sqworl.com Open in urlscan Pro
104.236.103.127 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://sqworl.com/bevbfc
Submission: On October 19 via manual (October 19th 2023, 3:42:26 am UTC) from US — Scanned from CH

Summary HTTP 93 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 24 domains to perform 93 HTTP transactions. The main IP is 104.236.103.127, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is sqworl.com.

This is the only time sqworl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	104.236.103.127 104.236.103.127	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2a02:26f0:f70... 2a02:26f0:f700:3ae::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
3	35.201.67.47 35.201.67.47	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
5	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.226.124.48 141.226.124.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	184.30.16.183 184.30.16.183	16625 (AKAMAI-AS) (AKAMAI-AS)
4 10	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.32.184.180 23.32.184.180	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
93	37

9 104.236.103.127 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

sqworl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:f700:3ae::1931 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

www.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)

ch-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:1ec:c11::200 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 2045 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6890	59 KB
10	bing.com 4 redirects www.bing.com — Cisco Umbrella Rank: 75	24 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	261 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	42 KB
9	sqworl.com sqworl.com	36 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1126 trc.taboola.com — Cisco Umbrella Rank: 680 ch-trc-events.taboola.com — Cisco Umbrella Rank: 4013	218 KB
7	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 4246 r.skimresources.com — Cisco Umbrella Rank: 4126 t.skimresources.com — Cisco Umbrella Rank: 4281 p.skimresources.com — Cisco Umbrella Rank: 5648	21 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1192 syndication.twitter.com — Cisco Umbrella Rank: 1427	148 KB
4	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3460 log.pinterest.com — Cisco Umbrella Rank: 4776	20 KB
3	iubenda.com cdn.iubenda.com — Cisco Umbrella Rank: 13196 www.iubenda.com — Cisco Umbrella Rank: 65311	34 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1374	104 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4847	58 KB
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 478	416 B
2	google.ch www.google.ch — Cisco Umbrella Rank: 24974	515 B
2	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2714	658 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	89 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 ajax.googleapis.com — Cisco Umbrella Rank: 405	35 KB
1	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 3312	46 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	602 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	82 KB
1	gstatic.com fonts.gstatic.com	39 KB
0	thum.io Failed image.thum.io Failed
93	24

	Domain	Requested by
10	www.bing.com	4 redirects googleads.g.doubleclick.net sqworl.com
9	sqworl.com	sqworl.com
8	ams3-ib.adnxs.com	acdn.adnxs-simple.com googleads.g.doubleclick.net cdn.adnxs.com sqworl.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com sqworl.com
6	pagead2.googlesyndication.com	sqworl.com pagead2.googlesyndication.com googleads.g.doubleclick.net acdn.adnxs-simple.com www.googletagservices.com
4	tpc.googlesyndication.com	sqworl.com
4	cdn.taboola.com	s.skimresources.com cdn.taboola.com
4	platform.twitter.com	sqworl.com platform.twitter.com
3	t.skimresources.com	sqworl.com s.skimresources.com
3	assets.pinterest.com	sqworl.com assets.pinterest.com
2	i.clean.gg	acdn.adnxs-simple.com
2	www.googletagservices.com	sqworl.com
2	cdn.adnxs.com	sqworl.com
2	adsdk.microsoft.com	sqworl.com
2	trc.taboola.com	cdn.taboola.com
2	gum.criteo.com	1 redirects sqworl.com
2	syndication.twitter.com	platform.twitter.com sqworl.com
2	www.google.ch	sqworl.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	p.skimresources.com	sqworl.com
2	www.google-analytics.com	sqworl.com www.google-analytics.com
2	connect.facebook.net	sqworl.com connect.facebook.net
2	cdn.iubenda.com	sqworl.com cdn.iubenda.com
1	log.pinterest.com	sqworl.com
1	acdn.adnxs-simple.com	sqworl.com
1	ch-trc-events.taboola.com	sqworl.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.google.com	sqworl.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.google-analytics.com
1	www.iubenda.com	cdn.iubenda.com
1	r.skimresources.com	s.skimresources.com
1	fonts.gstatic.com	fonts.googleapis.com
1	s.skimresources.com	sqworl.com
1	ajax.googleapis.com	sqworl.com
1	fonts.googleapis.com	sqworl.com
0	image.thum.io Failed	sqworl.com
93	37

This site contains links to these domains. Also see Links.

Domain
cryptovcnews.com
www.iubenda.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-28` - `2023-10-26`	3 months	crt.sh
*.skimresources.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-25` - `2023-11-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-09-17` - `2023-12-16`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 11 frames:

Primary Page: http://sqworl.com/bevbfc
Frame ID: A8394CE71BE15303A13F554421DE75FB
Requests: 53 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.23072515463762788
Frame ID: 76402339E39D01712DAEC08FEBAB2FE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 43146437D7EBAB79A72E0788853A5537
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=http%3A%2F%2Fsqworl.com
Frame ID: F4359B4655D546AFE63D57596724F179
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&h=280&slotname=6709750226&adk=397385836&adf=1684144924&pi=t.ma~as.6709750226&w=728&fwrn=4&fwrnh=100&lmt=1697679740&rafmt=1&format=728x280&url=http%3A%2F%2Fsqworl.com%2Fbevbfc&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1697686940498&bpp=4&bdt=420&idt=213&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=95957866292&frm=20&pv=2&ga_vid=485379849.1697686941&ga_sid=1697686941&ga_hid=802022423&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077328%2C31078020%2C44805113%2C44805533%2C44805680%2C44805921%2C44805931%2C31078301%2C31078859%2C44803790%2C31078891%2C44806139&oid=2&pvsid=4015963793120367&tmod=799796271&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rDh2gdDIL2&p=http%3A//sqworl.com&dtd=226
Frame ID: 1D799143E103A2C0D82DB23070AB7C5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&adk=1812271804&adf=3025194257&lmt=1697679740&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fsqworl.com%2Fbevbfc&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1697686940519&bpp=4&bdt=441&idt=214&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=95957866292&frm=20&pv=1&ga_vid=485379849.1697686941&ga_sid=1697686941&ga_hid=802022423&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077328%2C31078020%2C44805113%2C44805533%2C44805680%2C44805921%2C44805931%2C31078301%2C31078859%2C44803790%2C31078891%2C44806139&oid=2&pvsid=4015963793120367&tmod=799796271&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=221
Frame ID: 3F93A04D4029105CF0EC7453262DCAFB
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Frame ID: 137E98E0833E27EA804849561B4200BA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 57EDFB42AE6081CD9F08242245AAB41B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 16308D57EB3D638742F57237C9BD4202
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 72DCC3101DCA053BF16789D8D1DBD0D0
Requests: 18 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 336E563C6DB031A3DA1C7D4D2AABF990
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sqworl | Visual Bookmarks for Educators | Sqworl

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Iubenda (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

iubenda\.com/cookie-solution/confs/js/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

93
Requests

67 %
HTTPS

61 %
IPv6

24
Domains

37
Subdomains

37
IPs

5
Countries

1352 kB
Transfer

4250 kB
Size

10
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://cryptovcnews.com/

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/380745
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/380745/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png HTTP 307
https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png

Request Chain 10

http://assets.pinterest.com/js/pinit.js HTTP 307
https://assets.pinterest.com/js/pinit.js

Request Chain 16

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 21

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 48

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 302
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Request Chain 61

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=59527cdf-74c0-48ad-9e42-0fdf32926a40&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=53fd154c-a4d1-40b6-8969-3e961d577db0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dbbd7043ecd1f4e1fa2bb38dac18d32bf%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7338011&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_vcqrivpr&aid=6939423413340701513 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=bbd7043ecd1f4e1fa2bb38dac18d32bf&SNR=1&GV=2&med=10

Request Chain 72

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d5b32a9-6f36-4c58-82a7-9dffa6fb482b&bidId=1&bidderId=4&cmExpId=V5&oAdUnit=391466&publisherId=162645330&rId=811050e9-5be1-415d-a9c3-5ced9fb7b42e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%284-0%29%3F%26RG%3D9dd902ce5f624733a8619488d63febb5%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7338011&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp_ab_cevpr&aid=5350883369365331500&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(4-0)?&RG=9dd902ce5f624733a8619488d63febb5&SNR=1&GV=2&med=10

Request Chain 91

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=59527cdf-74c0-48ad-9e42-0fdf32926a40&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=53fd154c-a4d1-40b6-8969-3e961d577db0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dbbd7043ecd1f4e1fa2bb38dac18d32bf%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7338011&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_vcqrivpr&aid=6939423413340701513 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=bbd7043ecd1f4e1fa2bb38dac18d32bf&tids=15000&med=10

Request Chain 93

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d5b32a9-6f36-4c58-82a7-9dffa6fb482b&bidId=1&bidderId=4&cmExpId=V5&oAdUnit=391466&publisherId=162645330&rId=811050e9-5be1-415d-a9c3-5ced9fb7b42e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D9dd902ce5f624733a8619488d63febb5%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=7338011&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp_ab_cevpr&aid=5350883369365331500&wp= HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9dd902ce5f624733a8619488d63febb5&tids=1&med=10

93 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request bevbfc Show response
sqworl.com/ 11 KB
4 KB 237ms
115ms Document
text/html 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash: d0486480b2ffef4f8abc0aa6f71ce276f161398779ea235634bd17604db7fdd6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3879
Content-Type: text/html
Date: Thu, 19 Oct 2023 03:31:02 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.7 (Ubuntu)
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.9-1ubuntu4.22

GET
H/1.1 200
OK css
fonts.googleapis.com/ 5 KB
1 KB 54ms
30ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Nunito:400,300,700

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

babaaa81145b4526fa24c3e7390463fb37e7ecb5b68a7239c101d12918268333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:42:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Thu, 19 Oct 2023 03:42:20 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 19 Oct 2023 03:42:20 GMT

GET
H/1.1 200
OK style.css
sqworl.com/css/ 22 KB
5 KB 114ms
112ms Stylesheet
text/css 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://sqworl.com/css/style.css?v=1
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 46e5365ad8d0b582339cfdcdb3c58df70a9b6f042b29545090b5ad192fcfc31f

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/bevbfc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:31:02 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 Aug 2016 18:23:14 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "568b-53a0c357cf903-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4677

GET
H/1.1 200
OK tipsy.css
sqworl.com/css/ 2 KB
865 B 223ms
111ms Stylesheet
text/css 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://sqworl.com/css/tipsy.css
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 0889308c17c381d319d123a50a0aaafa256f57c667e1309510a90311edf404eb

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/bevbfc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:31:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Dec 2014 02:17:48 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "876-50a6014fe3772-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 530

GET
H/1.1 200
OK media.css
sqworl.com/css/ 3 KB
1 KB 227ms
113ms Stylesheet
text/css 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://sqworl.com/css/media.css
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 06ec94c6f183b0450ee88b453cc5dcf08708d666c87a76c6d48dda51b0d6886a

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/bevbfc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:31:02 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Mar 2017 20:16:18 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "cec-54a01739347c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 822

GET
H/1.1 200
OK modernizr-2.6.2.min.js Show response
sqworl.com/js/ 15 KB
6 KB 228ms
114ms Script
application/javascript 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://sqworl.com/js/modernizr-2.6.2.min.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/bevbfc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:31:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Dec 2014 02:17:56 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "3c36-50a60156e46f2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6246

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
53 KB 78ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cfa2c92257a4febe36c0560653119945fbd651fbd10dd53a09c7dce15292f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:42:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 53913
X-XSS-Protection: 0
Server: cafe
ETag: 16816471922137080499
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 19 Oct 2023 03:42:20 GMT

GET
H/1.1 200
OK iubenda_cs.js Show response
cdn.iubenda.com/cookie_solution/safemode/ 237 B
975 B 106ms
40ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.iubenda.com/cookie_solution/safemode/iubenda_cs.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 3a585399acea802506b248a0f83926def3bc57198d35a8e48dadd149c556f2b1

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:42:20 GMT
Content-Encoding: gzip
CDN-EdgeStorageId: 1082
Transfer-Encoding: chunked
P3P: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
CDN-CachedAt: 10/18/2023 08:19:47
CDN-PullZone: 954456
Connection: keep-alive
Last-Modified: Tue, 17 Oct 2023 15:05:32 GMT
Server: BunnyCDN-DE1-1080
CDN-ProxyVer: 1.04
CDN-RequestPullCode: 200
ETag: "652ea2bc-d6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
CDN-Cache: REVALIDATED
CDN-Uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
Cache-Control: public, max-age=3600
CDN-RequestId: 8bdd8ee6893cc5b5b93e4f9cf71d9162
CDN-RequestCountryCode: CH
CDN-Status: 200
CDN-RequestPullSuccess: True

GET
H/1.1 200
OK sqworl_logo.png
sqworl.com/img/ 13 KB
13 KB 228ms
115ms Image
image/png 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sqworl.com/img/sqworl_logo.png
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 13f69fb9d246edd6b451b2b31124dcf540a2612bb5b5ddf0be757e812cb03525

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/bevbfc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:31:02 GMT
Last-Modified: Fri, 19 Dec 2014 17:27:57 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "322c-50a9507a07b7b"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12844

GET /
image.thum.io/get/auth/57215-sqworl/width/200/crop/900/noanimate/https://cryptovcnews.com/ 0
0

GET
H2

200

pinit_fg_en_rect_gray_20.png
assets.pinterest.com/images/pidgets/
Redirect Chain

http://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png

908 B
1 KB

267ms
59ms

Image
image/png

2a02:26f0:f700:3ae::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: H2
Server: 2a02:26f0:f700:3ae::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

akamai-x-true-ttl: 86400
x-cdn: akamai
etag: "8a25277cfdf72f8f916b4cdc34052149"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: image/png
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=70101
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 908

Redirect headers

Location: https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

pinit.js Show response
assets.pinterest.com/js/
Redirect Chain

http://assets.pinterest.com/js/pinit.js
https://assets.pinterest.com/js/pinit.js

361 B
439 B

264ms
61ms

Script
application/javascript

2a02:26f0:f700:3ae::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: H2
Server: 2a02:26f0:f700:3ae::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=299
accept-ranges: bytes
content-length: 203

Redirect headers

Location: https://assets.pinterest.com/js/pinit.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
34 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 06:32:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 76213
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33434
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 17 Oct 2024 06:32:07 GMT

GET
H/1.1 200
OK jquery.tipsy.js Show response
sqworl.com/js/ 10 KB
3 KB 116ms
114ms Script
application/javascript 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://sqworl.com/js/jquery.tipsy.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 67b2a3e28c0d6e105b04a4806b84c02cede9775d5ba3be5bd57fb80772724952

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/bevbfc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:31:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Dec 2014 02:17:55 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "263b-50a6015669632-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2712

GET
H/1.1 200
OK jquery.infieldlabel.min.js Show response
sqworl.com/js/ 2 KB
1 KB 115ms
113ms Script
application/javascript 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://sqworl.com/js/jquery.infieldlabel.min.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 15c390fc54814643250ccf0ab0530dcf3c0b86e6293b46c3e55fa861c4bd394e

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/bevbfc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:31:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Dec 2014 02:17:54 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "6c8-50a601558f9d2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 761

GET
H/1.1 200
OK 30768X884129.skimlinks.js Show response
s.skimresources.com/js/ 51 KB
20 KB 101ms
29ms Script
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://s.skimresources.com/js/30768X884129.skimlinks.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 22da01693f4a80c11dbf4f02d3ecc9a0f0cf9a000f7d72ff0b40e475f4fa0eec

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:42:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2023 14:55:38 GMT
Server: AmazonS3
x-amz-request-id: 9CVEXB2XJHK9N2P2
ETag: "4bd4be92faee4cd3355615d9575e2512"
X-HW: 1697686940.cds248.fr8.h2,1697686940.cds247.fr8.c
Content-Type: application/octet-stream
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19530
x-amz-id-2: 1HByOTZkZE6qCmKqg1FM0I0nv5bMJqaiFI3myo9+MNIV/c8zjq51YJzJnr+P1C+0l/hPf141+UM=

GET
H/1.1 200
OK XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 43ms
22ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Nunito:400,300,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://sqworl.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:45:55 GMT
X-Content-Type-Options: nosniff
Age: 536185
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 39124
X-XSS-Protection: 0
Last-Modified: Thu, 14 Sep 2023 00:02:20 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 22:45:55 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

84ms
27ms

Script
application/x-javascript

2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e572c76b59c25a3b8590da803e55ac06d6e86d87069358d8cdfc329f238b57b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Oct 2023 03:42:20 GMT
content-md5: WUNT8fYqYMtPNYyaDG0zvA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
x-fb-debug: du7BZYYH9reXzjU7A9pv7YWn40UCy7mKTj4rEgNE/Xw8QCSkCtjZ/1byY8ITDJaTE7/htOrUiHbMaH+G7udS+Q==
x-fb-content-md5: 7b9dec7a2d92c2bfbdb2df25d5ba8de2
cross-origin-opener-policy: same-origin-allow-popups
etag: "a8a9ceaf7a9abeb5411305e57959f42e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 19 Oct 2023 03:46:51 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#xfbml=1&appId=1393466737546175&version=v2.0
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 98ms
31ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7D) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:42:20 GMT
Content-Encoding: gzip
Age: 568
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (amb/6B7D)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK gear-bg-24.png
sqworl.com/img/ 2 KB
2 KB 113ms
113ms Image
image/png 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sqworl.com/img/gear-bg-24.png
Requested by: Host: sqworl.com
URL: http://sqworl.com/css/style.css?v=1
Protocol: HTTP/1.1
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 0c4a1f78c32fa975cccbc35ac2fc2cf186506b408f3256f039d820e456597de0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/css/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:31:02 GMT
Last-Modified: Wed, 17 Dec 2014 02:17:56 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "6c1-50a6015779d92"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1729

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 59ms
30ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=200342a01c6abad0ee2fe48b071093e4

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f38b00d052cf65bb655d6daea0f410f6064032c5d3c845a8002a74700fb63d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://sqworl.com/
Origin: http://sqworl.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Oct 2023 03:42:20 GMT
content-md5: jF84o9MX+cRcsLK71qmxZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88298
x-fb-debug: bjM7vnY2Wuvnig/7ksEf6SXq0D8bUY94QmNZ/Exmjr2/WumBZbA7Hf2jiv+waQ035dMTQpoVQzNjy1CpsIFl0g==
x-fb-content-md5: 8152cbd7ee82612f47693aea3fa41a2b
cross-origin-opener-policy: same-origin-allow-popups
etag: "01ad4177cef9e6c1c4397f6d4506eeb5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Oct 2024 00:42:05 GMT

GET
H/1.1 200
OK core-fcf8c9eac36aece9d290934b54a63296.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/ 97 KB
32 KB 38ms
38ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js
Requested by: Host: cdn.iubenda.com
URL: http://cdn.iubenda.com/cookie_solution/safemode/iubenda_cs.js
Protocol: HTTP/1.1
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 3883953ece04ad3f10b29882c2d75b7dfed7c4fc3a2505063b78cb6549038645

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:42:20 GMT
Content-Encoding: gzip
CDN-EdgeStorageId: 1080
Transfer-Encoding: chunked
P3P: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
CDN-CachedAt: 10/18/2023 08:19:47
CDN-PullZone: 954456
Connection: keep-alive
Last-Modified: Tue, 17 Oct 2023 15:05:32 GMT
Server: BunnyCDN-DE1-1080
CDN-ProxyVer: 1.04
CDN-RequestPullCode: 200
ETag: "652ea2bc-7e3c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
CDN-Cache: HIT
CDN-Uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
Cache-Control: public, max-age=31536000
CDN-RequestId: cd3d1aaa1e03c1c3c47f8e546ca435e6
CDN-RequestCountryCode: CH
CDN-Status: 200
CDN-RequestPullSuccess: True

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

100ms
21ms

Script
text/javascript

2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Oct 2023 01:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 19 Oct 2023 03:51:33 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 / Show response
r.skimresources.com/api/ 162 B
377 B 85ms
31ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

a53a997b031dbf94ed7fc24aa1f1335fd924b158223c5a1b690e9b25ced61e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://sqworl.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 19 Oct 2023 03:42:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://sqworl.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 7640 0
123 B 83ms
30ms Image
text/plain 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.23072515463762788
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:42:20 GMT
via: 1.1 google
cache-control: private, no-store
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK px.gif
p.skimresources.com/ 43 B
307 B 89ms
29ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://p.skimresources.com/px.gif?ch=1&rn=0.3760519576267942
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Thu, 19 Oct 2023 03:42:20 GMT
Via: 1.1 google
Server: Skimlinks Pixel 1.0
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK px.gif
p.skimresources.com/ 43 B
307 B 90ms
30ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://p.skimresources.com/px.gif?ch=2&rn=0.3760519576267942
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Thu, 19 Oct 2023 03:42:20 GMT
Via: 1.1 google
Server: Skimlinks Pixel 1.0
Content-Length: 43
Content-Type: image/gif

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 394 KB
134 KB 145ms
92ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_fy2021.js?bust=31078859

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4549e861ca98ad23d42db01df6d4b561916a0b26fdc46d5aecfb4436657945f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137077
x-xss-protection: 0
server: cafe
etag: 17377492891763972981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 03:42:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 4314 10 KB
5 KB 73ms
22ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 53165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Wed, 01 Nov 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame F435 319 KB
104 KB 125ms
31ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=http%3A%2F%2Fsqworl.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA1) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: http://sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 803397
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Oct 2023 03:42:20 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BA1)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK 380745.js Show response
www.iubenda.com/cookie-solution/confs/js/ 89 B
852 B 116ms
38ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

http://www.iubenda.com/cookie-solution/confs/js/380745.js

Requested by

Host: cdn.iubenda.com
URL: http://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js

Protocol

HTTP/1.1

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

06f1bd029bb57ef9b4aace3a36a730983913dee2d416b55cae48dc435e20c765

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Fri, 18 Aug 2023 12:05:07 GMT
Date: Thu, 19 Oct 2023 03:42:20 GMT
Strict-Transport-Security: max-age=63072000
CDN-EdgeStorageId: 1081
CDN-CachedAt: 08/18/2023 11:05:07
CDN-PullZone: 966339
Connection: keep-alive
Content-Length: 89
Last-Modified: Fri, 18 Aug 2023 10:22:50 GMT
Server: BunnyCDN-DE1-1081
CDN-ProxyVer: 1.04
CDN-RequestPullCode: 200
ETag: "64df467a-59"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
CDN-Cache: HIT
CDN-Uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
CDN-RequestId: 60e1e70a298a90cd2a456624e1cb40ac
Accept-Ranges: bytes
CDN-RequestCountryCode: CH
CDN-Status: 200
CDN-RequestPullSuccess: True

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
355 B 34ms
32ms XHR
application/javascript 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.10 aiohttp/3.8.5 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://sqworl.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:20 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: http://sqworl.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 link Show response
t.skimresources.com/api/v2/ 22 B
114 B 34ms
33ms XHR
application/javascript 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.10 aiohttp/3.8.5 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://sqworl.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:20 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: http://sqworl.com
warning: 299 - "Deprecated API"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/skimlinks-publishers/ 149 KB
44 KB 55ms
24ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Requested by: Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js
Protocol: HTTP/1.1
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c22d79d6e02d0f287c726a6c8362cb80515cf0d41b91debc60af4af8f5b6071

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YmZfSP8v69R4ozQ7r0Fq423AwxSWkBez
Content-Encoding: gzip
Via: 1.1 varnish
Date: Thu, 19 Oct 2023 03:42:20 GMT
x-amz-request-id: 01588TJ5FPT7YJZQ
Age: 18
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-amz-replication-status: FAILED
Connection: keep-alive
Content-Length: 44200
x-amz-id-2: MiEAhUSi0XI/1do3d2n22D59mtrTgTIELgmVIos6MY1nMxen2BKjkNECTKwdE/FVjLeeVDfxlwo=
X-Served-By: cache-fra-eddf8230057-FRA
Last-Modified: Tue, 17 Oct 2023 09:31:41 GMT
Server: AmazonS3
X-Timer: S1697686941.611952,VS0,VE1
ETag: "fc4dd037bd6855d2fceffcf6bdf6fd99"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
abp: 91
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
X-Cache-Hits: 1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
218 B 33ms
33ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=802022423&t=pageview&_s=1&dl=http%3A%2F%2Fsqworl.com%2Fbevbfc&ul=en-us&de=UTF-8&dt=Sqworl%20%7C%20Visual%20Bookmarks%20for%20Educators%20%7C%20Sqworl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1924216534&gjid=1948367698&cid=485379849.1697686941&tid=UA-50855-7&_gid=951810988.1697686941&_r=1&_slc=1&z=696161005

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

296021c91b01be4129994cf73621317625b7a80eaf234241408fa85cb5c54902

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://sqworl.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://sqworl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 62ms
61ms Script
application/javascript 2a02:26f0:f700:3ae::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.029295003177982837
Requested by: Host: assets.pinterest.com
URL: http://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:3ae::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=257
accept-ranges: bytes
content-length: 18679

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 99ms
33ms XHR
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-50855-7&cid=485379849.1697686941&jid=1924216534&gjid=1948367698&_gid=951810988.1697686941&_u=IEBAAEAAAAAAACAAI~&z=1043378545

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://sqworl.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 19 Oct 2023 03:42:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://sqworl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
82 KB 93ms
39ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HVD4KN0Q8F&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

835eb4412d4bf9d14ac553674c485f69d35a333445fbcf2f51e5532385bc1b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:42:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83083
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 03:42:20 GMT

GET
H2 200 impl.20231017-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 813 KB
169 KB 78ms
25ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 73b4424d2202e9f35bc51ef07a84e4f2ca17e5c73fb20a25869eb92ae379e2b3

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kWTGf8NvWbb5LFVDeZErjvUZoExbKdv8
content-encoding: br
via: 1.1 varnish
date: Thu, 19 Oct 2023 03:42:20 GMT
x-amz-request-id: 5485VPXHM2MYWHW9
age: 9431
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 172298
x-amz-id-2: 4RQQHVFCyQRh/wX4iKGP6SU4EJ5o5sC1bqxuX3ELPOEqIEAyt7Bbhswp+aoYui84a+7qLAyNkjI=
x-served-by: cache-fra-eddf8230083-FRA
last-modified: Tue, 17 Oct 2023 09:04:04 GMT
server: AmazonS3-br
x-timer: S1697686941.733146,VS0,VE0
etag: "3bda92b29c116dc4e083c00e4076691d"
vary: Accept-Encoding
content-type: application/javascript
abp: 39
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 8066

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
602 B 96ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sqworl.com&callback=_gfp_s_&client=ca-pub-7139769428607423

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_fy2021.js?bust=31078859

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24a2ae774bca5bcc1b9be63b0f8705ca63633addafce79d36b91e555de9428a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1D79 716 B
578 B 225ms
224ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&h=280&slotname=6709750226&adk=397385836&adf=1684144924&pi=t.ma~as.6709750226&w=728&fwrn=4&fwrnh=100&lmt=1697679740&rafmt=1&format=728x280&url=http%3A%2F%2Fsqworl.com%2Fbevbfc&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1697686940498&bpp=4&bdt=420&idt=213&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&correlator=95957866292&frm=20&pv=2&ga_vid=485379849.1697686941&ga_sid=1697686941&ga_hid=802022423&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077328%2C31078020%2C44805113%2C44805533%2C44805680%2C44805921%2C44805931%2C31078301%2C31078859%2C44803790%2C31078891%2C44806139&oid=2&pvsid=4015963793120367&tmod=799796271&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rDh2gdDIL2&p=http%3A//sqworl.com&dtd=226

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_fy2021.js?bust=31078859

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc9889b74b27f551f0af6bd389805c92cf371e2a9b881bf2cdc8e801b921187d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 03:42:20 GMT
expires: Thu, 19 Oct 2023 03:42:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 83ms
32ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-50855-7&cid=485379849.1697686941&jid=1924216534&_u=IEBAAEAAAAAAACAAI~&z=464136355

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 83ms
33ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-50855-7&cid=485379849.1697686941&jid=1924216534&_u=IEBAAEAAAAAAACAAI~&z=464136355

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F93 173 KB
28 KB 586ms
586ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&adk=1812271804&adf=3025194257&lmt=1697679740&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fsqworl.com%2Fbevbfc&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1697686940519&bpp=4&bdt=441&idt=214&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=95957866292&frm=20&pv=1&ga_vid=485379849.1697686941&ga_sid=1697686941&ga_hid=802022423&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077328%2C31078020%2C44805113%2C44805533%2C44805680%2C44805921%2C44805931%2C31078301%2C31078859%2C44803790%2C31078891%2C44806139&oid=2&pvsid=4015963793120367&tmod=799796271&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=221

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_fy2021.js?bust=31078859

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

309fb13dece4da6dea4f975a8c6001b1f51a80a89627e06c19e48b4570954a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28189
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 03:42:21 GMT
expires: Thu, 19 Oct 2023 03:42:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F435 869 B
657 B 226ms
141ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=7ccc290232554449622221b9ba588b2ceb3a476d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=http%3A%2F%2Fsqworl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 19 Oct 2023 03:42:20 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 19 Oct 2023 03:42:20 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 1d3cdca40225ca1e
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 9dd85a2ea271323824682bb90ee307f41f8112841a97c8beaf970d17991ee1a2
content-length: 337

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 110ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HVD4KN0Q8F&gtm=45je3ai0&_p=802022423&_gaz=1&ul=en-us&sr=1600x1200&cid=485379849.1697686941&_eu=ABAI&_s=1&dl=http%3A%2F%2Fsqworl.com%2Fbevbfc&dt=Sqworl%20%7C%20Visual%20Bookmarks%20for%20Educators%20%7C%20Sqworl&sid=1697686940&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVD4KN0Q8F&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://sqworl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 34ms
33ms Ping
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HVD4KN0Q8F&cid=485379849.1697686941&gtm=45je3ai0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVD4KN0Q8F&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://sqworl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
107 B 37ms
37ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HVD4KN0Q8F&cid=485379849.1697686941&gtm=45je3ai0&aip=1&z=1203155274

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync Show response
gum.criteo.com/
Redirect Chain

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

46 B
288 B

99ms
33ms

Script
text/javascript

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:42:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 238747
expires: 60

Redirect headers

location: https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control: no-cache
content-length: 0

GET
H2 200 json Show response
trc.taboola.com/skimlinks-publishers/trc/3/ 2 KB
2 KB 151ms
144ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/skimlinks-publishers/trc/3/json?tim=05%3A42%3A20.843&lti=deflated&data=%7B%22id%22%3A509%2C%22ii%22%3A%22%2Fbevbfc%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1697535099065%2C%22vi%22%3A1697686940840%2C%22cv%22%3A%2220231017-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fsqworl.com%2Fbevbfc%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fsqworl.com%2Fbevbfc%22%2C%22vpi%22%3A%22%2Fbevbfc%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1210%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Aabp%3D0%22%2C%22uip%22%3A%22SkimlinksPublisher%22%2C%22orig_uip%22%3A%22SkimlinksPublisher%22%2C%22cd%22%3A891%2C%22mw%22%3A1600%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fbevbfc%2CSkimlinksPublisher%3Drbox-tracking%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f36d1e205ec3767ffcb0e2ef815778250e898a9f0003afe1f929e95f7ed38bd

Request headers

Referer: http://sqworl.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 119
date: Thu, 19 Oct 2023 03:42:20 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.361875
x-fastly-to-nlb-rtt: 100126
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230083-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1697686941.862805,VS0,VE119
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: http://sqworl.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK button.13c48d2966337fafa1c1eb5533fdf29d.js Show response
platform.twitter.com/js/ 8 KB
3 KB 31ms
31ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.13c48d2966337fafa1c1eb5533fdf29d.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBB) /
Resource Hash: fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:42:21 GMT
Content-Encoding: gzip
Age: 803387
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2617
Last-Modified: Mon, 09 Oct 2023 20:29:15 GMT
Server: ECS (amb/6BBB)
Etag: "def6f3052007521ae22a38b870dfd318+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 distance-from-article.20231017-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
2 KB 26ms
25ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20231017-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14b27f6996322cc01899e1645fe0d308e474faab17f1936e1340753110d40eb9

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HNqQl6Zuv7lCT0hXV3yumHvyXvHIUSii
content-encoding: gzip
via: 1.1 varnish
date: Thu, 19 Oct 2023 03:42:21 GMT
x-amz-request-id: WF91Z9YDR0G70JRA
age: 27399
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: V5rfidB3ZqTSejZy0LIeMiwDvWfc70nEKUAS1C5pUKSMOZ2SYecIYOLchIAb9Q4Cyf180epd4Sk=
x-served-by: cache-fra-eddf8230083-FRA
last-modified: Wed, 18 Oct 2023 20:05:42 GMT
server: AmazonS3
x-timer: S1697686941.015314,VS0,VE0
etag: "ad4975a2ba820377c220f5aaf40ac255"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 85
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 22044

GET
H2 200 article-detection.20231017-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 26ms
26ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20231017-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c96c896d339ecd2412561b1cc04a750ddbb798fe446c7d9c7fa1f44cbec81ee

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: WvZAuUr3viJvp3654iSj1hnkQMrSv5VU
content-encoding: gzip
via: 1.1 varnish
date: Thu, 19 Oct 2023 03:42:21 GMT
x-amz-request-id: RC199KMWKZWFEAT3
age: 27406
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: cA4D3UBwdDbTsKlxvWcwaZTmGdXNOygi5ICaVipVC2uE8oldZ+xACajBJeXcrMOIOgg84PDFVQs=
x-served-by: cache-fra-eddf8230083-FRA
last-modified: Wed, 18 Oct 2023 20:05:36 GMT
server: AmazonS3
x-timer: S1697686941.015343,VS0,VE0
etag: "3ab8def42c462057a94a7aa8f711817c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 22042

GET
H2 204 debug
ch-trc-events.taboola.com/skimlinks-publishers/log/2/ 0
91 B 413ms
123ms Image
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch-trc-events.taboola.com/skimlinks-publishers/log/2/debug?tim=05%3A42%3A21.001&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20rbox-tracking&llvl=2&id=2299&cv=20231017-7-RELEASE&lt=deflated&pct=1
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:42:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 121375

GET
H/1.1 200
OK tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html Show response
platform.twitter.com/widgets/ Frame 137E 34 KB
13 KB 31ms
31ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBB) /
Resource Hash: 856377fde78e4bdc57703db6457f6e243db704c135a4829e1951185173cec9b7

Request headers

Referer: http://sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 803386
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12585
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Oct 2023 03:42:21 GMT
Etag: "8c8e58156094069be7351386d79afb40+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BBB)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
123 B 141ms
141ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fsqworl.com%2Fbevbfc%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1697686941026%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7ccc290232554449622221b9ba588b2ceb3a476d

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 19 Oct 2023 03:42:20 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 19 Oct 2023 03:42:21 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: c905297688efb2ff
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 9dd85a2ea271323824682bb90ee307f41f8112841a97c8beaf970d17991ee1a2
content-length: 43

GET
DATA 200
OK truncated
/ Frame 137E 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 158 KB
54 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/reactive_library_fy2021.js?bust=31078859

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_fy2021.js?bust=31078859

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

391ed7fdd4c750339b71eac3793090c83107cc82910946be5170cada2292d4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55124
x-xss-protection: 0
server: cafe
etag: 16658825255873112617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 03:42:21 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 57ED 10 KB
4 KB 24ms
22ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_fy2021.js?bust=31078859

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 62132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 10:26:49 GMT
etag: 2603938475786422795
expires: Wed, 01 Nov 2023 10:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 1630 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_fy2021.js?bust=31078859

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 62132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 10:26:49 GMT
etag: 2603938475786422795
expires: Wed, 01 Nov 2023 10:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame 72DC 129 KB
46 KB 135ms
28ms Script
application/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cfde64613d46e92ade43d94fa50b1e00a694e8a460a2d2fd783a1b1dceab2f28

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:42:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 15:31:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"651ed6df-204b6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 46953
Expires: Fri, 20 Oct 2023 03:42:23 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 72DC
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=59527cdf-74c0-48ad-9e42-0fdf32926a40&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=53fd154c-a4d1-40b6...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=bbd7043ecd1f4e1fa2bb38dac18d32bf&SNR=1&GV=2&med=10

0
240 B

50ms
50ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=bbd7043ecd1f4e1fa2bb38dac18d32bf&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FA05DF5C323543ACAFEA6A160A6DC6C8 Ref B: ZRHEDGE0713 Ref C: 2023-10-19T03:42:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 19 Oct 2023 03:42:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2A0C2377F22E4EE2BCCA6A2C633203E7 Ref B: ZRHEDGE0713 Ref C: 2023-10-19T03:42:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=bbd7043ecd1f4e1fa2bb38dac18d32bf&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 154
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 72DC 89 KB
29 KB 104ms
18ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 19 Oct 2023 03:42:21 GMT
content-encoding: br
last-modified: Tue, 10 Oct 2023 17:29:05 GMT
x-azure-ref-originshield: 0YPYvZQAAAABfS6Llh6osSYxHnbatAxs/RlJBMjMxMDUwNDE4MDQ5ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: PotOPf+YQ2Xxf+TSXc0mXw==
etag: 0x8DBC9B6675A26FC
x-azure-ref: 0naUwZQAAAAC6klrTrdwETr3OkcmCEeTZWlJIRURHRTA2MTEAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6538c172-a01e-0005-1776-01edb4000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 72DC 80 KB
27 KB 123ms
30ms Script
application/x-javascript 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:42:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Fri, 18 Oct 2024 03:42:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 72DC 3 KB
1 KB 81ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 72DC 20 KB
8 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72DC 187 KB
59 KB 88ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 03:42:21 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 336E 89 KB
29 KB 223ms
158ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 19 Oct 2023 03:42:21 GMT
content-encoding: br
last-modified: Tue, 10 Oct 2023 17:29:05 GMT
x-azure-ref-originshield: 0YPYvZQAAAABfS6Llh6osSYxHnbatAxs/RlJBMjMxMDUwNDE4MDQ5ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: PotOPf+YQ2Xxf+TSXc0mXw==
etag: 0x8DBC9B6675A26FC
x-azure-ref: 0naUwZQAAAABiaSKlvus3Saymy+xFZUXiWlJIRURHRTA2MTEAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6538c172-a01e-0005-1776-01edb4000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 336E 80 KB
27 KB 103ms
31ms Script
application/x-javascript 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 03:42:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Fri, 18 Oct 2024 03:42:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 336E 3 KB
1 KB 61ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 336E 20 KB
9 KB 54ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 336E 187 KB
59 KB 101ms
65ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 03:42:21 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 336E
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d5b32a9-6f36-4c58-82a7-9dffa6fb482b&bidId=1&bidderId=4&cmExpId=V5&oAdUnit=391466&publisherId=162645330&rId=811050e9-5be1-415d-a9c3...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(4-0)?&RG=9dd902ce5f624733a8619488d63febb5&SNR=1&GV=2&med=10

0
183 B

50ms
49ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(4-0)?&RG=9dd902ce5f624733a8619488d63febb5&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7259BF00C5DE4BD080FC42DCF81460D0 Ref B: ZRHEDGE0713 Ref C: 2023-10-19T03:42:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 19 Oct 2023 03:42:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9BD8F3F18DE6454E9304C5A6703DAADF Ref B: ZRHEDGE0713 Ref C: 2023-10-19T03:42:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(4-0)?&RG=9dd902ce5f624733a8619488d63febb5&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 155
expires: 0

GET
H2 200 /
log.pinterest.com/ 0
338 B 125ms
55ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=H85hMeHi9aFh&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fsqworl.com%2Fbevbfc
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 19 Oct 2023 03:42:21 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 7180436448416241
content-length: 0
x-served-by: cache-fra-eddf8230125-FRA
pragma: no-cache
server: envoy
x-timer: S1697686942.774159,VS0,VE31
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 152ms
111ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 19 Oct 2023 03:42:21 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ Frame 72DC 0
104 B 111ms
111ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Oct 2023 03:42:21 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 th
www.bing.com/ Frame 72DC 13 KB
14 KB 19ms
19ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7284289540947_1WKTCORI5VIRK5BZCO&pid=21.2&c=3&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7c1058789e36a197801e4fb6efcbe840449c833c8a4c9032e32fb95400604783

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:42:21 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 21220D2E11DE424694283F16544F3D90 Ref B: ZRHEDGE0713 Ref C: 2023-10-19T03:42:21Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 13474

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 72DC 0
535 B 117ms
33ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fsqworl.com%2Fbevbfc&e=wqT_3QL7A-j7AQAAAwDWAAUBCJzLwqkGEMmGztG-mvKmYBgAKjYJRL2gMHaOkT8RlrdouaAHkT8ZAAAAgOtR2D8hlg0SACkRJNAxAAAAoJmZqT8wm_C_Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4wfYFgAEBigEDVVNEkgUG8EmYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc3F3b3JsLmNvbdgC8AbgAqKoMeoCGGh0dHA6Ly9zcXdvcgUd8F4vYmV2YmZjgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEugHPWIgFAZgFAKAFk-37zMDLooEiwAUAyQUABQEU8D_SBQkJBQtAAAAA2AUB4AUB8AWR2Ub6BQQBXCiQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAQGLYOAGAfIGAggAgAcBiAcAoAcByAfB9gXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB8aDDYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=926839dd3c57ccc82a51068cd04cf48f81ce036a&bdref=http%3A%2F%2Fsqworl.com%2F&bdtop=true&bdifs=2&bstk=http%3A%2F%2Fsqworl.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-7139769428607423%26fa%3D3%26ifi%3D3%26uci%3Da!3%26xpc%3DNQAMIrvI7j%26p%3Dhttp%253A%2F%2Fsqworl.com,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:21 GMT
an-x-request-uuid: 51a23143-382e-4fc7-b82a-76dd23df4a8a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.134; 195.206.105.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame 336E 7 KB
8 KB 66ms
66ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559325638419_1VW01OSSGQVIQPI6YP&pid=21.2&c=16&roil=0.2378&roit=0&roir=0.7614&roib=1&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 92fb9b590919024ec4791c7a9a106e345b445ed128de7d7122bd4ccaf01d4690

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:42:21 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 38B789884A8B45988832C8CD6F9F762C Ref B: ZRHEDGE0713 Ref C: 2023-10-19T03:42:21Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_MISS
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 7573

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 336E 0
534 B 112ms
35ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fsqworl.com%2Fbevbfc&e=wqT_3QL7A-j7AQAAAwDWAAUBCJzLwqkGEKy8w4ywgoqhShgAKjYJAAAAANBynD8RAAAAAFSYmz8ZAAAAgOtR2D8hAA0SACkRJNAxAAAAoJmZqT8wm_C_Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4tPYFgAEBigEDVVNEkgUG8EmYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc3F3b3JsLmNvbdgC8AbgAqKoMeoCGGh0dHA6Ly9zcXdvcgUd8F4vYmV2YmZjgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEugHPVIgFAZgFAKAF3seIr_a9pu1SwAUAyQUhChgAAPA_0gUJJToBATTYBQHgBQHwBcKGHPoFBAFcKJAGAJgGALgGAMEGASEBMSTQBsKNBNoGFgoQCRIZAQGLYOAGAfIGAggAgAcBiAcAoAcByAe09gXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB8aDDYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=428ff4bb5ec1eb0466eb2cdefb699510f6fbc676&bdref=http%3A%2F%2Fsqworl.com%2F&bdtop=true&bdifs=2&bstk=http%3A%2F%2Fsqworl.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7139769428607423%26fa%3D4%26ifi%3D4%26uci%3Da!4%26xpc%3DA8Y0szQk6S%26p%3Dhttp%253A%2F%2Fsqworl.com,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:21 GMT
an-x-request-uuid: 61e203ad-6571-4140-be5c-3cd669654586
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.134; 195.206.105.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 72DC 0
559 B 34ms
33ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fsqworl.com%2Fbevbfc&e=wqT_3QKpB-ipAwAAAwDWAAUBCJzLwqkGEMmGztG-mvKmYBgAKjYJRL2gMHaOkT8RlrdouaAHkT8ZAAAAgOtR2D8hlg0SACkRJNAxAAAAoJmZqT8wm_C_Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4wfYFgAEBigEDVVNEkgUG8EmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc3F3b3JsLmNvbdgC8AbgAqKoMeoCGGh0dHA6Ly9zcXdvcgUd8N4vYmV2YmZjgAMAiAMBkAMAmAMJoAMBqgOqAwrAAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTUzZmQxNTRjLWE0ZDEtNDBiNi04OTY5LTNlOTYxZDU3N2RiMCZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NTNmZDE1NGMtYTRkMS00VnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzMzODAxMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8ENfdmNxcml2cHImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM2OTM5NDIzNDEzMzQwNzAxNTEzIgkzODE4NDY3MTQqBCFd8N46OFUyVmhjbU5vUVdRak56RTRNVEl3T1RBek1EUXhNVEFqTWpNeU16WXhNVFkyTnpFeU5EZ3pOUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZPt-8zAy6KBIsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZHZRvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAABUQVAQGLYOAGAfIGAggAgAcBiAcAoAcByAfB9gXSBw0VZQEmDNoHBggFCajgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=a6dd3bbcaa53f82a215261a143672c095be022db&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=7136621241961595231&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7338011&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:22 GMT
an-x-request-uuid: f6f2f5f8-4fcf-43fb-af77-cb56438148ea
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.134; 195.206.105.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/skimlinks-publishers/log/3/ 0
327 B 129ms
129ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/skimlinks-publishers/log/3/bulk?tvi48=11616&tvi50=13571&route=AM%3ACH%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://sqworl.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 104
date: Thu, 19 Oct 2023 03:42:22 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 99905
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230083-FRA
pragma: no-cache
server: nginx
x-timer: S1697686942.209540,VS0,VE104
content-type: image/gif
access-control-allow-origin: http://sqworl.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
DATA 200
OK truncated
/ Frame 72DC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d441a018afcac4d52e439ae9319f47741db1d5f69802f4aaaabd3b408289f9db

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 336E 0
558 B 38ms
38ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fsqworl.com%2Fbevbfc&e=wqT_3QKxB-ixAwAAAwDWAAUBCJzLwqkGEKy8w4ywgoqhShgAKjYJAAAAANBynD8RAAAAAFSYmz8ZAAAAgOtR2D8hAA0SACkRJNAxAAAAoJmZqT8wm_C_Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4tPYFgAEBigEDVVNEkgUG8EmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc3F3b3JsLmNvbdgC8AbgAqKoMeoCGGh0dHA6Ly9zcXdvcgUd8OUvYmV2YmZjgAMAiAMBkAMAmAMJoAMBqgOyAwrMAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTgxMTA1MGU5LTViZTEtNDE1ZC1hOWMzLTVjZWQ5ZmI3YjQyZSZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1WNSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTgxMTA1MGU5LTViZTEtNDE1ZC1hOWMzLTVjZRlsuHJ0eXBlPW51cmwmdGFnSWQ9NzMzODAxMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkAgF9mcF9hYl9jZXZwciZhaWQ9JHtBVUNUSU9OX0lEfSZ3cB0RuFBSSUNFfRIFMTIwODUaEzUzNTA4ODMzNjkzNjUzMzE1MDAiCTM4MTg0NjcxNCoEIWmAOjRVMlZoY21Ob1FXUWpOekkxTmpjNE5ERXdOakEzT0RVDRTwUmd3TkRjNU9EVTNNRFE9wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERYJUiAUBmAUAoAXex4iv9r2m7VLABQDJBUG9GAAA8D_SBQlF7QEBcNgFAeAFAfAFwoYc-gUECAAQAJAGAJgGALgGAMEGASEBMSTQBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB7T2BdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=1f5d706daf4d931ae82b3d5f16a14570eadd4d35&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=7136621241961595231&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7338011&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:22 GMT
an-x-request-uuid: cf0d77af-28dc-4349-81aa-a10549b6354b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.134; 195.206.105.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 72DC 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=58&version=r20231004&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 72DC 0
23 B 68ms
67ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CunG3nKUwZbTzLrWOjuwP8J-hyArS4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqAMByAMCqgTlAU_QO0dkHjUEzmaZ8SDBmWmXqrHj9ZCCR3PSSSxw5QB7Dxm9h3wKc3UFAbLBX0jS5dM8H3Rt2p05Gwv65WWFeZ-76VZu7ZWMmaEc1Zae2wuPX0qesU4typzon5hYBSizdkO61O5Fk1IM_cWz6r8tNo_GQTvwkdXmFKdkW_1gxg1NQGvUgmbrQdEGG9nEejQgBUFh1AnMVwC3q6xPYIJj1nYQ-vSkDb_lf9jnEgDXdc9_YoqU93C88JRIHxF1Sy2zYJmaMLC-Xk1UfLLKN-upGKy4z6RkuF8DolkhDNLHoLEmk22myO6ABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTcxMzk3Njk0Mjg2MDc0MjMYAA&sigh=DYh2ftay6u8&uach_m=[UACH]&cid=CAQSSwDICaaN3v2HL2Z2LCZ4n289BRpxhz50gfgwBd1llzlADqYZv2zJ9xN3_NfLLnsF37M-0uFYuGJAH359WnU2Fud_2Q-LYSkkNrggBxgB&cbvp=2&vis=1

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Oct 2023 03:42:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Oct 2023 03:42:22 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 72DC 0
534 B 34ms
33ms Image
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fsqworl.com%2Fbevbfc&e=wqT_3QKpB-ipAwAAAwDWAAUBCJzLwqkGEMmGztG-mvKmYBgAKjYJRL2gMHaOkT8RlrdouaAHkT8ZAAAAgOtR2D8hlg0SACkRJNAxAAAAoJmZqT8wm_C_Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4wfYFgAEBigEDVVNEkgUG8EmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc3F3b3JsLmNvbdgC8AbgAqKoMeoCGGh0dHA6Ly9zcXdvcgUd8N4vYmV2YmZjgAMAiAMBkAMAmAMJoAMBqgOqAwrAAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTUzZmQxNTRjLWE0ZDEtNDBiNi04OTY5LTNlOTYxZDU3N2RiMCZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NTNmZDE1NGMtYTRkMS00VnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzMzODAxMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8ENfdmNxcml2cHImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM2OTM5NDIzNDEzMzQwNzAxNTEzIgkzODE4NDY3MTQqBCFd8N46OFUyVmhjbU5vUVdRak56RTRNVEl3T1RBek1EUXhNVEFqTWpNeU16WXhNVFkyTnpFeU5EZ3pOUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZPt-8zAy6KBIsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZHZRvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAABUQVAQGLYOAGAfIGAggAgAcBiAcAoAcByAfB9gXSBw0VZQEmDNoHBggFCajgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=a6dd3bbcaa53f82a215261a143672c095be022db&pp=ZTClnAALubQHg4c1AAhP8KeKKguMUCBHVUbDPA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0125nKUwZbTzLrWOjuwP8J-hyArS4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqAMByAMCqgToAU_QO0dkHjUEzmaZ8SDBmWmXqrHj9ZCCR3PSSSxw5QB7Dxm9h3wKc3UFAbLBX0jS5dM8H3Rt2p05Gwv65WWFeZ-76VZu7ZWMmaEc1Zae2wuPX0qesU4typzon5hYBSizdkO61O5Fk1IM_cWz6r8tNo_GQTvwkdXmFKdkW_1gxg1NQGvUgmbrQdEGG9nEejQgBUFh1AnMVwC3q6xPYIJj1nYQ-vSkDb_lf9jnEgDXdc9_YoqU93C88JRIHxF1Sy2zIpu7onIapCDAhsZ_qbItrqibxSBtlkfaAN94iG5Hip0-U-xEpXpSAlSABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2LgRVq-8NhGCx8bogi_O97zE-0Qg%26client%3Dca-pub-7139769428607423%26adurl%3D&cbvp=2

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:22 GMT
an-x-request-uuid: cc064a4c-354f-4566-84c7-c7aa40240e28
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.134; 195.206.105.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 336E 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb69e419979168de31fa0115525057ebc38105d2acfe9b109ff1982bc6ba47dd

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 336E 0
23 B 67ms
65ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaPPAnKUwZbXzLrWOjuwP8J-hyArS4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqAMByAMCqgTlAU_QxRSOLQGJeuE5djM8LBjQ0YDpKdPCjmytF6NckkNtj6dMliO9iIcfT-S4AVfrYg7UgzmMa22Crnf_mADCG9OF5rWqSGGzOjbBdwYBpwjO38QjDzRKkbVaAjlIgcxTSnkykRVwljNeExoXLbNwjC1Q0i8sX725hi2HbUrS0avtMEIACyFGkCECmRgg7Yh4VEq_qTS2-MkWYH7pRs7Ix5Ix5-dohKkP-E9YkG5tKjAkfYUpyl7_7KRhB7au2CSIAQEk_gZbj3C0kGgBLp0BREZLPX71zAgTyaEfTsqqJgQ4hCx5jJiABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTcxMzk3Njk0Mjg2MDc0MjMYAA&sigh=nIJ_htqYmno&uach_m=[UACH]&cid=CAQSSwDICaaN3v2HL2Z2LCZ4n289BRpxhz50gfgwBd1llzlADqYZv2zJ9xN3_NfLLnsF37M-0uFYuGJAH359WnU2Fud_2Q-LYSkkNrggBxgB&cbvp=2&vis=1

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Oct 2023 03:42:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Oct 2023 03:42:22 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 336E 0
534 B 35ms
34ms Image
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fsqworl.com%2Fbevbfc&e=wqT_3QKxB-ixAwAAAwDWAAUBCJzLwqkGEKy8w4ywgoqhShgAKjYJAAAAANBynD8RAAAAAFSYmz8ZAAAAgOtR2D8hAA0SACkRJNAxAAAAoJmZqT8wm_C_Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4tPYFgAEBigEDVVNEkgUG8EmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc3F3b3JsLmNvbdgC8AbgAqKoMeoCGGh0dHA6Ly9zcXdvcgUd8OUvYmV2YmZjgAMAiAMBkAMAmAMJoAMBqgOyAwrMAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTgxMTA1MGU5LTViZTEtNDE1ZC1hOWMzLTVjZWQ5ZmI3YjQyZSZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1WNSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTgxMTA1MGU5LTViZTEtNDE1ZC1hOWMzLTVjZRlsuHJ0eXBlPW51cmwmdGFnSWQ9NzMzODAxMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkAgF9mcF9hYl9jZXZwciZhaWQ9JHtBVUNUSU9OX0lEfSZ3cB0RuFBSSUNFfRIFMTIwODUaEzUzNTA4ODMzNjkzNjUzMzE1MDAiCTM4MTg0NjcxNCoEIWmAOjRVMlZoY21Ob1FXUWpOekkxTmpjNE5ERXdOakEzT0RVDRTwUmd3TkRjNU9EVTNNRFE9wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERYJUiAUBmAUAoAXex4iv9r2m7VLABQDJBUG9GAAA8D_SBQlF7QEBcNgFAeAFAfAFwoYc-gUECAAQAJAGAJgGALgGAMEGASEBMSTQBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB7T2BdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=1f5d706daf4d931ae82b3d5f16a14570eadd4d35&pp=ZTClnAALubUHg4c1AAhP8IviErA1i02XjBDKdg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGw82nKUwZbXzLrWOjuwP8J-hyArS4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqAMByAMCqgToAU_QxRSOLQGJeuE5djM8LBjQ0YDpKdPCjmytF6NckkNtj6dMliO9iIcfT-S4AVfrYg7UgzmMa22Crnf_mADCG9OF5rWqSGGzOjbBdwYBpwjO38QjDzRKkbVaAjlIgcxTSnkykRVwljNeExoXLbNwjC1Q0i8sX725hi2HbUrS0avtMEIACyFGkCECmRgg7Yh4VEq_qTS2-MkWYH7pRs7Ix5Ix5-dohKkP-E9YkG5tKjAkfYUpyl7_7KRhB7au2CSIQwMFbMT_dR0gahy0sMSF8kJoN_r84hDKaydGynYqDCggRK2b4Qz2kMGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3xBsisn-H5-BgNa-97kq3hY8JjSQ%26client%3Dca-pub-7139769428607423%26adurl%3D&cbvp=2

Requested by

Host: sqworl.com
URL: http://sqworl.com/bevbfc

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:22 GMT
an-x-request-uuid: a2b187de-e0d6-4006-8698-7b9b55fb3968
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.134; 195.206.105.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 72DC 0
558 B 34ms
34ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fsqworl.com%2Fbevbfc&e=wqT_3QKpB-ipAwAAAwDWAAUBCJzLwqkGEMmGztG-mvKmYBgAKjYJRL2gMHaOkT8RlrdouaAHkT8ZAAAAgOtR2D8hlg0SACkRJNAxAAAAoJmZqT8wm_C_Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4wfYFgAEBigEDVVNEkgUG8EmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc3F3b3JsLmNvbdgC8AbgAqKoMeoCGGh0dHA6Ly9zcXdvcgUd8N4vYmV2YmZjgAMAiAMBkAMAmAMJoAMBqgOqAwrAAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTUzZmQxNTRjLWE0ZDEtNDBiNi04OTY5LTNlOTYxZDU3N2RiMCZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NTNmZDE1NGMtYTRkMS00VnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzMzODAxMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8ENfdmNxcml2cHImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM2OTM5NDIzNDEzMzQwNzAxNTEzIgkzODE4NDY3MTQqBCFd8N46OFUyVmhjbU5vUVdRak56RTRNVEl3T1RBek1EUXhNVEFqTWpNeU16WXhNVFkyTnpFeU5EZ3pOUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZPt-8zAy6KBIsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZHZRvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAABUQVAQGLYOAGAfIGAggAgAcBiAcAoAcByAfB9gXSBw0VZQEmDNoHBggFCajgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=a6dd3bbcaa53f82a215261a143672c095be022db&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=7136621241961595231&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7338011&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:23 GMT
an-x-request-uuid: b9f4dd3f-278c-47e9-a56f-a2f5b9f2c48d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.134; 195.206.105.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 72DC
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=59527cdf-74c0-48ad-9e42-0fdf32926a40&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=53fd154c-a4d1-40b6...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=bbd7043ecd1f4e1fa2bb38dac18d32bf&tids=15000&med=10

0
243 B

50ms
50ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=bbd7043ecd1f4e1fa2bb38dac18d32bf&tids=15000&med=10
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 29C6C45AD80F40B2923CB89EC16BC88E Ref B: ZRHEDGE0713 Ref C: 2023-10-19T03:42:23Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 19 Oct 2023 03:42:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CA0F0FB1735248228D23C97BB651BA3D Ref B: ZRHEDGE0713 Ref C: 2023-10-19T03:42:23Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=bbd7043ecd1f4e1fa2bb38dac18d32bf&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 146
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 72DC 42 B
64 B 105ms
60ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrZf-49UY2PcIxomPJzYxk5ultNdmEOsVjSWr8wLMLWncw4M6SZjSKjyGiRYrvasZlpKBLoXZIRpVswoJ6J_YlmZlAlRZ_jLRhdNIWxG6_HJaL5MD7ww&sig=Cg0ArKJSzIZsBlL9yi8NEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1697686941545&rpt=617&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 336E
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d5b32a9-6f36-4c58-82a7-9dffa6fb482b&bidId=1&bidderId=4&cmExpId=V5&oAdUnit=391466&publisherId=162645330&rId=811050e9-5be1-415d-a9c3...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9dd902ce5f624733a8619488d63febb5&tids=1&med=10

0
183 B

146ms
146ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9dd902ce5f624733a8619488d63febb5&tids=1&med=10
Requested by: Host: sqworl.com
URL: http://sqworl.com/bevbfc
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 10E1D27A521043F48E57330E5CBDF449 Ref B: ZRHEDGE0713 Ref C: 2023-10-19T03:42:23Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 19 Oct 2023 03:42:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BDC952AC16044786A8859603DF39C912 Ref B: ZRHEDGE0713 Ref C: 2023-10-19T03:42:23Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9dd902ce5f624733a8619488d63febb5&tids=1&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 142
expires: 0

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 336E 0
557 B 33ms
33ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fsqworl.com%2Fbevbfc&e=wqT_3QKxB-ixAwAAAwDWAAUBCJzLwqkGEKy8w4ywgoqhShgAKjYJAAAAANBynD8RAAAAAFSYmz8ZAAAAgOtR2D8hAA0SACkRJNAxAAAAoJmZqT8wm_C_Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4tPYFgAEBigEDVVNEkgUG8EmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc3F3b3JsLmNvbdgC8AbgAqKoMeoCGGh0dHA6Ly9zcXdvcgUd8OUvYmV2YmZjgAMAiAMBkAMAmAMJoAMBqgOyAwrMAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTgxMTA1MGU5LTViZTEtNDE1ZC1hOWMzLTVjZWQ5ZmI3YjQyZSZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1WNSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTgxMTA1MGU5LTViZTEtNDE1ZC1hOWMzLTVjZRlsuHJ0eXBlPW51cmwmdGFnSWQ9NzMzODAxMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkAgF9mcF9hYl9jZXZwciZhaWQ9JHtBVUNUSU9OX0lEfSZ3cB0RuFBSSUNFfRIFMTIwODUaEzUzNTA4ODMzNjkzNjUzMzE1MDAiCTM4MTg0NjcxNCoEIWmAOjRVMlZoY21Ob1FXUWpOekkxTmpjNE5ERXdOakEzT0RVDRTwUmd3TkRjNU9EVTNNRFE9wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERYJUiAUBmAUAoAXex4iv9r2m7VLABQDJBUG9GAAA8D_SBQlF7QEBcNgFAeAFAfAFwoYc-gUECAAQAJAGAJgGALgGAMEGASEBMSTQBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB7T2BdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=1f5d706daf4d931ae82b3d5f16a14570eadd4d35&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=7136621241961595231&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7338011&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:23 GMT
an-x-request-uuid: 08efa820-8e5a-4e05-a3b2-7cab06cc6e34
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.134; 195.206.105.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 336E 42 B
64 B 77ms
61ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsqxsyZmpcha0utsI7af86MrmYfM508bxAsiZgMZXG-f2ECZge2kWTiulARDqN1zbLlycyj5EBygcZM_DEpLA33Z2kwZVGSCbr2DNSauHX77J78aQYaA&sig=Cg0ArKJSzA-dSjJ3qvVGEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1697686941572&rpt=650&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 03:42:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: image.thum.io
URL: https://image.thum.io/get/auth/57215-sqworl/width/200/crop/900/noanimate/https://cryptovcnews.com/

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sqworl.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: u7s92tb1kcuh6kdkoikano8i72
.sqworl.com/	1970-01-21 01:10:46	Name: _ga Value: GA1.2.485379849.1697686941
.sqworl.com/	1970-01-20 15:36:13	Name: _gid Value: GA1.2.951810988.1697686941
.sqworl.com/	1970-01-20 15:34:47	Name: _gat Value: 1
.sqworl.com/	1970-01-21 01:10:46	Name: _ga_HVD4KN0Q8F Value: GS1.2.1697686940.1.0.1697686940.60.0.0
.sqworl.com/	1970-01-21 00:56:22	Name: __gads Value: ID=fa05ed06b94962c2:T=1697686940:RT=1697686940:S=ALNI_MZv5jqRcdXVmfXdBf8NcPwZo_wXFA
.sqworl.com/	1970-01-21 00:56:22	Name: __gpi Value: UID=00000c9c66ef710c:T=1697686940:RT=1697686940:S=ALNI_MalKpXnFwZlqmuo1CHRK0oDF5BIng
sqworl.com/	1970-01-21 00:20:22	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dfe1bc341-6485-496a-b2c5-610b6b5b618a-tuctc2a2b1c
.bing.com/	1970-01-21 00:56:22	Name: MUID Value: 3146407A5C106EC301C353D55DE16FFB
.doubleclick.net/	1970-01-21 01:10:46	Name: IDE Value: AHWqTUmIL0UnUc39HcwMvSUdvytOfczISxMHVR_Mph90R1mPjy01ltGVXEod6FC9Wyc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs-simple.com
adsdk.microsoft.com
ajax.googleapis.com
ams3-ib.adnxs.com
assets.pinterest.com
cdn.adnxs.com
cdn.iubenda.com
cdn.taboola.com
ch-trc-events.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.clean.gg
image.thum.io
log.pinterest.com
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
r.skimresources.com
region1.analytics.google.com
s.skimresources.com
sqworl.com
stats.g.doubleclick.net
syndication.twitter.com
t.skimresources.com
tpc.googlesyndication.com
trc.taboola.com
www.bing.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.iubenda.com
image.thum.io
104.236.103.127
104.244.42.72
141.226.124.48
151.101.129.44
151.101.192.84
151.101.65.44
151.139.128.10
184.30.16.183
185.89.210.153
2001:4860:4802:34::36
23.32.184.180
2400:52e0:1e00::1080:1
2400:52e0:1e00::1081:1
2606:2800:234:46c:e8b:1e2f:2bd:694
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:803::2004
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0d::9a
2a02:2638:3::c
2a02:26f0:f700:3ae::1931
2a03:2880:f083:9:face:b00c:0:3
34.95.69.49
35.190.59.101
35.190.91.160
35.201.67.47
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
06ec94c6f183b0450ee88b453cc5dcf08708d666c87a76c6d48dda51b0d6886a
06f1bd029bb57ef9b4aace3a36a730983913dee2d416b55cae48dc435e20c765
0889308c17c381d319d123a50a0aaafa256f57c667e1309510a90311edf404eb
0c4a1f78c32fa975cccbc35ac2fc2cf186506b408f3256f039d820e456597de0
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
13f69fb9d246edd6b451b2b31124dcf540a2612bb5b5ddf0be757e812cb03525
14b27f6996322cc01899e1645fe0d308e474faab17f1936e1340753110d40eb9
15c390fc54814643250ccf0ab0530dcf3c0b86e6293b46c3e55fa861c4bd394e
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
22da01693f4a80c11dbf4f02d3ecc9a0f0cf9a000f7d72ff0b40e475f4fa0eec
24a2ae774bca5bcc1b9be63b0f8705ca63633addafce79d36b91e555de9428a4
296021c91b01be4129994cf73621317625b7a80eaf234241408fa85cb5c54902
2c22d79d6e02d0f287c726a6c8362cb80515cf0d41b91debc60af4af8f5b6071
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
309fb13dece4da6dea4f975a8c6001b1f51a80a89627e06c19e48b4570954a92
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3883953ece04ad3f10b29882c2d75b7dfed7c4fc3a2505063b78cb6549038645
391ed7fdd4c750339b71eac3793090c83107cc82910946be5170cada2292d4f7
3a585399acea802506b248a0f83926def3bc57198d35a8e48dadd149c556f2b1
3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4549e861ca98ad23d42db01df6d4b561916a0b26fdc46d5aecfb4436657945f0
46e5365ad8d0b582339cfdcdb3c58df70a9b6f042b29545090b5ad192fcfc31f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
67b2a3e28c0d6e105b04a4806b84c02cede9775d5ba3be5bd57fb80772724952
6cfa2c92257a4febe36c0560653119945fbd651fbd10dd53a09c7dce15292f7e
6f38b00d052cf65bb655d6daea0f410f6064032c5d3c845a8002a74700fb63d2
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
73b4424d2202e9f35bc51ef07a84e4f2ca17e5c73fb20a25869eb92ae379e2b3
7c1058789e36a197801e4fb6efcbe840449c833c8a4c9032e32fb95400604783
835eb4412d4bf9d14ac553674c485f69d35a333445fbcf2f51e5532385bc1b39
856377fde78e4bdc57703db6457f6e243db704c135a4829e1951185173cec9b7
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
8f36d1e205ec3767ffcb0e2ef815778250e898a9f0003afe1f929e95f7ed38bd
92fb9b590919024ec4791c7a9a106e345b445ed128de7d7122bd4ccaf01d4690
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
9c96c896d339ecd2412561b1cc04a750ddbb798fe446c7d9c7fa1f44cbec81ee
a53a997b031dbf94ed7fc24aa1f1335fd924b158223c5a1b690e9b25ced61e3c
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
babaaa81145b4526fa24c3e7390463fb37e7ecb5b68a7239c101d12918268333
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
cfde64613d46e92ade43d94fa50b1e00a694e8a460a2d2fd783a1b1dceab2f28
d0486480b2ffef4f8abc0aa6f71ce276f161398779ea235634bd17604db7fdd6
d441a018afcac4d52e439ae9319f47741db1d5f69802f4aaaabd3b408289f9db
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e572c76b59c25a3b8590da803e55ac06d6e86d87069358d8cdfc329f238b57b2
e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f
eb69e419979168de31fa0115525057ebc38105d2acfe9b109ff1982bc6ba47dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca
fc9889b74b27f551f0af6bd389805c92cf371e2a9b881bf2cdc8e801b921187d
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

sqworl.com Open in urlscan Pro 104.236.103.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

93 Requests

67 %HTTPS

61 %IPv6

24 Domains

37 Subdomains

37 IPs

5 Countries

1352 kBTransfer

4250 kBSize

10 Cookies

3 Outgoing links

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sqworl.com Open in urlscan Pro
104.236.103.127 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

67 %
HTTPS

61 %
IPv6

24
Domains

37
Subdomains

37
IPs

5
Countries

1352 kB
Transfer

4250 kB
Size

10
Cookies

93 HTTP transactions
4 data transactions