Submitted URL: http://fivesjs.com/
Effective URL: https://fivesjs.skipser.com/
Submission: On January 14 via api from US — Scanned from DE

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 68 HTTP transactions. The main IP is 167.172.216.90, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is fivesjs.skipser.com.
TLS certificate: Issued by R3 on January 5th 2022. Valid for: 3 months.
This is the only time fivesjs.skipser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
329 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
static.doubleclick.net — Cisco Umbrella Rank: 341
287 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 546
syndication.twitter.com — Cisco Umbrella Rank: 767
148 KB
5 skipser.com
fivesjs.skipser.com
145 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 69
www.google.com — Cisco Umbrella Rank: 8
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 88
14 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 658
137 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151
75 KB
2 gstatic.com
fonts.gstatic.com
53 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
82 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8579
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 745
645 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
350 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
62 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 541
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202
37 KB
1 fivesjs.com
fivesjs.com — Cisco Umbrella Rank: 418163
203 B
68 18
Domain Requested by
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com fivesjs.skipser.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 fivesjs.skipser.com fivesjs.skipser.com
4 platform.twitter.com fivesjs.skipser.com
platform.twitter.com
3 www.google.com 2 redirects tpc.googlesyndication.com
3 static.doubleclick.net googleads.g.doubleclick.net
3 www.facebook.com fivesjs.skipser.com
connect.facebook.net
2 static.xx.fbcdn.net www.facebook.com
2 syndication.twitter.com platform.twitter.com
fivesjs.skipser.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com fivesjs.skipser.com
2 connect.facebook.net fivesjs.skipser.com
connect.facebook.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com fivesjs.skipser.com
1 code.jquery.com fivesjs.skipser.com
1 cdnjs.cloudflare.com fivesjs.skipser.com
1 fivesjs.com 1 redirects
68 22

This site contains no links.

Subject Issuer Validity Valid
fivesjs.skipser.com
R3
2022-01-05 -
2022-04-05
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-10-23 -
2022-01-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.google.de
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-06 -
2023-01-05
a year crt.sh

This page contains 14 frames:

Primary Page: https://fivesjs.skipser.com/
Frame ID: 3D438F310F07D1AF2B9ABD577BD4D1E1
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Frame ID: 393BA2EBF94ACC29F218D2919B66FDB4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&adk=1812271804&adf=3025194257&lmt=1641844749&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549360&bpp=2&bdt=270&idt=120&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8338978810331&frm=20&pv=2&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=139
Frame ID: 60692B123EC022106C6AEF233CC58850
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Frame ID: 89017B8A66CA86570F1828F9A150F187
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Frame ID: 50B7A4C6AC4F5AAFD4B010E7D2F0FF0E
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Ffivesjs.skipser.com
Frame ID: EB96782ACFEC05584643E754468B5590
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/share_button.php?app_id=644661793233564&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb533d7d4f4c2%26domain%3Dfivesjs.skipser.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffivesjs.skipser.com%252Ff252d7ecf675708%26relation%3Dparent.parent&container_width=672&href=https%3A%2F%2Ffivesjs.skipser.com%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: C240906B97F9ABAC3B99077A586843F8
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E37C6EB3FF9D7612321D5C276ACEBFF1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 396EBFDEA0C09371CBA91D3ABB04E361
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.e37c957bd3ae00473b95800b99e19cff.en.html
Frame ID: EBB609F10EA84FECCA4B7494A604ECAB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: 9C264581FB53E63C4B8B7037998F5A86
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: 6158BF997E33718F6727ACFCB0478C27
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F21B4EB0C7AC9D3DF09FE834133B1716
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CB75D45339192BDB09A97113824E28BC
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Fives JS

Page URL History Show full URLs

  1. http://fivesjs.com/ HTTP 301
    https://fivesjs.skipser.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

100 %
HTTPS

85 %
IPv6

18
Domains

22
Subdomains

21
IPs

4
Countries

1403 kB
Transfer

8734 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fivesjs.com/ HTTP 301
    https://fivesjs.skipser.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 55
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

68 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fivesjs.skipser.com/
Redirect Chain
  • http://fivesjs.com/
  • https://fivesjs.skipser.com/
10 KB
5 KB
Document
General
Full URL
https://fivesjs.skipser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
167.172.216.90 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.21.4 / Express
Resource Hash
3135313860854a56e5a53c9d115c4d9d577af08aa30b5bfd1e9f4fe9896a5aee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.21.4
Date
Fri, 14 Jan 2022 07:49:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Express
Cache-Control
public, max-age=0
Last-Modified
Mon, 10 Jan 2022 19:59:09 GMT
ETag
W/"2861-17e4592b32d"
Content-Encoding
gzip

Redirect headers

Server
nginx/1.21.4
Date
Fri, 14 Jan 2022 07:49:07 GMT
Content-Type
text/html
Content-Length
169
Connection
keep-alive
Location
https://fivesjs.skipser.com/
html2canvas.min.js
cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.4/
192 KB
37 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.4/html2canvas.min.js
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba893425305488e76a3dae637e7d078a8005b9c53d66131cb428f2120cfa0336
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
934719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
37253
timing-allow-origin
*
last-modified
Wed, 29 Dec 2021 19:35:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61ccb892-9185"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyGmYLXH%2Fg7kPjPWGGzFVufc2PJZAwD9QO1l1umGHPYDwPY9sYwupxTl372wTZhOSmAPnqMjm7woxOIsoq9q5dfQInZVH5HDW4u0i2%2FexqeQXKG3C1BmfFBEKXYx%2B40llnQeC%2Btvd8jE%2BmdVFv6Qgs%2Bu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6cd5441c2acd4e97-FRA
expires
Wed, 04 Jan 2023 07:49:09 GMT
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://fivesjs.skipser.com/
Origin
https://fivesjs.skipser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:09 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 17:27:20 GMT
server
nginx
etag
W/"603e7578-15d9d"
vary
Accept-Encoding
x-hw
1642146549.dop131.fr8.t,1642146549.cds260.fr8.hn,1642146549.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
js
www.googletagmanager.com/gtag/
165 KB
62 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BN0GL614BJ
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83cf5e020fa3867d921d3d73a2ab111e9f15286d1df4079b22397749f1548c61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:09 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62537
x-xss-protection
0
expires
Fri, 14 Jan 2022 07:49:09 GMT
d0382347ec689e383c06.js
fivesjs.skipser.com/
135 KB
135 KB
Script
General
Full URL
https://fivesjs.skipser.com/d0382347ec689e383c06.js
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
167.172.216.90 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.21.4 / Express
Resource Hash
771735ecbf00f65d0f6180dbae962bfcd30d6df39c8292429f3f64596a6c8b82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 07:49:09 GMT
Last-Modified
Mon, 10 Jan 2022 19:59:09 GMT
Server
nginx/1.21.4
X-Powered-By
Express
ETag
W/"21b31-17e4592b32d"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
138033
d0382347ec689e383c06.css
fivesjs.skipser.com/
4 KB
4 KB
Stylesheet
General
Full URL
https://fivesjs.skipser.com/d0382347ec689e383c06.css
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
167.172.216.90 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.21.4 / Express
Resource Hash
7f72ebbcb382be0ff7303ca580cada6af40facdcc4f30033952551cbc3b6ae0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 07:49:09 GMT
Last-Modified
Mon, 10 Jan 2022 19:59:09 GMT
Server
nginx/1.21.4
X-Powered-By
Express
ETag
W/"f3a-17e4592b32d"
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3898
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 07:49:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
672
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
29153
x-tw-cdn
VZ
Last-Modified
Tue, 11 Jan 2022 20:08:29 GMT
Server
ECS (frb/6725)
Etag
"b607db789ce85f01d2c97329a89acfde+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
147 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5289321941597511
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba9af5eab3ce353b161b859e256fbdf5ef5b8978acf39bcb7f38ccaef83b649b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fivesjs.skipser.com/
Origin
https://fivesjs.skipser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51992
x-xss-protection
0
server
cafe
etag
870073677462486430
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 14 Jan 2022 07:49:09 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4244f4a63a1b306e776f9dbfdaca5582449fe2433a0315a2549aae9419731f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fivesjs.skipser.com/
Origin
https://fivesjs.skipser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2mjO0OPDJwXkPGIUkZyrHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
UeWE9HNAUYqO3NwbudiZtPyN0t6MnWA9wdYY2JCBSosqMR7ySy0LEdgQb2m7+ACCPjtaR2LToTvppcYxKvTwFQ==
x-fb-trip-id
686109401
x-fb-content-md5
ef2fe04fe5d23d800ba96f72d6a484f8
x-frame-options
DENY
date
Fri, 14 Jan 2022 07:49:09 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"f1c52ea61ba001bb9557ad18156e97f6"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 14 Jan 2022 07:54:17 GMT
truncated
/
566 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ca7c6fba3ad150eb5a978fec7a31c496d31fc77fd01d146602227099ca4e5c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
645 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29d5360d9bf6371345b34c851c425f0f7806c1d48aec3cd553fae1f103772bc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito:300,400,700
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/d0382347ec689e383c06.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b8df37a8152b41a91698e42673ffbdbc4d0b9ded01d96c0f2a7c6d90afe19c3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 05:51:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Jan 2022 07:49:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jan 2022 07:49:09 GMT
css2
fonts.googleapis.com/
1 KB
498 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=VT323&display=swap
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/d0382347ec689e383c06.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e40fe7b1a11974acef2e14a572fd0070d363f0b6fd5d29acfc2a06d6d2f0e7c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 07:49:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Jan 2022 07:49:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jan 2022 07:49:09 GMT
collect
www.google-analytics.com/g/
0
350 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BN0GL614BJ&gtm=2oe1c0&_p=320512616&sr=1600x1200&ul=en-us&cid=900934071.1642146549&_s=1&dl=https%3A%2F%2Ffivesjs.skipser.com%2F&dt=Fives%20JS&sid=1642146549&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BN0GL614BJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fivesjs.skipser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 07:49:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fivesjs.skipser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/
282 KB
101 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5289321941597511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1cb69ec86bd33b94a22e035197e624c229073421bb6084e7a3c7c56d911ca24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103759
x-xss-protection
0
server
cafe
etag
12930138881250371498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 14 Jan 2022 07:49:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame 393B
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5289321941597511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Fri, 14 Jan 2022 02:05:13 GMT
expires
Fri, 28 Jan 2022 02:05:13 GMT
cache-control
public, max-age=1209600
age
20636
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v20/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v20/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f13665e8ba61f667b58de7b04ac6e7bcb8f2095933fa301675fc0abc5bae66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fivesjs.skipser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 12:33:42 GMT
x-content-type-options
nosniff
age
501327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35928
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 20:53:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 08 Jan 2023 12:33:42 GMT
pxiKyp0ihIEF2isfFJU.woff2
fonts.gstatic.com/s/vt323/v15/
17 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/vt323/v15/pxiKyp0ihIEF2isfFJU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=VT323&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc6a870a116251f87186b5a787702fc7bf6939f2126f66ca82e0a7142a6ba9f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fivesjs.skipser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 12:54:52 GMT
x-content-type-options
nosniff
age
68057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17668
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:00:48 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 13 Jan 2023 12:54:52 GMT
e292088e6a94ab7a9ce0.mp3
fivesjs.skipser.com/
5 MB
0
Media
General
Full URL
https://fivesjs.skipser.com/e292088e6a94ab7a9ce0.mp3
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
167.172.216.90 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.21.4 / Express
Resource Hash

Request headers

Referer
https://fivesjs.skipser.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 14 Jan 2022 07:49:09 GMT
Last-Modified
Mon, 10 Jan 2022 19:59:09 GMT
Server
nginx/1.21.4
X-Powered-By
Express
ETag
W/"d0b6e3-17e4592b32d"
Content-Type
audio/mpeg
Content-Range
bytes 0-13678306/13678307
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13678307
sdk.js
connect.facebook.net/en_US/
285 KB
80 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1e9e6079fa0960d5be461ccf63b9f9a5
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c4ba38aeff5d31534c864990fa9e28ae97eb1a7769e8b6d6bc7b9174bffc4a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fivesjs.skipser.com/
Origin
https://fivesjs.skipser.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bg5rDhvrTgeumSfMOFXnWw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 14 Jan 2023 06:43:53 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82071
x-fb-rlafr
0
x-fb-debug
hJ8j3J0WxCVOBlk9yy9UvZPxkuEi8/l7BpBQjc/IuyjiwrzeQuBKWStKf2+6UK5r6Sgy8S7bblUjAPaPwsDekw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
548035426a4e352e3007f75fe2933b57
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Jan 2022 07:49:09 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"2e0ebe63b937909184e4f9ef003a6df5"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cookie.js
partner.googleadservices.com/gampad/
215 B
645 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=fivesjs.skipser.com&callback=_gfp_s_&client=ca-pub-5289321941597511
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
c63cf85efcb6bf979174d0348a3aff68c05d8c0b620aad0faac695007a3ed9c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fivesjs.skipser.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 07:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fivesjs.skipser.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 07:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6069
2 KB
468 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&adk=1812271804&adf=3025194257&lmt=1641844749&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549360&bpp=2&bdt=270&idt=120&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8338978810331&frm=20&pv=2&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=139
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8de79209eea8fb1f201020bffbbe81229a10ca318ee95707fe939155d7aeacca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 14 Jan 2022 07:49:09 GMT
server
cafe
content-length
445
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 14 Jan 2022 07:49:09 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 8901
71 KB
27 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e91a19ba256bf351ac5c659fbe559828708bad82c13ccb3fb53d92723a8535ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 14 Jan 2022 07:49:10 GMT
server
cafe
content-length
27876
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 14 Jan 2022 07:49:10 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 50B7
95 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
555021899a6e85026ba5989314cd404f7cef833b378685201500a47b637f19ee
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN-Nhc7gsPUCFU06GwodcjQB1g&gqi=9SrhYb7kILGe9u8P_fuqyAg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN-Nhc7gsPUCFU06GwodcjQB1g&gqi=9SrhYb7kILGe9u8P_fuqyAg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 14 Jan 2022 07:49:09 GMT
server
cafe
content-length
31003
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 14 Jan 2022 07:49:09 GMT
cache-control
private
/
www.facebook.com/tr/
44 B
295 B
Image
General
Full URL
https://www.facebook.com/tr/?id=644661793233564&ev=fb_page_view&dl=https%3A%2F%2Ffivesjs.skipser.com%2F&rl=&if=false&ts=1642146549519&sw=1600&sh=1200&at=
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 14 Jan 2022 07:49:09 GMT
ssrh.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 50B7
84 KB
30 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 18:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30063
x-xss-protection
0
server
cafe
etag
16132151104434394549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 14 Jan 2022 18:01:11 GMT
highscores.json
fivesjs.skipser.com/cache/
152 B
473 B
XHR
General
Full URL
https://fivesjs.skipser.com/cache/highscores.json
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/d0382347ec689e383c06.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
167.172.216.90 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.21.4 / Express
Resource Hash
6c852a83c8a9ec9156d7b875630eada7ca9ae0311dbbc4d65c8e28ed72ad3192

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fivesjs.skipser.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 07:49:09 GMT
Last-Modified
Thu, 13 Jan 2022 16:37:56 GMT
Server
nginx/1.21.4
X-Powered-By
Express
ETag
W/"98-17e544d8f3d"
Content-Type
application/json; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
152
widget_iframe.e37c957bd3ae00473b95800b99e19cff.html
platform.twitter.com/widgets/ Frame EB96
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Ffivesjs.skipser.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BD) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
125241
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Jan 2022 07:49:09 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Tue, 11 Jan 2022 20:06:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BD)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
share_button.php
www.facebook.com/v12.0/plugins/ Frame C240
42 KB
13 KB
Document
General
Full URL
https://www.facebook.com/v12.0/plugins/share_button.php?app_id=644661793233564&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb533d7d4f4c2%26domain%3Dfivesjs.skipser.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffivesjs.skipser.com%252Ff252d7ecf675708%26relation%3Dparent.parent&container_width=672&href=https%3A%2F%2Ffivesjs.skipser.com%2F&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1e9e6079fa0960d5be461ccf63b9f9a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e60e6b2df83065b926230af64c4277b4eab928bd88829c667fc0731cb89e5c9f
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v12.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
QudzM1etCf2OpIZ+s5rEt5S91tJMuhSylvMfvyNpQ8i0EUPe3sHS1lbZvTcGTOsK9NIHPXW9K7vd+PsAxkGoOA==
date
Fri, 14 Jan 2022 07:49:10 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 50B7
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jan 2022 07:41:29 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 50B7
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:48:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jan 2022 07:48:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 50B7
121 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Jan 2022 07:49:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 50B7
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jan 2022 07:45:52 GMT
1085846715528804870_7424922387161151425.jpeg
static.doubleclick.net/dynamic/5/274663897/ Frame 50B7
22 KB
22 KB
Image
General
Full URL
https://static.doubleclick.net/dynamic/5/274663897/1085846715528804870_7424922387161151425.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14030a1b27fd30ae5344abce47a47a282ca010fa3fc1f77f287fb779b1736de4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:29:32 GMT
x-content-type-options
nosniff
age
235177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22242
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 04:02:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Jan 2023 14:29:32 GMT
1565901009854677879_4324114946583544224.jpeg
static.doubleclick.net/dynamic/5/274663897/ Frame 50B7
28 KB
29 KB
Image
General
Full URL
https://static.doubleclick.net/dynamic/5/274663897/1565901009854677879_4324114946583544224.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
987dc4ae427bb0ae73d346447cf3798f2f9f1440c38124d3bd340d957a38ed33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 18:07:47 GMT
x-content-type-options
nosniff
age
135682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28791
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 04:02:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 18:07:47 GMT
2283658488796960916_10025026485790454130.png
static.doubleclick.net/dynamic/5/274663897/ Frame 50B7
172 KB
173 KB
Image
General
Full URL
https://static.doubleclick.net/dynamic/5/274663897/2283658488796960916_10025026485790454130.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37a59f6ff4e6da04a5d49178ad718ec34f637425c1774a9bee2b98541dae949b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:43:35 GMT
x-content-type-options
nosniff
age
583534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
176448
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 04:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Jan 2023 13:43:35 GMT
9313354370292274773
tpc.googlesyndication.com/simgad/ Frame 50B7
11 KB
11 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9313354370292274773
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d692a3c61bb1a2138c9c3c6ab491306b5e905cc5794251fee3f23e913adafcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 18:09:10 GMT
x-content-type-options
nosniff
age
135599
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11589
x-xss-protection
0
last-modified
Thu, 03 Dec 2020 19:30:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Jan 2023 18:09:10 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 50B7
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CctYZ9SrhYZ-_Ic30bPLohLANmNLq2mXMt729_gz6zK3qkw4QASDvqO6LAWCN8tIDoAGR64PLA8gBCakCDwbsThxlaj6oAwHIA8sEqgTYAU_Ql_u-wGa8u_w8zy7A3lsq2-F64-RH-goiz7FnTnznA_LgX3JQckd0I8rmJh5oHNKmM9gEPgT3B97Oms37DHraTxUb_B1yoU5p7opS47tr024hilYxyPEmTYixKopYUhiLn65kGKa9mG78D1Jw5Nc3jY2u7NX5uF3Ob1iKgw9jHfBRrfUUzoHCuK31oXVr0_UBl-ZN7fd8Se6lPtv_thL5YUbEVWsZSs1p4VYHblAcj3Nl5FqV4bcAhQF7w-e8Qx2ZCXvMvy-loYyt9bNJQlWLMFxrSmLxW8AE-fyfza4DkgUECAQYAZIFBAgFGASgBi6AB4SQ3jmoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQhO0K0ggHCIBhEAEYH4AKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi01Mjg5MzIxOTQxNTk3NTExGAA&sigh=mLgQFcvUmNY&uach_m=[UACH]&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 14 Jan 2022 07:49:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 14 Jan 2022 07:49:09 GMT
settings
syndication.twitter.com/ Frame EB96
232 B
448 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=b018ade1efdebaa349cde3faf4b844930c79ed0c
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Ffivesjs.skipser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
104
date
Fri, 14 Jan 2022 07:49:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 07:49:10 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
1f8747c268aebbfe6016abe9b79e978e7870bf284ff422751684a553f8c0337e
content-length
166
s
googleads.g.doubleclick.net/pagead/drt/ Frame E37C
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Fri, 14 Jan 2022 07:02:37 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame E37C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 14 Jan 2022 07:49:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 14 Jan 2022 07:49:10 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 14 Jan 2022 07:49:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 50B7
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4894fa8e01a6813e4699170b66b2614b8596dbb9af82b311a40dc27aaa6c4fea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
zSKZHMh8mXU.png
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame C240
388 B
977 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/zSKZHMh8mXU.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/share_button.php?app_id=644661793233564&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb533d7d4f4c2%26domain%3Dfivesjs.skipser.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffivesjs.skipser.com%252Ff252d7ecf675708%26relation%3Dparent.parent&container_width=672&href=https%3A%2F%2Ffivesjs.skipser.com%2F&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:10 GMT
x-content-type-options
nosniff
content-md5
mLIKfuTnwd0c8uA9BXg4cQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
388
x-fb-rlafr
0
x-fb-debug
itq4Dgegeg7U1COHVSHRcGAV1A8bj4oRRI+LTXw/8nv7xed40mF7blK8DQe7wOTZ9v+8MMwPIi3l8GRbOQfm2g==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 06 Jan 2023 21:55:36 GMT
yeDV_yBDjcV.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yc/l/en_US/ Frame C240
518 KB
136 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yc/l/en_US/yeDV_yBDjcV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/share_button.php?app_id=644661793233564&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb533d7d4f4c2%26domain%3Dfivesjs.skipser.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffivesjs.skipser.com%252Ff252d7ecf675708%26relation%3Dparent.parent&container_width=672&href=https%3A%2F%2Ffivesjs.skipser.com%2F&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50e73b9f587cd1bf6fbe917157bdce177fb178ceaba7231ed433394a8e2bffbf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dVkFVvKRO2+iaAFL3ep6NQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
138557
x-fb-rlafr
0
x-fb-debug
s43zUBG00gZ6vEHPP1EcfFnKElrvlKxOgxsSkIH6qhmr6ZRJOaYQuhhkymAR3pcgNrUYgo++8iupQuOJ69uMTw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 12 Jan 2023 18:57:08 GMT
7741719778825261331
tpc.googlesyndication.com/simgad/ Frame 8901
34 KB
34 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7741719778825261331
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5c04b1f8f3657c9b306244a86866944a47391653fc4bd4501e44bca93caba3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 18:23:52 GMT
x-content-type-options
nosniff
age
307518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34667
x-xss-protection
0
last-modified
Mon, 06 Mar 2017 19:20:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Jan 2023 18:23:52 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 8901
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jan 2022 07:41:29 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 8901
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:48:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jan 2022 07:48:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8901
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Jan 2022 07:49:10 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 8901
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jan 2022 07:45:52 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 8901
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 00:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11395
x-xss-protection
0
server
cafe
etag
13428216562775282503
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jan 2022 00:10:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8901
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgVWg9SrhYYbJIYSI9fgP9bWUwALI7JrnXczN37GaBZqUm6roDhABIO-o7osBYI3y0gOgAdPxpuQDyAEDqAMByAPJBKoEzQFP0MQxN3ylxm9iDvjn5v-fUSMj8bpGnS_ESETDZQHkJnIMkHhJQz4AZGE_c0xj3Kn_2AWjpzGMJMZdCueHRS3eeOHPUxOKzPVoGPS7qyI8ruVCF0VUoPN9a4Pc8Bu0TX0wlvpXgbuPpJzSdU4-t9q4R_UTsWbs1QlSIsZne9cmvi7eXxjayODBMwh1tYhVL8v1LBuh126rtC39Fs9GK1ngbj8bj6AISZv6N8LFzzBRTU4UiVeqgFmV-EuU9iHO3cf9IzojXebvBmf3rjIPwASDuqfosAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AHlY7ZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOS2BdIIBwiAYRABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTI4OTMyMTk0MTU5NzUxMRgA&sigh=cgp-IomY0z0&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 14 Jan 2022 07:49:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 396E
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Fri, 14 Jan 2022 07:02:37 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2793
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 07:49:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jan 2022 20:06:46 GMT
Server
ECS (frb/6725)
Age
125243
Etag
"0fe442c8a1482a5540ef9bb91b588585+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2293
tweet_button.e37c957bd3ae00473b95800b99e19cff.en.html
platform.twitter.com/widgets/ Frame EBB6
32 KB
12 KB
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.e37c957bd3ae00473b95800b99e19cff.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
fa3255105a4fae106e297575357e8283cfc30686d8c474c7b05175ec817e45f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
125243
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Jan 2022 07:49:10 GMT
Etag
"9caba3159cfc3fd6efdfa3c3f828214e+gzip"
Last-Modified
Tue, 11 Jan 2022 20:06:50 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6725)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12236
si
googleads.g.doubleclick.net/pagead/drt/ Frame 396E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 14 Jan 2022 07:49:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 14 Jan 2022 07:49:10 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 14 Jan 2022 07:49:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8901
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d8491634142319f94aca2a600857f52fa2ae3c3bc09664d39e3a3bd4fbb1831

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 9C26
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549389&bpp=2&bdt=299&idt=126&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xFdrg4VrHb&p=https%3A//fivesjs.skipser.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
557033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Jan 2023 21:05:17 GMT
truncated
/ Frame EBB6
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
cavalry_endpoint.php
www.facebook.com/common/ Frame C240
67 B
99 B
Image
General
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1642146550095&t_start=1642146550095&t_domcontent=1642146550109&t_layout=1642146550261&t_onload=1642146550261&t_paint=1642146550261&t_creport=1642146550261&t_tti=1642146550109&lid=7052965724094649292-0
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v12.0/plugins/share_button.php?app_id=644661793233564&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb533d7d4f4c2%26domain%3Dfivesjs.skipser.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffivesjs.skipser.com%252Ff252d7ecf675708%26relation%3Dparent.parent&container_width=672&href=https%3A%2F%2Ffivesjs.skipser.com%2F&layout=button_count&locale=en_US&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
yFKOkarYFO84y6If5w6eK3abrfItEidMFUGxK3Fk6eVLdmvxZEyLXZ+Cha2/SL/oY8ZA2k50utGJQ+SBeI1emQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 14 Jan 2022 07:49:10 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 6158
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1641844749&psa=0&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642146549386&bpp=3&bdt=296&idt=117&shv=r20220112&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338978810331&frm=20&pv=1&ga_vid=900934071.1642146549&ga_sid=1642146549&ga_hid=320512616&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063894&oid=2&pvsid=4253407429959894&pem=575&tmod=286&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zqciczt6p6&p=https%3A//fivesjs.skipser.com&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
557033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Jan 2023 21:05:17 GMT
jot
syndication.twitter.com/i/
43 B
356 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ffivesjs.skipser.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Skipser%22%2C%22widget_creator_screen_name%22%3A%22Skipser%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1642146550434%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2286e9194f%3A1641882287124%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
108
pragma
no-cache
last-modified
Fri, 14 Jan 2022 07:49:10 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
1f8747c268aebbfe6016abe9b79e978e7870bf284ff422751684a553f8c0337e
x-transaction
aac9b506cd144a24
expires
Tue, 31 Mar 1981 05:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96ebc383017bc5f57029e6f474f2f65dfba3feddea923064405e780cbba2e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 07:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8633
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Jan 2022 07:49:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F21B
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 14 Jan 2022 07:22:22 GMT
expires
Sat, 14 Jan 2023 07:22:22 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1608
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame CB75
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
62fe35f910a879e82fb14f7cb3badb46b279a6b01f9cfc15203c3793b27f5738
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AHdEknzImj3ggPkp4TLRUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 14 Jan 2022 07:49:10 GMT
date
Fri, 14 Jan 2022 07:49:10 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AHdEknzImj3ggPkp4TLRUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame F21B
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
557034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Jan 2023 21:05:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CB75
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220112&jk=4253407429959894&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame F21B
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?1E6cYg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:49:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220112&jk=4253407429959894&bg=!2Nul25_NAAaocxMpqHM7ACkAdvg8WpYt5z9uSFFF2Sef6xRjYqZtD0hvXFP5i5Wk1oHA6lzHqUxbAgIAAABAUgAAAANoAQcKALYl1IyQNbS1K0Ryxj3MdKAHXtCHcO4HN7Z5FOFk0VwLkxeQd9_3SDfR1EkqtJKHD_sH7lryjOYH1D9cSSShxlr5PiWCkzlKLyD18YNDOrEjyfFdPVFYLcSblHZ_SWLNmZksgM2Ww_CI17BfsniInu9QAUpPUIlY5WMlTRKots_wAqcet7MSLOmpgt6tx_cHnT44QqQTRDnXCP7LXL803tqSMMBdpP39mSnxFSzwUIjmrl1KP6QmjZkCoE_BifB7q6CWfuolxh6nwByHcJTbaCs2bKlXJ3GhofDvbXtlRw7wIlKZmRpuDqQ-XpRM3a3CpT9Pf3vYpEnG7rdK5Kefso2VohSvRxzgb_pNGVfJbodVmDQAiaT5EoEd20F_7QPPdGgwUvwcGDJb31g37y1_s9dzAeIEwqN5RigSjrKQlzwZfk4xwEGMulSlNFN8NIMOeqWz0Fwy18wWR63n5srB4BbiPCPfjOJnGIBFsyy9b82uz71s0ZF7ktKToAbVXYtA3WuDfyf6cl56P8QKMHc7mIiBiIgkp-kZRH9YGBQJqE7OKtpDHY3VL0FSzUYZHsbjyRPxtzPDt-TiPH4ohgzEZjXc19h9UR0bnQQrzY6YxOSJqBpvVqg9Hl2iqvzu5u1SsGrUXki7M21A1Arv7-uTEhavhsGfFZqNLJLEv4VcrDkGQJq1vxRDSaUE4INwGaCCM3lZ9dp9BDV1EEen72PhTyu3_3YWzlNiu5YC33IhSnCsYxfMpDdu7OBgsaM44H3Qap7o0qNex_N-Cgs6WWYnsleqF5n4kYsx4w8Xb2k1ZOaRSPbX5KoYt9hg06yf4_cTSgpszw_KFt2T_JoytKN2SwhdEpT25qhsGTGrqSQ_-3MnTiasQmg-U7G6s4zdOeekkugj9esWnEf4NUwn79uN5I5aVTThpjP-tUm6kBTrmkMCflbZbopUpdeOhmgZ0EmTK7u18EKhtcAdkJNs5438OFmBSSvLE1tdba9jKqCDFR05aQ6fbB101bM7LQ1wajbV2dCKyZ60S9WKi1G3G44_pboRwrIsrjriE6kf71PM0_fskXsVR8VJOYA3f-3XBmMBmVQkrzjDa7ixDi9FQDzhla1hophjETDw4JIbCCxBpQzCFExk9JQKGSifkw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 07:49:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8901
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0DWP1Cj0E_EbHWWNELDQZROmfaszN24lxC0S2l8CZ1gFxaemg1ML-bHmtUHoRuSOVQfECTncLAKv0E2417xh6s2BEsgULA0wq7oSv1qTcJA13Ktk&sai=AMfl-YSfcN1mzfdFeV82A25ayTeng0BCLPTGml_RUjqZucp3QWafsyOTTfaXQYDw3ivy6yt1emMs3YREzrYD&sig=Cg0ArKJSzE8ZDCTVVo_qEAE&id=lidar2&mcvt=1001&p=0,0,280,336&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4037986445&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642146549508&rpt=695&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 07:49:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 50B7
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstu487rBnITwlKQeXyF3fbU4zdmV7yY7UJ7NWgZF-PFZudkKbwjqun7aiBnewBrl90m0Eu2fl13Aue6IZJM86WKmcUk7NtNh815Qdu6JEsqg6BiBX4&sai=AMfl-YRR-PWHfpPTc61qx1MwGu8B0TddcTP9q06NLCbFuK_KZXxdG_EKJE2acUPUMJ_RBovTSzsF4Xbyue1q&sig=Cg0ArKJSzFsHiLmPP_2REAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=21&adk=262408115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642146549518&rpt=712&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 07:49:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onsecuritypolicyviolation object| onslotchange function| html2canvas function| $ function| jQuery function| gtag object| dataLayer object| __twttrll object| twttr object| __twttr object| google_tag_manager object| google_tag_data object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| google_lpabyc function| shareScore function| fbAsyncInit object| FB function| onYouTubeIframeAPIReady function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.skipser.com/ Name: _ga
Value: GA1.1.900934071.1642146549
.skipser.com/ Name: __gads
Value: ID=fc96257693dca5f7-225efbec1fcd0044:T=1642146549:RT=1642146549:S=ALNI_MZORoXSKKqfqchQumFWMyBs4HJOEw
.doubleclick.net/ Name: IDE
Value: AHWqTUkFohjo_Kr1xmXQA9oeUXe6hmMq-Cv5-Z8hjyaWh2yD3IFdUVG80CpKAfpky9I
.doubleclick.net/ Name: DSID
Value: NO_DATA
.skipser.com/ Name: _ga_BN0GL614BJ
Value: GS1.1.1642146549.1.0.1642146550.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fivesjs.com
fivesjs.skipser.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
static.doubleclick.net
static.xx.fbcdn.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.244.42.200
142.250.185.226
167.172.216.90
2001:4de0:ac18::1:a:3b
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:135e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4019:805::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14030a1b27fd30ae5344abce47a47a282ca010fa3fc1f77f287fb779b1736de4
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
29d5360d9bf6371345b34c851c425f0f7806c1d48aec3cd553fae1f103772bc8
2d692a3c61bb1a2138c9c3c6ab491306b5e905cc5794251fee3f23e913adafcd
3135313860854a56e5a53c9d115c4d9d577af08aa30b5bfd1e9f4fe9896a5aee
37a59f6ff4e6da04a5d49178ad718ec34f637425c1774a9bee2b98541dae949b
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
4894fa8e01a6813e4699170b66b2614b8596dbb9af82b311a40dc27aaa6c4fea
50e73b9f587cd1bf6fbe917157bdce177fb178ceaba7231ed433394a8e2bffbf
555021899a6e85026ba5989314cd404f7cef833b378685201500a47b637f19ee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fe35f910a879e82fb14f7cb3badb46b279a6b01f9cfc15203c3793b27f5738
6c852a83c8a9ec9156d7b875630eada7ca9ae0311dbbc4d65c8e28ed72ad3192
6ca7c6fba3ad150eb5a978fec7a31c496d31fc77fd01d146602227099ca4e5c9
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183
771735ecbf00f65d0f6180dbae962bfcd30d6df39c8292429f3f64596a6c8b82
7c4ba38aeff5d31534c864990fa9e28ae97eb1a7769e8b6d6bc7b9174bffc4a4
7f72ebbcb382be0ff7303ca580cada6af40facdcc4f30033952551cbc3b6ae0e
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
83cf5e020fa3867d921d3d73a2ab111e9f15286d1df4079b22397749f1548c61
8de79209eea8fb1f201020bffbbe81229a10ca318ee95707fe939155d7aeacca
96ebc383017bc5f57029e6f474f2f65dfba3feddea923064405e780cbba2e459
987dc4ae427bb0ae73d346447cf3798f2f9f1440c38124d3bd340d957a38ed33
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9d8491634142319f94aca2a600857f52fa2ae3c3bc09664d39e3a3bd4fbb1831
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1cb69ec86bd33b94a22e035197e624c229073421bb6084e7a3c7c56d911ca24
b8df37a8152b41a91698e42673ffbdbc4d0b9ded01d96c0f2a7c6d90afe19c3f
ba893425305488e76a3dae637e7d078a8005b9c53d66131cb428f2120cfa0336
ba9af5eab3ce353b161b859e256fbdf5ef5b8978acf39bcb7f38ccaef83b649b
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c4244f4a63a1b306e776f9dbfdaca5582449fe2433a0315a2549aae9419731f9
c63cf85efcb6bf979174d0348a3aff68c05d8c0b620aad0faac695007a3ed9c6
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
dc6a870a116251f87186b5a787702fc7bf6939f2126f66ca82e0a7142a6ba9f6
e2f13665e8ba61f667b58de7b04ac6e7bcb8f2095933fa301675fc0abc5bae66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40fe7b1a11974acef2e14a572fd0070d363f0b6fd5d29acfc2a06d6d2f0e7c4
e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3
e5c04b1f8f3657c9b306244a86866944a47391653fc4bd4501e44bca93caba3e
e60e6b2df83065b926230af64c4277b4eab928bd88829c667fc0731cb89e5c9f
e91a19ba256bf351ac5c659fbe559828708bad82c13ccb3fb53d92723a8535ff
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
fa3255105a4fae106e297575357e8283cfc30686d8c474c7b05175ec817e45f9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e