 2021 21:38:07 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5613
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

77ms
63ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
URL: https://a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 29 Dec 2021 21:38:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 29 Dec 2021 21:38:08 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 29 Dec 2021 21:38:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK army.gif Show response
w3snoop.com/porpoiseant/ 0
319 B 9ms
9ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w3snoop.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODMzMDg4MjkxMzI5NzYzMSIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidW5pdCI6Inczc25vb3BfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NDA4MTM4ODYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjBlNmY0YmU4LWFmNWEtNGFmOC02MTQ2LTMzNjk2NjI1NTgzOSIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAwLDEyMDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4MzMwODgyOTEzMjk3NjMxIiwiZG9tYWluX2lkIjoiODY4NjgiLCJ1bml0IjoidzNzbm9vcF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY0MDgxMzg4NiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiMGU2ZjRiZTgtYWY1YS00YWY4LTYxNDYtMzM2OTY2MjU1ODM5IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4MzMwODgyOTEzMjk3NjMxIiwiZG9tYWluX2lkIjoiODY4NjgiLCJ1bml0IjoidzNzbm9vcF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY0MDgxMzg4NiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiMGU2ZjRiZTgtYWY1YS00YWY4LTYxNDYtMzM2OTY2MjU1ODM5IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: w3snoop.com
URL: http://w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx20x1fx21x34x57
Protocol: HTTP/1.1
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://w3snoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 21:38:09 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-Middleton-Display: ezp_sol
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Content-Length: 0
Expires: Tue, 28 Dec 2021 21:38:07 GMT

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.w3snoop.com/	1970-01-19 23:46:55	Name: ezoadgid_86868 Value: -1
.w3snoop.com/	1970-01-19 23:47:01	Name: ezoref_86868 Value:
.w3snoop.com/	1970-01-19 23:47:01	Name: ezoab_86868 Value: mod13-c
.w3snoop.com/	1970-01-19 23:49:46	Name: active_template::86868 Value: pub_site.1640813886
.w3snoop.com/	1970-01-19 23:46:55	Name: ezopvc_86868 Value: 1
.w3snoop.com/	1970-01-19 23:48:20	Name: ezepvv Value: 319
.w3snoop.com/	1970-01-19 23:46:55	Name: ezovid_86868 Value: 141754460
.w3snoop.com/	1970-01-19 23:46:55	Name: lp_86868 Value: http://w3snoop.com/
.w3snoop.com/	1970-01-19 23:49:46	Name: ezovuuidtime_86868 Value: 1640813886
.w3snoop.com/	1970-01-19 23:46:55	Name: ezovuuid_86868 Value: 306814fc-6432-4906-429b-36b2cae099c8
.w3snoop.com/	1970-01-20 08:32:29	Name: ezCMPCCS Value: false
w3snoop.com/	1970-01-22 13:06:05	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
w3snoop.com/	1970-01-22 13:06:05	Name: ezohw Value: w%3D1600%2Ch%3D1200
w3snoop.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
.w3snoop.com/	1970-01-20 17:18:05	Name: _ga Value: GA1.2.865095631.1640813887
.w3snoop.com/	1970-01-19 23:48:20	Name: _gid Value: GA1.2.1353659580.1640813887
.w3snoop.com/	1970-01-19 23:46:53	Name: _gat_gtag_UA_123359880_1 Value: 1
.w3snoop.com/	1970-01-20 09:08:29	Name: __gads Value: ID=f5d04f7399a140ef-226ee66412cd007a:T=1640813888:S=ALNI_MYULccnMXWTfHTikXoWW7ifQSRXIw
w3snoop.com/	1969-12-31 23:59:59	Name: ezouspva Value: 1
.doubleclick.net/	1970-01-19 23:46:57	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 09:08:29	Name: IDE Value: AHWqTUkF7PXXci6BhakwnZznxawlVOw1UlMstaWP4n8yezZcdx40yvafsgAB2bMI

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://w3snoop.com/ Message: The resource https://w3snoop.com/js/app.js?v=6 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://w3snoop.com/ Message: The resource http://go.ezodn.com/hb/dall.js?b=adyoulike,amx,ix,medianet,onetag,pubmatic,pulsepoint,rhythmone,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-32 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a23457253c183d7fc7d81deb82dbdd93.safeframe.googlesyndication.com
adservice.google.co.uk
adservice.google.com
c.amazon-adsystem.com
cdn.id5-sync.com
fonts.googleapis.com
fonts.gstatic.com
go.ezodn.com
go.ezoic.net
googleads.g.doubleclick.net
id5-sync.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
w3snoop.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.32.29.201
142.250.185.66
18.159.80.129
2600:9000:214f:1400:2:cb38:840:93a1
2606:4700:3036::ac43:a1d1
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
46.105.202.126
51.75.146.199
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
109d592765e1cf9eadfc84b719323564f572bcb51c52738d54c9f19313d5977e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32df3e1b5e01eb956d7ea17009afa83a186574c8050fbcda1dc7d10a1630657d
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c
47e4894fbcc2aa22238784b488b9297ccc8099114eb2b442181c2440ab68cae3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
544a07ea785fbf3038bff6880b444664138c3aa00e89858cf9fb9c76e2bc94f9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d4281576433134d8b17334e25dc390a6062aee7a6da5ceab383a407c660855
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cd08b268f597f39e5f54945d26faeea6a016f0f16a0613ef33c0ab2e2773ea1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74baa76684bc1d6e9929a2de4f56e61ce05319b32e72a4c9685a248857ea3840
7e73dbc5e80ebea2bbadea11f37f99ee2b8924c4a837dc08d3571693b8a8a6f7
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
953c30c206b021f7cc294421bc798b2877bd33e1caf0adaf1f4f9fddc9aece26
9ca39dc95cd0c5de57ac55fee382dc528e94630f6595f45edbfae5e43153da38
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1fd003241addf4bc00b090f2bf310d957b30536c3cb84680563ac7fd8d25805
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b7cd9dfcbe5985af9d5ec32bbdfcc8aaee61aba8378d1aa937cd11227a625ff7
bad7971778b16709fcfad7f8ab72f0a537303f9912324a2eb7a2b03ef81094cf
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
d3d0691529584a990bbfe5c69c8e6830d63a35527415bc77368f99ee18707c87
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
df284f49648bc1773d5355d800f10b758d2248e7d8ab3112c7f93f088c9c5c34
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4713b0b38d1191bce32a595e82a19faf3c1bdab050e0853ccd9bed58cb4bcfb
ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

w3snoop.com Open in urlscan Pro 18.159.80.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

68 %HTTPS

74 %IPv6

14 Domains

20 Subdomains

20 IPs

3 Countries

840 kBTransfer

2478 kBSize

21 Cookies

32 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

w3snoop.com Open in urlscan Pro
18.159.80.129 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

68 %
HTTPS

74 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

840 kB
Transfer

2478 kB
Size

21
Cookies

63 HTTP transactions
2 data transactions