www.photo.googlecraft.com Open in urlscan Pro
158.177.146.243 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.photo.googlecraft.com/
Submission Tags: @phishunt_io
Submission: On October 02 via api (October 2nd 2021, 11:05:48 am UTC) from DE — Scanned from DE

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 50 HTTP transactions. The main IP is 158.177.146.243, located in United States and belongs to SOFTLAYER, US. The main domain is www.photo.googlecraft.com.
TLS certificate: Issued by R3 on October 2nd 2021. Valid for: 3 months.

This is the only time www.photo.googlecraft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	158.177.146.243 158.177.146.243	36351 (SOFTLAYER) (SOFTLAYER)
3	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
3	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
2	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1	104.18.23.52 104.18.23.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	104.21.81.131 104.21.81.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
50	14

5 158.177.146.243 (United States)

ASN36351 (SOFTLAYER, US)
PTR: cloud.digitalhq.co

www.photo.googlecraft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.23.52 (None, )

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.81.131 (None, )

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f110.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	google.com adservice.google.com fundingchoicesmessages.google.com www.google.com	92 KB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	205 KB
5	googlecraft.com www.photo.googlecraft.com	61 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	22 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	53 KB
3	googletagmanager.com www.googletagmanager.com	125 KB
2	doubleclick.net googleads.g.doubleclick.net	10 KB
2	cloudflare.com cdnjs.cloudflare.com	11 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	32 KB
1	googleadservices.com partner.googleadservices.com	660 B
50	11

	Domain	Requested by
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	pagead2.googlesyndication.com	www.photo.googlecraft.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	www.photo.googlecraft.com	www.photo.googlecraft.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	maxcdn.bootstrapcdn.com	www.photo.googlecraft.com
3	www.googletagmanager.com	www.photo.googlecraft.com www.googletagmanager.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	ka-f.fontawesome.com	kit.fontawesome.com
2	cdnjs.cloudflare.com	www.photo.googlecraft.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	kit.fontawesome.com	www.photo.googlecraft.com
1	fonts.googleapis.com	www.photo.googlecraft.com
1	ajax.googleapis.com	www.photo.googlecraft.com
50	16

This site contains no links.

Subject Issuer	Validity	Valid
googlecraft.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.photo.googlecraft.com/
Frame ID: BBC03F4CEDCB575D204B4C7B06D00796
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Frame ID: 0B740498CD2108C4A10950892FA7F3C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3244930404682531&output=html&adk=1812271804&adf=3025194257&lmt=1613290913&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.photo.googlecraft.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633172744183&bpp=3&bdt=198&idt=118&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3153621164864&frm=20&pv=2&ga_vid=8158457.1633172744&ga_sid=1633172744&ga_hid=48309867&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938&oid=2&pvsid=1027085340917082&pem=725&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=154
Frame ID: 1EE81A9ED153DD30BEDF7A16BCDB739F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9718DAB7279BAC79B53D71863FFC53EB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4541BEE44701CD03C3BE86E0FAC46EED
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Resize and compress exam photos, Photo resize for exam, Photo crop and resize for exams

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

16
Subdomains

14
IPs

2
Countries

631 kB
Transfer

1704 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.photo.googlecraft.com/ 11 KB
12 KB 67ms
13ms Document
text/html 158.177.146.243
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.photo.googlecraft.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.177.146.243 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: cloud.digitalhq.co
Software: nginx/1.21.3 /
Resource Hash: da926f4bf5ae76a65d95a0d180bf9f7103d605a9abe0e0fd9130ce1708db79ca

Request headers

Host: www.photo.googlecraft.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.21.3
Date: Sat, 02 Oct 2021 11:05:43 GMT
Content-Type: text/html
Content-Length: 11773
Connection: keep-alive
Last-Modified: Sun, 14 Feb 2021 08:21:53 GMT
Accept-Ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 59ms
34ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L92J30BQX4

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

31fae5a74dc5affbf61f31741d6ab098121c21e1fefb07e95dd742861861e53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49777
x-xss-protection: 0
expires: Sat, 02 Oct 2021 11:05:44 GMT

GET
H/1.1 200
OK cropper.min.css
www.photo.googlecraft.com/dist/css/ 4 KB
4 KB 37ms
37ms Stylesheet
text/css 158.177.146.243
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.photo.googlecraft.com/dist/css/cropper.min.css
Requested by: Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.177.146.243 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: cloud.digitalhq.co
Software: nginx/1.21.3 /
Resource Hash: 6d14545f299db3481e2ebd79027b8c009b048ac7c9ad7911fe87b97d2f910008

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.photo.googlecraft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.photo.googlecraft.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 11:05:44 GMT
Last-Modified: Sun, 07 May 2017 22:23:10 GMT
Server: nginx/1.21.3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3712
Content-Type: text/css

GET
H/1.1 404
Not Found animate.css
www.photo.googlecraft.com/css/ 0
0 59ms
36ms Stylesheet
text/html 158.177.146.243
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.photo.googlecraft.com/css/animate.css
Requested by: Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.177.146.243 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: cloud.digitalhq.co
Software: nginx/1.21.3 /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.photo.googlecraft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.photo.googlecraft.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 11:05:44 GMT
Server: nginx/1.21.3
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 50ms
26ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 1673045
cdn-cachedat: 08/11/2021 05:41:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 313ad02a214f6bc0a71a4ade9593c82e
cf-ray: 697d751239e0d725-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 33ms
8ms Script
text/javascript 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f10.1e100.net

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 17:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Fri, 30 Sep 2022 17:10:21 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 37ms
14ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 836293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz%2BjI1PX95mDwc8KI2IhIOEFrVducMU8bIz5iJgKBVjvdobAl0LBpcoQ7xsiO9KavxpE8tasIBUYUy6QltK1xTcW2aIYcgjHSElSSDDDucv4%2BAzTA7u7IM3zSl4JwYPGZauTWuEJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 697d75123fbfc2a9-FRA
expires: Thu, 22 Sep 2022 11:05:44 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 43ms
21ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 3403863
cdn-cachedat: 2021-08-02 21:50:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0838fea08fb3e365d8cd8f1eca354a8e
cf-ray: 697d751239e1d725-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 764 B
1 KB 72ms
26ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sulphur+Point&display=swap

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

df37cbe4175043d5ab71b5f4877818251326095afb7c383f758f2b92779caab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 11:05:44 GMT
server: ESF
date: Sat, 02 Oct 2021 11:05:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 11:05:44 GMT

GET
H2 200 d708a7ff0e.js Show response
kit.fontawesome.com/ 11 KB
4 KB 59ms
35ms Script
text/javascript 104.18.23.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/d708a7ff0e.js

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e8548233e53e2d423a823c554d3ae1d8aa243f8444c41586897462fef617d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 697d75123e664eaa-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FqedMPDcQAzCnxABHRui

GET
H2 200 bootbox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootbox.js/4.4.0/ 10 KB
3 KB 40ms
18ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootbox.js/4.4.0/bootbox.min.js

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e05edee09b002722d47693fb43c49a87ceba8c23a1bfbdb353913c948444478c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 842160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3213
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8d-27d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YulaS5h6M1nKGBFgEsHni2adC9Q3IjayJ8F9HSTrCfHaIcfAA9RgD7xoTIW801%2FgSE4zWTdRXo2lTrtvQyUaJLVj0XYX3YiWLZMLsnmJsPVCqWVb0V4e1Rasks1HCFS8Pc%2Fl05u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 697d75123fc1c2a9-FRA
expires: Thu, 22 Sep 2022 11:05:44 GMT

GET
H/1.1 200
OK scripts1.js Show response
www.photo.googlecraft.com/ 13 KB
13 KB 61ms
40ms Script
application/javascript 158.177.146.243
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.photo.googlecraft.com/scripts1.js
Requested by: Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.177.146.243 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: cloud.digitalhq.co
Software: nginx/1.21.3 /
Resource Hash: d0b3b5e0d8fe80cf15e91dd4bee4c5c88e71469c67cefac35061fd07f315c7b1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.photo.googlecraft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.photo.googlecraft.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 11:05:44 GMT
Last-Modified: Mon, 08 Feb 2021 02:55:52 GMT
Server: nginx/1.21.3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12982
Content-Type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 32ms
31ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-116024013-1

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6ca0f2cc0f291ec4f61d4fb11a3292649a997d0cfa15f1e5171536a63208b017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38903
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Oct 2021 11:05:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 58ms
33ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e11faafce785ce27d576232a8cf2e17d979f19faf40cda6fe641239d33c4647e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50832
x-xss-protection: 0
server: cafe
etag: 11230310692278948709
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 11:05:44 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/ 46 KB
12 KB 43ms
22ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/bootstrap.min.js

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 14690456
cdn-cachedat: 2021-04-13 17:41:26
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:02 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 69da3bb8b2a2135280a41c95775f0f11
cf-ray: 697d751239e2d725-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK cropper.min.js Show response
www.photo.googlecraft.com/dist/js/ 33 KB
33 KB 53ms
32ms Script
application/javascript 158.177.146.243
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.photo.googlecraft.com/dist/js/cropper.min.js
Requested by: Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 158.177.146.243 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: cloud.digitalhq.co
Software: nginx/1.21.3 /
Resource Hash: b5791044bb74348590d1c8a34ba5eab39dbbd514e728d02288036b96aa79d5a8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.photo.googlecraft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.photo.googlecraft.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 11:05:44 GMT
Last-Modified: Sun, 07 May 2017 22:23:26 GMT
Server: nginx/1.21.3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33420
Content-Type: application/javascript

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 71ms
23ms Fetch
text/css 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=d708a7ff0e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d708a7ff0e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
via: 1.1 79ba346413d83ce62db11c8d0b05c22d.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9EfSb7a1mH%2B0jkChKldFOCK31mJwr4rN6YxuhYsfnry0LPIzjeTyX1FgR4t7v%2BHNBl77tC13dhH8ZRqfPj%2FngBqsCVTgJ6wmZptH760coPw%2F4gMsHM7ATz9vl5HMt%2FEfcMHqpg%2BEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 697d7512ec934138-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ajYGmgumVgJ8uQCFDOg7mKv2Xa1H8RToCRMDK96hzHhEC9ZaXvg3Ng==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 82ms
35ms Fetch
text/css 104.21.81.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=d708a7ff0e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d708a7ff0e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
via: 1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtwE%2F2NpVrUH1PGMjdy9aO2uTzE8UlblQTsoV9NL%2FSTS08Dzo5OlTOddN7Qz4Na2Xb1Ir%2FfbC6WzGYd55CMQaMW34EElTJz9jCjOITbEZF08W%2BVOxCOLu0aoTlLZT7qqBYO%2F%2B1OE6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 697d7512ec944138-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Ymt5_c7cks2WaTYiTnKRDnRUSGTYdJud87GF1NT0raCSL7lzQinVYw==

POST
H2 204 collect
www.google-analytics.com/g/ 0
178 B 36ms
13ms Ping
text/plain 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-L92J30BQX4&gtm=2oe9r0&_p=48309867&sr=1600x1200&ul=en-us&cid=8158457.1633172744&_s=1&dl=https%3A%2F%2Fwww.photo.googlecraft.com%2F&dt=Resize%20and%20compress%20exam%20photos%2C%20Photo%20resize%20for%20exam%2C%20Photo%20crop%20and%20resize%20for%20exams&sid=1633172744&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L92J30BQX4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f110.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.photo.googlecraft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 11:05:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.photo.googlecraft.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 31ms
30ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-116024013-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L92J30BQX4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ac829205e3bd6cbad6b5740ac822e7c557a61507f7efb736af0aa6324711d80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38906
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Oct 2021 11:05:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 10ms
6ms Script
text/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-116024013-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1127
date: Sat, 02 Oct 2021 10:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 02 Oct 2021 12:46:57 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/ 257 KB
95 KB 76ms
54ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

94cfe0e7f05a53a4381439225e7467af76d1b3e3c7969c04f2fd0756e4b69209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97122
x-xss-protection: 0
server: cafe
etag: 2748859267989515757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 11:05:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/ Frame 0B74 10 KB
5 KB 30ms
7ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210928/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.photo.googlecraft.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 01 Oct 2021 23:06:38 GMT
expires: Fri, 15 Oct 2021 23:06:38 GMT
content-type: text/html; charset=UTF-8
etag: 297313706323796346
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
age: 43146
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 43ms
20ms XHR
text/plain 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=48309867&t=pageview&_s=1&dl=https%3A%2F%2Fwww.photo.googlecraft.com%2F&ul=en-us&de=UTF-8&dt=Resize%20and%20compress%20exam%20photos%2C%20Photo%20resize%20for%20exam%2C%20Photo%20crop%20and%20resize%20for%20exams&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1835415906&gjid=120415826&cid=8158457.1633172744&tid=UA-116024013-1&_gid=1180177162.1633172744&_r=1&gtm=2ou9r0&z=1616674357

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.photo.googlecraft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 11:05:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.photo.googlecraft.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
660 B 59ms
21ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.photo.googlecraft.com&callback=_gfp_s_&client=ca-pub-3244930404682531

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9e584af44621838b6944b7bf898017ebe6a0a69eed0502bab892900f314911d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
46ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.photo.googlecraft.com%2F&tn=NAV&cls=navbar%20navbar-expand-md%20bg-dark%20navbar-dark%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.photo.googlecraft.com
URL: https://www.photo.googlecraft.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 11:05:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 41ms
17ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.photo.googlecraft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Oct 2021 11:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1EE8 11 KB
5 KB 457ms
435ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3244930404682531&output=html&adk=1812271804&adf=3025194257&lmt=1613290913&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.photo.googlecraft.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633172744183&bpp=3&bdt=198&idt=118&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3153621164864&frm=20&pv=2&ga_vid=8158457.1633172744&ga_sid=1633172744&ga_hid=48309867&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938&oid=2&pvsid=1027085340917082&pem=725&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=154

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3c08589042a70213cc6c4ed9f3a15ca25b389872ef8ad13ff44879f5e44a3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3244930404682531&output=html&adk=1812271804&adf=3025194257&lmt=1613290913&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.photo.googlecraft.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633172744183&bpp=3&bdt=198&idt=118&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3153621164864&frm=20&pv=2&ga_vid=8158457.1633172744&ga_sid=1633172744&ga_hid=48309867&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938&oid=2&pvsid=1027085340917082&pem=725&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=154
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.photo.googlecraft.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 02 Oct 2021 11:05:44 GMT
server: cafe
content-length: 4633
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 11:20:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 11:05:44 GMT
cache-control: private

GET
H2 200 ca-pub-3244930404682531 Show response
fundingchoicesmessages.google.com/i/ 70 KB
26 KB 66ms
39ms Script
application/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3244930404682531?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

badcc85d6194dec862ef4cb0054ea795aac17113016ad0a03fa12be72ac87f0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v/ZZ6VG8UrI4f4cm8z7Awg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-v/ZZ6VG8UrI4f4cm8z7Awg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-v/ZZ6VG8UrI4f4cm8z7Awg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-v/ZZ6VG8UrI4f4cm8z7Awg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
date: Sat, 02 Oct 2021 11:05:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUncq23OpS98Mec_Lg-Kb5pWKyN4hHV17wfBEjOQ3JDWhX4w9QNwXALkhxsjSga9XZI1jAWagXgphkurXNZ4lQ= Show response
fundingchoicesmessages.google.com/el/ 0
27 B 64ms
29ms XHR
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUncq23OpS98Mec_Lg-Kb5pWKyN4hHV17wfBEjOQ3JDWhX4w9QNwXALkhxsjSga9XZI1jAWagXgphkurXNZ4lQ=?pvid=01B45705-9A73-4366-93DE-3D6CD579525A&anonid=6B1B689D-5FBE-4EDE-A156-0D1A97394A03

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.4XkxggWOgZc.es5.O/d=1/rs=AJlcJMwOvQYjLyywogU7GHfSFqcavnjWLw/m=loader_js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ADZDrw/HnxeCVAYZyBKvCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ADZDrw/HnxeCVAYZyBKvCA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.photo.googlecraft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Oct 2021 11:05:45 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.photo.googlecraft.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-ADZDrw/HnxeCVAYZyBKvCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ADZDrw/HnxeCVAYZyBKvCA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUo7dIM3BokefB5IH6VIWb_afifnQSB5bBGV_TITJKV_hHiAhxZFcsFLIkfbbPEUmiJBirnmlEaQTOsa4uRp8U= Show response
fundingchoicesmessages.google.com/f/ 45 KB
17 KB 67ms
50ms Script
application/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUo7dIM3BokefB5IH6VIWb_afifnQSB5bBGV_TITJKV_hHiAhxZFcsFLIkfbbPEUmiJBirnmlEaQTOsa4uRp8U=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzMTcyNzQ1LDIyMDAwMDAwXSwiMDFCNDU3MDUtOUE3My00MzY2LTkzREUtM0Q2Q0Q1Nzk1MjVBIiwiNkIxQjY4OUQtNUZCRS00RURFLUExNTYtMEQxQTk3Mzk0QTAzIixudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LnBob3RvLmdvb2dsZWNyYWZ0LmNvbS8iXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.4XkxggWOgZc.es5.O/d=1/rs=AJlcJMwOvQYjLyywogU7GHfSFqcavnjWLw/m=loader_js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e4a7626e15642b97ca6944d1993dea42b25f31eb37abd499d6fff34ef37b9b74

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1ba+p0HEN8Mr8OpjKwMXYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1ba+p0HEN8Mr8OpjKwMXYw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-1ba+p0HEN8Mr8OpjKwMXYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1ba+p0HEN8Mr8OpjKwMXYw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX85Jl8zSWSmh4NkvlEeWtqwKerFiQtxHlW612PPPVZ_HYkCo1OU9tg2x1S5AM2A7KIKF50pUR5Ow5w7k6YjFjyE71SYVOwLhtLiDM_npMq2SMkgEvmJExj5zWtQU6tpONBYb3Lt803KbqDOJZp4m_iUGfwF2w4oGu9kHhpDDbvl2F0ectytQdzB-ap Show response
fundingchoicesmessages.google.com/el/ 0
27 B 34ms
34ms XHR
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX85Jl8zSWSmh4NkvlEeWtqwKerFiQtxHlW612PPPVZ_HYkCo1OU9tg2x1S5AM2A7KIKF50pUR5Ow5w7k6YjFjyE71SYVOwLhtLiDM_npMq2SMkgEvmJExj5zWtQU6tpONBYb3Lt803KbqDOJZp4m_iUGfwF2w4oGu9kHhpDDbvl2F0ectytQdzB-ap

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.0mfu9cp-Zu0.es5.O/d=1/rs=AJlcJMw-Kuh49tbPL5ptnXrMGOFpqpFgLQ/m=iabccpawebsignalscript

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CUnnBJNdmKQDc5Kkd5+AHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CUnnBJNdmKQDc5Kkd5+AHA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.photo.googlecraft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Oct 2021 11:05:45 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.photo.googlecraft.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-CUnnBJNdmKQDc5Kkd5+AHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CUnnBJNdmKQDc5Kkd5+AHA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RyZXClvbZ+W+sPEvkUmOOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-RyZXClvbZ+W+sPEvkUmOOQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.photo.googlecraft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Oct 2021 11:05:45 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.photo.googlecraft.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-RyZXClvbZ+W+sPEvkUmOOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-RyZXClvbZ+W+sPEvkUmOOQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWyqwEQA-ffj-pN0uX-gQMhiGXGxZZH1D7qb8PnUUYhh7QKyM_Exjg_xBLIqE4Zu8AarFtHaW-WvfZ7Fj1N2EdrXYHPpLs1yINgVGRdRYjAXoz-SsYXP9_qF3zBybnRolxFq5o7ejVqWQ2zk_Col7MAlLoD2oTOdSruog53tDHeifRtzogUm9iupnB1 Show response
fundingchoicesmessages.google.com/f/ 82 KB
30 KB 56ms
55ms Script
application/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWyqwEQA-ffj-pN0uX-gQMhiGXGxZZH1D7qb8PnUUYhh7QKyM_Exjg_xBLIqE4Zu8AarFtHaW-WvfZ7Fj1N2EdrXYHPpLs1yINgVGRdRYjAXoz-SsYXP9_qF3zBybnRolxFq5o7ejVqWQ2zk_Col7MAlLoD2oTOdSruog53tDHeifRtzogUm9iupnB1?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzMTcyNzQ1LDEyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly93d3cucGhvdG8uZ29vZ2xlY3JhZnQuY29tLyJd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

d28b57c3928900cf9ade6ecb8943c5a0fd3a24da847c1ae08e6aa3e6bef48b32

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4BXoOAdYTrOejig9b6eJdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4BXoOAdYTrOejig9b6eJdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-4BXoOAdYTrOejig9b6eJdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4BXoOAdYTrOejig9b6eJdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 49ms
26ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210928&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7f92fadce0f3a643adef49fe8db810197c880a6055f86bd67b8205b911d9168f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Oct 2021 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8439
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 41ms
16ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 02 Oct 2021 11:05:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9718 12 KB
5 KB 23ms
7ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.photo.googlecraft.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 02 Oct 2021 09:33:49 GMT
expires: Sun, 02 Oct 2022 09:33:49 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4541 783 B
1 KB 39ms
17ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

3582a273642060137227efc37c78dd42a61eff673478b9e394fa5d832d430cb9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eBtT2iJKl4VJSDTLyxdLDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.photo.googlecraft.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 02 Oct 2021 11:05:45 GMT
date: Sat, 02 Oct 2021 11:05:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-eBtT2iJKl4VJSDTLyxdLDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9718 35 KB
13 KB 14ms
13ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 22:46:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13343
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 28 Sep 2022 22:46:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4541 0
0 54ms
53ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210928&jk=1027085340917082&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 39ms
39ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210928&jk=1027085340917082&bg=!ICOlI2fNAAZE-GIIRPg7ACkAdvg8WnB6q7a2vYI2d3hs1WjzGggPWyK8ZubQCm4kPrbfDbtwrldzowIAAAB-UgAAAA1oAQeZAsJS4H3DSnnujC-96P-gGDGqBpRhHItCmoA6iYh-D2MfjbPgAPKvLsq32nB-dwyq3q_ysy9f6-MdrvwdV9NgzHcsDppIS6BwR5CdzsLdH_1P9dZh5BqXaEALb9YwlQNSqWxB7pn0IxqhqC5O77syjoMJz-dGyhrRFiZbwGNC81besGENqaKAqaeabMKjOFcgOIKtXFvhZJLWcJPO0uLcSpOHCI6Jx-rMoy4lix250Ga0VhkXSkq5x7b2OpkEhjQ83CLH4h0VA2JzDwCyQdujlgwoD2knGGZ2sYcGXXmkebC2IiSCn3-OFsaxh05__v6YEVQLS10pDeP7kPHAXRQALtBY0yReb_D6WW-cY5c3VdUVBd_Wvj2hpA1-_LxrR1Gjx3PP9b7ZFep_FudOSlxu_lCPb08pYOgV5c_9tZtOHJWQlpbjfj5fZQOyLFd0tL2Q9UO6JgZHG3Z7TRngDwXBi2-s8kQlnvqyCWxb1LJdAtLHB0cxxQEQIfHXVWVacoyLnwg-AT6Ws3MCnlte0fJZHTcvW2mL0RhC3R7fH7rQ82QWbfNbQ7bjxYk22_LSDgVUx-WNj7fLxJIxOmw1dlCQmdASi13HAljHtynOX6zDxObyNs2Qshn0fNl3Y74XLhDcOkQpWDsgbE8j2a2ZWqQzEr4t8RInRdPJG0nxUgkyZf6xhSkTrXi_2tuYRIl40eZrPM4AbITDLoOmwUhC-z-nIoHd2HBuVm7BX_fyt6R1hT90iOd2_ai-X2OH6FsZWaPBHYDufkrR73fD_iJ0BGnb5eltcrPuMdEmx7QkhrkCYioynLT2LXHpL2Vvk7GaUQi38vJKgdAYpeK2KzKZGUl3SQwW4LdQAkhZN-GC265crp1vt7f4Bu1gFIQLCYHmX5qblXV2U6v4z5SjCeaOzuSvDnhqLRLZzEOxvgQ5chtIilGOD-87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 siframead.-ads-180x-panel-ad. Show response
fundingchoicesmessages.google.com/f/AGSKWxWgF9LxrsmyS34ZJj_sO6f2L-GWaE6jlbQ3gGKD2xPTBn8PwKqhXqPAFLL35CC8hA9Zr_g4503Kb1mbZA_Hn_w5PXAu4Z3w22GY2jfwwuvYChvw5j3iyvWy7unAOoVN8cI5hocAABW7euy5yh-X0gsp-5Ue-... 54 B
107 B 29ms
28ms Script
application/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWgF9LxrsmyS34ZJj_sO6f2L-GWaE6jlbQ3gGKD2xPTBn8PwKqhXqPAFLL35CC8hA9Zr_g4503Kb1mbZA_Hn_w5PXAu4Z3w22GY2jfwwuvYChvw5j3iyvWy7unAOoVN8cI5hocAABW7euy5yh-X0gsp-5Ue-kH1olNhetwb0WPxTmpFJqNRcP0-s9fL_jeh44Hb1xC8b_Tg5P290BR9yntp6I34hTbd8BfLNrQQ35EPqKQ=/_/css/ads-/featuredadshome./siframead.-ads-180x-panel-ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

4535524bf568ff3da9b51da8ad86d17f77c243cf937c3b6d32d29f016d7a8fd5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dlAD35J4eZvOf4T74bACug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dlAD35J4eZvOf4T74bACug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-dlAD35J4eZvOf4T74bACug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dlAD35J4eZvOf4T74bACug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 72 KB
27 KB 16ms
15ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7df5bfa5d5e4983a01f28ead367dc53bb210a3bcc5c429b9500c46735fce1f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 10:11:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27493
x-xss-protection: 0
server: cafe
etag: 10434112897152555274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 11:11:35 GMT

POST
H3 204 AGSKWxXR0CScPLiqQEL-B6t-KmctWF45p7KvHqdvI1w-stTX4Esch1WLQ2hZvY0AIl3iyaKRWoPt4QuQKIgL8TB48MRWlgWMj17QozPNfHDJFwOtzgL82Z43-RHIwfNbMG0RpaBc6kDHUZazdLX3XDgvMRkWYL8bgeLvqp8rVuTnn9w-NDS0AJWz2jnJ9duT Show response
fundingchoicesmessages.google.com/el/ 0
26 B 34ms
33ms XHR
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXR0CScPLiqQEL-B6t-KmctWF45p7KvHqdvI1w-stTX4Esch1WLQ2hZvY0AIl3iyaKRWoPt4QuQKIgL8TB48MRWlgWMj17QozPNfHDJFwOtzgL82Z43-RHIwfNbMG0RpaBc6kDHUZazdLX3XDgvMRkWYL8bgeLvqp8rVuTnn9w-NDS0AJWz2jnJ9duT

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bUundVbjq5w6eVri5PS6eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bUundVbjq5w6eVri5PS6eg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.photo.googlecraft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Oct 2021 11:05:45 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.photo.googlecraft.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-bUundVbjq5w6eVri5PS6eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bUundVbjq5w6eVri5PS6eg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W4io2mEf0Qnsn68N3eYjow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-W4io2mEf0Qnsn68N3eYjow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.photo.googlecraft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Oct 2021 11:05:45 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.photo.googlecraft.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-W4io2mEf0Qnsn68N3eYjow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-W4io2mEf0Qnsn68N3eYjow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AAaHbgUG7j8reOii0/gg/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-AAaHbgUG7j8reOii0/gg/w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.photo.googlecraft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Oct 2021 11:05:45 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.photo.googlecraft.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-AAaHbgUG7j8reOii0/gg/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-AAaHbgUG7j8reOii0/gg/w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXVExTO7H5yf3pNTj77pGLcm22KE3QxOi0xtBj87CD2Jha9y4H_G_7V4cLI8heyfQv6hb5i7lqXBW5Jw0dovb7JiUnWmxJDvKtvdAXK2q2MRB0ouv0Bbh-DPUTIIIBaNJ0XLdO7wla5lWJKkF2muEt-wtIppEMOavU8k9DN2w4N9kXStlq7z4LhNSlP Show response
fundingchoicesmessages.google.com/f/ 44 KB
16 KB 40ms
39ms Script
application/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXVExTO7H5yf3pNTj77pGLcm22KE3QxOi0xtBj87CD2Jha9y4H_G_7V4cLI8heyfQv6hb5i7lqXBW5Jw0dovb7JiUnWmxJDvKtvdAXK2q2MRB0ouv0Bbh-DPUTIIIBaNJ0XLdO7wla5lWJKkF2muEt-wtIppEMOavU8k9DN2w4N9kXStlq7z4LhNSlP?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzMTcyNzQ1LDkwNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsMTAsNl1dLCJodHRwczovL3d3dy5waG90by5nb29nbGVjcmFmdC5jb20vIl0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

bb406b6ed153380d9ff916b2c4b36124e585c95941c85d7affb732027d3eebe6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yKCXWH/GzQiBvGQLP4A0Jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-yKCXWH/GzQiBvGQLP4A0Jw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.photo.googlecraft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 11:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-yKCXWH/GzQiBvGQLP4A0Jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-yKCXWH/GzQiBvGQLP4A0Jw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Cz0LYwwNRfKabVHeDRWW9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Cz0LYwwNRfKabVHeDRWW9Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.photo.googlecraft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Oct 2021 11:05:45 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.photo.googlecraft.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Cz0LYwwNRfKabVHeDRWW9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Cz0LYwwNRfKabVHeDRWW9Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXizUQt3c1lp9Xrxj0tib39gencUgHb5aWcyRxycc-8oa9msntrkdHkeUM_aehzjIfwk3l6qOr6Fkoo7syxD80jtGGdRNHTAJlhgEYGq7lIvSiZ3Zk6Lc_iGDzB4qZIkePA_p-xD9Ur7feJ-hE1mlAq-Cdr2Y9wLk90sDb0mn0iU1d79wi2ZmCNL8H0 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 35ms
35ms XHR
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXizUQt3c1lp9Xrxj0tib39gencUgHb5aWcyRxycc-8oa9msntrkdHkeUM_aehzjIfwk3l6qOr6Fkoo7syxD80jtGGdRNHTAJlhgEYGq7lIvSiZ3Zk6Lc_iGDzB4qZIkePA_p-xD9Ur7feJ-hE1mlAq-Cdr2Y9wLk90sDb0mn0iU1d79wi2ZmCNL8H0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.Isp_WzBNmgo.es5.O/d=1/rs=AJlcJMw4vqQI_eYyP64ZIR4dyw7gSCbTtg/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2TGb5xvDGncjH8dOWR2zVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-2TGb5xvDGncjH8dOWR2zVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.photo.googlecraft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Oct 2021 11:05:45 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.photo.googlecraft.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-2TGb5xvDGncjH8dOWR2zVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-2TGb5xvDGncjH8dOWR2zVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zuBINBGeSg+KWr3eAvXYAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-zuBINBGeSg+KWr3eAvXYAA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.photo.googlecraft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Oct 2021 11:05:46 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.photo.googlecraft.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-zuBINBGeSg+KWr3eAvXYAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-zuBINBGeSg+KWr3eAvXYAA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.googlecraft.com/	1970-01-20 15:10:44	Name: _ga Value: GA1.2.8158457.1633172744
.googlecraft.com/	1970-01-19 21:40:59	Name: _gid Value: GA1.2.1180177162.1633172744
.googlecraft.com/	1970-01-19 21:39:32	Name: _gat_gtag_UA_116024013_1 Value: 1
.googlecraft.com/	1970-01-20 07:01:08	Name: __gads Value: ID=141ad7f29ddda161-22979830e3ca0008:T=1633172744:RT=1633172744:S=ALNI_Ma2t-eIb5ht34mmn0H7saTy8ONVBQ
.doubleclick.net/	1970-01-19 21:39:33	Name: test_cookie Value: CheckForPermission
.googlecraft.com/	1970-01-20 15:10:44	Name: _ga_L92J30BQX4 Value: GS1.1.1633172744.1.0.1633172745.0
.googlecraft.com/	1970-01-20 07:01:08	Name: FCCDCF Value: [["AKsRol9a0oEIMqwtoAxtemjw7qpLtc-fp6ZKfttSKoWeYmrtXsg9YjtTOClUJRgNMIjAWl0KsSquThDX9wZBDBfH08taoqyfCsPGfvqvN6LWDBpom1Y4RWlgG7cNzVX5tMhTw77Kj5kBymtJsNNjxkJGRstfFvIg_A=="],null,["[[],[],[],[],null,null,true]",1633172744986],null,null]
.googlecraft.com/	1970-01-20 06:25:08	Name: FCNEC Value: [["AKsRol9a0oEIMqwtoAxtemjw7qpLtc-fp6ZKfttSKoWeYmrtXsg9YjtTOClUJRgNMIjAWl0KsSquThDX9wZBDBfH08taoqyfCsPGfvqvN6LWDBpom1Y4RWlgG7cNzVX5tMhTw77Kj5kBymtJsNNjxkJGRstfFvIg_A=="]]

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.photo.googlecraft.com/css/animate.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.photo.googlecraft.com
104.16.18.94
104.18.11.207
104.18.23.52
104.21.81.131
142.250.181.226
142.250.181.232
142.250.184.202
142.250.185.226
142.250.185.98
142.250.186.100
142.250.186.65
158.177.146.243
172.217.16.138
172.217.18.110
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0e8548233e53e2d423a823c554d3ae1d8aa243f8444c41586897462fef617d24
31fae5a74dc5affbf61f31741d6ab098121c21e1fefb07e95dd742861861e53f
3582a273642060137227efc37c78dd42a61eff673478b9e394fa5d832d430cb9
4535524bf568ff3da9b51da8ad86d17f77c243cf937c3b6d32d29f016d7a8fd5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca0f2cc0f291ec4f61d4fb11a3292649a997d0cfa15f1e5171536a63208b017
6d14545f299db3481e2ebd79027b8c009b048ac7c9ad7911fe87b97d2f910008
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7df5bfa5d5e4983a01f28ead367dc53bb210a3bcc5c429b9500c46735fce1f2d
7f92fadce0f3a643adef49fe8db810197c880a6055f86bd67b8205b911d9168f
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
94cfe0e7f05a53a4381439225e7467af76d1b3e3c7969c04f2fd0756e4b69209
9e584af44621838b6944b7bf898017ebe6a0a69eed0502bab892900f314911d7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ac829205e3bd6cbad6b5740ac822e7c557a61507f7efb736af0aa6324711d80e
b5791044bb74348590d1c8a34ba5eab39dbbd514e728d02288036b96aa79d5a8
badcc85d6194dec862ef4cb0054ea795aac17113016ad0a03fa12be72ac87f0d
bb406b6ed153380d9ff916b2c4b36124e585c95941c85d7affb732027d3eebe6
d0b3b5e0d8fe80cf15e91dd4bee4c5c88e71469c67cefac35061fd07f315c7b1
d28b57c3928900cf9ade6ecb8943c5a0fd3a24da847c1ae08e6aa3e6bef48b32
da926f4bf5ae76a65d95a0d180bf9f7103d605a9abe0e0fd9130ce1708db79ca
df37cbe4175043d5ab71b5f4877818251326095afb7c383f758f2b92779caab0
e05edee09b002722d47693fb43c49a87ceba8c23a1bfbdb353913c948444478c
e11faafce785ce27d576232a8cf2e17d979f19faf40cda6fe641239d33c4647e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c08589042a70213cc6c4ed9f3a15ca25b389872ef8ad13ff44879f5e44a3b3
e4a7626e15642b97ca6944d1993dea42b25f31eb37abd499d6fff34ef37b9b74
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.photo.googlecraft.com Open in urlscan Pro 158.177.146.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

0 %IPv6

11 Domains

16 Subdomains

14 IPs

2 Countries

631 kBTransfer

1704 kBSize

8 Cookies

0 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.photo.googlecraft.com Open in urlscan Pro
158.177.146.243 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

16
Subdomains

14
IPs

2
Countries

631 kB
Transfer

1704 kB
Size

8
Cookies

50 HTTP transactions
0 data transactions