skitterphoto.com Open in urlscan Pro
178.162.201.225 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://skitterphoto.com/photographers/83719/tktxusa1
Submission: On February 03 via manual (February 3rd 2024, 11:25:06 am UTC) from VN — Scanned from CH

Summary HTTP 86 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 14 domains to perform 86 HTTP transactions. The main IP is 178.162.201.225, located in Berlin, Germany and belongs to LEASEWEB-DE-FRA-10, DE. The main domain is skitterphoto.com.
TLS certificate: Issued by R3 on January 21st 2024. Valid for: 3 months.

This is the only time skitterphoto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	178.162.201.225 178.162.201.225	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
18	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2 3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
1 5	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
1	51.75.147.170 51.75.147.170	16276 (OVH) (OVH)
86	23

6 178.162.201.225 (Berlin, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: opal11.opalstack.com

skitterphoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 116.202.48.214 (Krefeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal900013.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.147.170 (United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3133977.ip-51-75-147.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	445 KB
14	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	72 KB
12	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163	98 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38309 hal900013.redintelligence.net — Cisco Umbrella Rank: 207121	10 KB
6	skitterphoto.com skitterphoto.com	107 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
5	gstatic.com www.gstatic.com	75 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369 fonts.googleapis.com — Cisco Umbrella Rank: 28	33 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
2	google.ch www.google.ch — Cisco Umbrella Rank: 29645	515 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	88 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 70174	24 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	84 KB
86	14

	Domain	Requested by
18	pagead2.googlesyndication.com	skitterphoto.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
13	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net skitterphoto.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com skitterphoto.com
6	skitterphoto.com	skitterphoto.com
5	hal900013.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900013.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
3	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	skitterphoto.com googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.ch	skitterphoto.com
2	www.google.com	skitterphoto.com tpc.googlesyndication.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	connect.facebook.net	skitterphoto.com connect.facebook.net
2	www.google-analytics.com	skitterphoto.com www.google-analytics.com
1	cdn.contentspread.net	hal900013.redintelligence.net
1	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	ajax.googleapis.com	skitterphoto.com
86	22

This site contains links to these domains. Also see Links.

Domain
tktxusa.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
skitterphoto.com R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-12` - `2024-02-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
contentspread.net R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://skitterphoto.com/photographers/83719/tktxusa1
Frame ID: 7ADD0E83FAA0F81308F273252A651478
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html
Frame ID: E477F39AE9C83DC589A2EF6AB0DC180A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9805514773957839&output=html&adk=1812271804&adf=3025194257&lmt=1706959502&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fskitterphoto.com%2Fphotographers%2F83719%2Ftktxusa1&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706959502742&bpp=4&bdt=165&idt=189&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=416414541712&frm=20&pv=2&ga_vid=184799987.1706959503&ga_sid=1706959503&ga_hid=189363531&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080836%2C95322195%2C95320868%2C95321867%2C95324155%2C95324160&oid=2&pvsid=31040375612043&tmod=1167689565&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=198
Frame ID: BFDE50258692829344C6308C60B782F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2B33939BDBCFFC2F8C949E7FBE816FF1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A3BBA64A72C0D1C0EF468E412C2E8127
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B34CBE14B49844C6B8DF6C2872F3A24
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16F43C61D12C756720F2CB4502ABD390
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiZyYjGATAB&v=APEucNXx2a3GcPJitUUaUQJfpcIMGIBSyYCgVaaMyb2Mvi8TKPIsjLYnEnFn_vp-4urvhXpX2Kh7CQxMWJo8aadSULx7rea7pg
Frame ID: 381B8E1B9496CAC4F22AB63CC635F33B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 115F697C7454CC51BBEE91CCBDB3F3D6
Requests: 15 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019
Frame ID: 65D6FB353205555879B8A641251EAEE6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4306C91451ACE9289370C3A6EDABDC18
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 7B14BB16300C8901D68D36D4B850836A
Requests: 1 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=18131300063646304438266012589013&a=030d7833
Frame ID: 9D119ED12D0350D464CCA472538851F5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

'tktxusa1' on skitterphoto

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

97 %
HTTPS

68 %
IPv6

14
Domains

22
Subdomains

23
IPs

4
Countries

1185 kB
Transfer

3210 kB
Size

16
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://tktxusa.com/
Title: https://tktxusa.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/tktxusa1
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tktxusa
Title: Facebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEf5EIcKdLLeRiPsDs5PIDU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEf5EIcKdLLeRiPsDs5PIDU&google_cver=1&C=1

Request Chain 47

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb4ikJUfAYGDo5tyw3-8wgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEf5EIcKdLLeRiPsDs5PIDU&google_cver=1

Request Chain 67

https://hal900013.redintelligence.net/request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=b8927e31f9&subid=&uid=5e1ef834eabddd38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf_4kjyK-ZdnEAvmQtOUPjbye8AuRwdCbaYP1g5LcD_AuEAEgr7DrJGD1hYCAzATIAQmpAkTCD6pwGbI-qAMByAObBKoEmgJP0NlnBe8Teix4McyQpt8re_jFsfut8nMx7bh8iG1iNK9yhabuwVLvwooZIryq90cxTb6iagLjBDVIYE66gXvWLwP3eiiJFpCL7jDgvafVtt7bdA8dOaIlmUvbS3Gcde4fWHluOfy0lr1W5oR3igC0Rq12g5NoevS5h-P1lfVf1doEvFO0HjZZ_xk87B7ZKH62QJAQ9-BEVP-0ldyhIFp2IrqhQGOiUlalrTtq6QPQm9dJpYfef6JmqbpP8az0eal2sdOdaby2UDsglxE8vatPF6ixI2xsJTahdgwKoUkwYuUXT1md_1hVhiQy6LFySxHiutYHFPqQwoXjV_xVeBhuuPMDqKxSCLbhwuwcnsV85uuyZnnyd-MNtZvABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY1tXH1oePhAOACgGYCwHICwGADAGqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAbIYBRhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Q2jp8l4DbCzBaqM-gOlTN7xSyFQYEgJ9fSTjyC3f6yL3-ZC4o7q5oCCpicQr-3MqtcE5jrKtp-Ssdpr04R4Lyyf4JTrrVxB0NhgB%26sig%3DAOD64_2CaegZtPtmCbPojNPHRPcXs2LOgQ%26client%3Dca-pub-9805514773957839%26dbm_c%3DAKAmf-COxHXEEoa6RhzUPfYNyMHAWok8F_Eh9efdogd9a6vHYcI9wFMdHh2d5VYfmSK2Ln-BxTi6VqMR1JyKeV05Mq3pdPxTlS-ft-bDuvixhf93JwBoO0AQNjsiumsBLcRXdDlN_QG0Zdr0mb5dY8G85WzORDFc0ZeQORMQYDDIr5aTZhkKroA%26cry%3D1%26dbm_d%3DAKAmf-CuaSaE1kolfz-5pY_oxGKT5Hxdugs4Oo-CsBlYEOSR0WSWLIfBefP7jK9S6kRThVSQvL2LOuyFBPZUfDyKGxdY58idqan5wR2VQE6XbO1gkCjDJ_mad9EFKoz4skcMbEypJuCAiIPpNLnL2yF5zWGB8QfaQ_RtBfCK82prajNjzET3EaAREAl7wRIiMSix3np4I3Fb-mPRFNiLF6PXDaT__VChKPMyspS5RKW2uYa9Ot6M3n3CmBQKjVfcElUpxSz3KIxAIrRfKYXKQ-PsSTOAa_VK_nh4guGzKXiZiZVyO2kVNkdpqsWA7C9nmlAgbhFkf9A4CfOh5deR7wNFE4W0agzQMiOU74y42kVu3KumhzTAZ3P2pIsxY0TWIoCwZOQgPWB2QkaZPJ2hKPktb4Od8KNv9imWBKApb_2F_Utua_0Y88qkAuY719P8Fyvvf65ncpV8qtVUXv8wN2PMCgujdcx1q13Wep_VsGt_MV5cF45bVmlkSAYf5W4LpavmG11sKKD8NPV7kiEDKFi7t_sU35atG7Oy2R77gvAK_LkGCHfGzqviF0QtGNcoudq7azmvZDTJpGgrtf5midOoBXV-olZT72qgn4yoYcjddUxOmzC0ffg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240131%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-9805514773957839%26fa%3D1%26ifi%3D3%26uci%3Da!3&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fskitterphoto.com&random=6878160278562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900013.redintelligence.net/request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=b8927e31f9&subid=&uid=5e1ef834eabddd38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf_4kjyK-ZdnEAvmQtOUPjbye8AuRwdCbaYP1g5LcD_AuEAEgr7DrJGD1hYCAzATIAQmpAkTCD6pwGbI-qAMByAObBKoEmgJP0NlnBe8Teix4McyQpt8re_jFsfut8nMx7bh8iG1iNK9yhabuwVLvwooZIryq90cxTb6iagLjBDVIYE66gXvWLwP3eiiJFpCL7jDgvafVtt7bdA8dOaIlmUvbS3Gcde4fWHluOfy0lr1W5oR3igC0Rq12g5NoevS5h-P1lfVf1doEvFO0HjZZ_xk87B7ZKH62QJAQ9-BEVP-0ldyhIFp2IrqhQGOiUlalrTtq6QPQm9dJpYfef6JmqbpP8az0eal2sdOdaby2UDsglxE8vatPF6ixI2xsJTahdgwKoUkwYuUXT1md_1hVhiQy6LFySxHiutYHFPqQwoXjV_xVeBhuuPMDqKxSCLbhwuwcnsV85uuyZnnyd-MNtZvABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY1tXH1oePhAOACgGYCwHICwGADAGqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAbIYBRhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Q2jp8l4DbCzBaqM-gOlTN7xSyFQYEgJ9fSTjyC3f6yL3-ZC4o7q5oCCpicQr-3MqtcE5jrKtp-Ssdpr04R4Lyyf4JTrrVxB0NhgB%26sig%3DAOD64_2CaegZtPtmCbPojNPHRPcXs2LOgQ%26client%3Dca-pub-9805514773957839%26dbm_c%3DAKAmf-COxHXEEoa6RhzUPfYNyMHAWok8F_Eh9efdogd9a6vHYcI9wFMdHh2d5VYfmSK2Ln-BxTi6VqMR1JyKeV05Mq3pdPxTlS-ft-bDuvixhf93JwBoO0AQNjsiumsBLcRXdDlN_QG0Zdr0mb5dY8G85WzORDFc0ZeQORMQYDDIr5aTZhkKroA%26cry%3D1%26dbm_d%3DAKAmf-CuaSaE1kolfz-5pY_oxGKT5Hxdugs4Oo-CsBlYEOSR0WSWLIfBefP7jK9S6kRThVSQvL2LOuyFBPZUfDyKGxdY58idqan5wR2VQE6XbO1gkCjDJ_mad9EFKoz4skcMbEypJuCAiIPpNLnL2yF5zWGB8QfaQ_RtBfCK82prajNjzET3EaAREAl7wRIiMSix3np4I3Fb-mPRFNiLF6PXDaT__VChKPMyspS5RKW2uYa9Ot6M3n3CmBQKjVfcElUpxSz3KIxAIrRfKYXKQ-PsSTOAa_VK_nh4guGzKXiZiZVyO2kVNkdpqsWA7C9nmlAgbhFkf9A4CfOh5deR7wNFE4W0agzQMiOU74y42kVu3KumhzTAZ3P2pIsxY0TWIoCwZOQgPWB2QkaZPJ2hKPktb4Od8KNv9imWBKApb_2F_Utua_0Y88qkAuY719P8Fyvvf65ncpV8qtVUXv8wN2PMCgujdcx1q13Wep_VsGt_MV5cF45bVmlkSAYf5W4LpavmG11sKKD8NPV7kiEDKFi7t_sU35atG7Oy2R77gvAK_LkGCHfGzqviF0QtGNcoudq7azmvZDTJpGgrtf5midOoBXV-olZT72qgn4yoYcjddUxOmzC0ffg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240131%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-9805514773957839%26fa%3D1%26ifi%3D3%26uci%3Da!3&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fskitterphoto.com&random=6878160278562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request tktxusa1 Show response
skitterphoto.com/photographers/83719/ 25 KB
26 KB 185ms
108ms Document
text/html 178.162.201.225
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://skitterphoto.com/photographers/83719/tktxusa1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.201.225 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: opal11.opalstack.com
Software: nginx /
Resource Hash: d4da7d4a3769315bf878ccfd8ec32593cd3dad0b0d030ac1fbac33355b8b698c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Sat, 03 Feb 2024 11:25:02 GMT
etag: "012afc9df10058f445680a7374119291"
server: nginx

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 118ms
68ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca72c36303fb46cb36a1d5a28d3d0c5c9629685c57f3fde47cb853561dd0a6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51342
x-xss-protection: 0
server: cafe
etag: 16865741378926025085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 03 Feb 2024 11:25:02 GMT

GET
H2 200 skitterphoto.css
skitterphoto.com/css/ 15 KB
15 KB 32ms
32ms Stylesheet
text/css 178.162.201.225
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://skitterphoto.com/css/skitterphoto.css?1490023633
Requested by: Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.201.225 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: opal11.opalstack.com
Software: nginx /
Resource Hash: 89c491423c07c10b468fe83f2aae3295f958d46fc4a6a09c5efc559f8fe03827

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/photographers/83719/tktxusa1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:02 GMT
last-modified: Mon, 20 Mar 2017 15:27:13 GMT
server: nginx
accept-ranges: bytes
etag: "3a21-54b2b296917b4"
content-length: 14881
content-type: text/css

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Feb 2024 09:30:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6859
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 03 Feb 2024 11:30:43 GMT

GET
H2 200 load-scripts.min.js Show response
skitterphoto.com/js/ 5 KB
5 KB 32ms
32ms Script
application/javascript 178.162.201.225
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://skitterphoto.com/js/load-scripts.min.js?1483906373
Requested by: Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.201.225 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: opal11.opalstack.com
Software: nginx /
Resource Hash: 3011e6d33e9ec97fa9fb3252bebc4d023c25a9efb8448dbefcf623fbf3cc6432

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/photographers/83719/tktxusa1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:02 GMT
last-modified: Sun, 08 Jan 2017 20:12:53 GMT
server: nginx
accept-ranges: bytes
etag: "1469-5459ae03ea379"
content-length: 5225
content-type: application/javascript

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 98ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae775e8a264a0664ad0933c609f5597933fe3d9121bbfd68f88aa7115c58f108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Feb 2024 11:25:02 GMT
content-md5: VKEm8FpFWE6WgIl0kJKoVQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: 6yoCaAUP+8Hp79Xs1nV+/BAJg4CLGn3nUz1lj4mi2qyV7PxzEexb4w446ZCJiVtoBx+D/f7z5Y5thoX1UrLnRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6dafc02c95d8101002361b95f4dfd094
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "5d737099862c05090cf852495492f050"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 03 Feb 2024 11:43:25 GMT

GET
H2 200 opensans-regular-webfont.woff2
skitterphoto.com/fonts/ 18 KB
18 KB 32ms
32ms Font
application/octet-stream 178.162.201.225
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://skitterphoto.com/fonts/opensans-regular-webfont.woff2
Requested by: Host: skitterphoto.com
URL: https://skitterphoto.com/css/skitterphoto.css?1490023633
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.201.225 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: opal11.opalstack.com
Software: nginx /
Resource Hash: 374f7e6606005eefafa3769082a2dd351474f9d9ac6dad6bca7fa43fdb0a9cd2

Request headers

Referer: https://skitterphoto.com/css/skitterphoto.css?1490023633
Origin: https://skitterphoto.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:02 GMT
last-modified: Sat, 26 Nov 2016 08:00:29 GMT
server: nginx
accept-ranges: bytes
etag: "4920-5422fa1da500f"
content-length: 18720

GET
H2 200 ubuntu-regular-webfont.woff2
skitterphoto.com/fonts/ 29 KB
29 KB 56ms
56ms Font
application/octet-stream 178.162.201.225
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://skitterphoto.com/fonts/ubuntu-regular-webfont.woff2
Requested by: Host: skitterphoto.com
URL: https://skitterphoto.com/css/skitterphoto.css?1490023633
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.201.225 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: opal11.opalstack.com
Software: nginx /
Resource Hash: 898229cca3393fd5b1a0679f3a9e8d580ffb412be1a589b3a2a3a473d2a2f3ce

Request headers

Referer: https://skitterphoto.com/css/skitterphoto.css?1490023633
Origin: https://skitterphoto.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:02 GMT
last-modified: Sat, 26 Nov 2016 08:00:30 GMT
server: nginx
accept-ranges: bytes
etag: "7540-5422fa1dcccc8"
content-length: 30016

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/js/load-scripts.min.js?1483906373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 10:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Feb 2025 10:35:26 GMT

GET
H2 200 skitterphoto.min.js Show response
skitterphoto.com/js/ 13 KB
14 KB 33ms
32ms Script
application/javascript 178.162.201.225
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://skitterphoto.com/js/skitterphoto.min.js?1483906373
Requested by: Host: skitterphoto.com
URL: https://skitterphoto.com/js/load-scripts.min.js?1483906373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.201.225 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: opal11.opalstack.com
Software: nginx /
Resource Hash: 368f3b9477efb952f5f8c6fb6124dbfff4954531fade6b4f187996ea73516924

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/photographers/83719/tktxusa1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:02 GMT
last-modified: Sun, 08 Jan 2017 20:12:53 GMT
server: nginx
accept-ranges: bytes
etag: "3565-5459ae0431feb"
content-length: 13669
content-type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
222 B 28ms
27ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=189363531&t=pageview&_s=1&dl=https%3A%2F%2Fskitterphoto.com%2Fphotographers%2F83719%2Ftktxusa1&ul=en-us&de=UTF-8&dt=%27tktxusa1%27%20on%20skitterphoto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=97683806&gjid=103101201&cid=184799987.1706959503&tid=UA-49878049-1&_gid=621183173.1706959503&_r=1&_slc=1&z=1059279284

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

95f9b4430fcc285f17833c44c253e93ef936430c040033ebae69a93484c0b95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://skitterphoto.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skitterphoto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 49ms
24ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=5fb249ee47ece918de4deb9d461b1144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bac26152f0bf917f3429ac97ff46cfe9c55b15751a99a348bac4d4839273ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://skitterphoto.com/
Origin: https://skitterphoto.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Feb 2024 11:25:02 GMT
content-md5: hwCvbUc1Ca7MvGiU/54YFA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87007
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: GVkhBCcnw/VfcyzPX10zyPUmVpPeZDa/JvzbQEqqW1oBKpBBkMKxvheeeJuPBisAd6miPDOl7zB/KgCGDL6rdA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 523562b2fda9d828b25f142cd0e51ba2
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "bcf53709e82e8e7a7c46b7544b1784c9"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 02 Feb 2025 10:01:38 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 83ms
28ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-49878049-1&cid=184799987.1706959503&jid=97683806&gjid=103101201&_gid=621183173.1706959503&_u=IEBAAAAAAAAAACAAI~&z=1615235015

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://skitterphoto.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Feb 2024 11:25:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skitterphoto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
84 KB 97ms
48ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-619P63YNGX&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e812d3de1343df34a9360657f48b80936b2351bd0b86e7431f23673132e284e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85421
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Feb 2024 11:25:02 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/ 406 KB
138 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js?bust=31080836

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ef683b501cbf37603edc414dc96c3668b57aaf93203995bfa943f1676ee72f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140917
x-xss-protection: 0
server: cafe
etag: 4045269680479107570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 11:25:02 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/ Frame E477 9 KB
5 KB 69ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skitterphoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 69620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 16:04:42 GMT
etag: 3890843268177463596
expires: Fri, 16 Feb 2024 16:04:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 97ms
47ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49878049-1&cid=184799987.1706959503&jid=97683806&_u=IEBAAAAAAAAAACAAI~&z=30833871

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 94ms
46ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49878049-1&cid=184799987.1706959503&jid=97683806&_u=IEBAAAAAAAAAACAAI~&z=30833871

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 91ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-619P63YNGX&_ono=1&gtm=45je41v0v9135197553za200&_p=1706959502729&_gaz=1&gcd=11l1l1l1l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=184799987.1706959503&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fskitterphoto.com%2Fphotographers%2F83719%2Ftktxusa1&dt=%27tktxusa1%27%20on%20skitterphoto&sid=1706959502&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=501
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-619P63YNGX&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skitterphoto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 28ms
28ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-619P63YNGX&cid=184799987.1706959503&gtm=45je41v0v9135197553za200&aip=1&dma=0&gcd=11l1l1l1l2&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-619P63YNGX&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skitterphoto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
107 B 50ms
49ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-619P63YNGX&cid=184799987.1706959503&gtm=45je41v0v9135197553za200&aip=1&dma=0&gcd=11l1l1l1l2&npa=0&z=840349933

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BFDE 276 KB
70 KB 561ms
560ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9805514773957839&output=html&adk=1812271804&adf=3025194257&lmt=1706959502&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fskitterphoto.com%2Fphotographers%2F83719%2Ftktxusa1&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706959502742&bpp=4&bdt=165&idt=189&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=416414541712&frm=20&pv=2&ga_vid=184799987.1706959503&ga_sid=1706959503&ga_hid=189363531&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080836%2C95322195%2C95320868%2C95321867%2C95324155%2C95324160&oid=2&pvsid=31040375612043&tmod=1167689565&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=198

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js?bust=31080836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75c1e220bdd4b0c138d089de77a6de9711bcf1b46fc20d18664fccffba224c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skitterphoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 70978
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Feb 2024 11:25:03 GMT
expires: Sat, 03 Feb 2024 11:25:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 132ms
131ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=SECTION&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 114ms
67ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240131&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js?bust=31080836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca3cb0008adeec663ab595b358d327b6aa551553aab37a51c66baac199a4b47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12028
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/ 165 KB
56 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/reactive_library_fy2021.js?bust=31080836

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js?bust=31080836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e154d246cbf24001ca0d0b4975e6d2b557b2f574083db23a5bed206e7f490097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57024
x-xss-protection: 0
server: cafe
etag: 7441129772029216285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 11:25:03 GMT

GET
H2 200 ca-pub-9805514773957839 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 128ms
70ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9805514773957839?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js?bust=31080836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1018eed8f6d7532cfa8954d5887e7a28cb5fdd201b84b2475b26f5c3891bde8c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jzDQHLq-cAl-0Un3GzwW2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-jzDQHLq-cAl-0Un3GzwW2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KwhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZBL6-ZJIAYi0gfif5iukbEO_w8WB5Ez6dlS9iOitbBZAG4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCwsd55VGoiFeDj6j_5YyyZw4tfmXUwASmlcXw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 101ms
51ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js?bust=31080836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:25:03 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/ Frame 2B33 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js?bust=31080836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skitterphoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 61266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 18:23:57 GMT
etag: 3890843268177463596
expires: Fri, 16 Feb 2024 18:23:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/ Frame A3BB 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js?bust=31080836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skitterphoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 61267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 18:23:57 GMT
etag: 3890843268177463596
expires: Fri, 16 Feb 2024 18:23:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXxnpxXyvfn2Qg1bDCPqjYmgpMmsX6U67khDkvMY-AO7PWYSkg0EbaU_dheK9RjujF_2tyQCJxfhM9wqmLrq-hhKNdrBp-X41tqrFL3Y0nxdXSrkUN_ipabKe0XRoz77gnzJS3V0g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxnpxXyvfn2Qg1bDCPqjYmgpMmsX6U67khDkvMY-AO7PWYSkg0EbaU_dheK9RjujF_2tyQCJxfhM9wqmLrq-hhKNdrBp-X41tqrFL3Y0nxdXSrkUN_ipabKe0XRoz77gnzJS3V0g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2OTU5NTAzLDc0NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9za2l0dGVycGhvdG8uY29tL3Bob3RvZ3JhcGhlcnMvODM3MTkvdGt0eHVzYTEiLG51bGwsW1s4LCJSVXJaQmprQU9SayJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMz5VRiJy9OwG--o2Sg4RI-wGtUBww/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

369355f5a3b6b152cf581eeec774a5247914f7fa115dd1fceb0dba1ef7526e8d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xhoqa5BbwY0fP5G6uroqCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:03 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xhoqa5BbwY0fP5G6uroqCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA3BI9g3UaEDulz2ANAeLPmTNYfwNx2e1zrHVALCx3nlUaiIV4OPqP_ljLJrBg469vTAAmvFdk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B34 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skitterphoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Feb 2024 10:55:41 GMT
expires: Sun, 02 Feb 2025 10:55:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 16F4 829 B
992 B 33ms
32ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bfc4cb0edb908b69b5028fdac9757854c725a49f679724209b069c5d10e8fc32

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UCADugRXMVBD33SkdCQvOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://skitterphoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UCADugRXMVBD33SkdCQvOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Feb 2024 11:25:04 GMT
expires: Sat, 03 Feb 2024 11:25:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame 2B33 4 KB
1 KB 80ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Feb 2024 11:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Feb 2024 10:06:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Feb 2024 11:25:04 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2B33 205 B
651 B 71ms
21ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:04:37 GMT
x-content-type-options: nosniff
age: 318027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 29 Jan 2025 19:04:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2B33 604 B
696 B 72ms
22ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:52:46 GMT
x-content-type-options: nosniff
age: 318738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 29 Jan 2025 18:52:46 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 2B33 16 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 20:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 14359709190881042667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 20:15:07 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 2B33 22 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 20:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 20:15:07 GMT

GET
H3 200 AGSKWxWzsJziP-5HHJ2hzv6inB23XhO8-q_s6x6NSg6gxGECbWhfoMTWCdPN9bF-YeXK0hXZ4yvhxCdxCQiDh7q5lCemqwY9SOgZo13zsj7bF2kXC1HNiA_fNlhWgUi-KhKK6cfQ6m3bVw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWzsJziP-5HHJ2hzv6inB23XhO8-q_s6x6NSg6gxGECbWhfoMTWCdPN9bF-YeXK0hXZ4yvhxCdxCQiDh7q5lCemqwY9SOgZo13zsj7bF2kXC1HNiA_fNlhWgUi-KhKK6cfQ6m3bVw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2OTU5NTA0LDk2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZGUiXSwiaHR0cHM6Ly9za2l0dGVycGhvdG8uY29tL3Bob3RvZ3JhcGhlcnMvODM3MTkvdGt0eHVzYTEiLG51bGwsW1s4LCJSVXJaQmprQU9SayJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e06e25b2781de8ab68250dae2f8d3ac85fa76a7199834384f4488e4a73971866

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-n9tLSUjXfSsUXEbHYEk-IA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-n9tLSUjXfSsUXEbHYEk-IA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA3BI9g3UaEDulz2ANAeLPmTNYfwNx2e1zrHVALCx3nlUaiIW4OSYc_bGWTaDj_Ds3AMtFVqg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 381B 478 B
199 B 59ms
58ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiZyYjGATAB&v=APEucNXx2a3GcPJitUUaUQJfpcIMGIBSyYCgVaaMyb2Mvi8TKPIsjLYnEnFn_vp-4urvhXpX2Kh7CQxMWJo8aadSULx7rea7pg

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Feb 2024 11:25:04 GMT
expires: Sat, 03 Feb 2024 11:25:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 115F 93 KB
33 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 11:25:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 115F 3 KB
1 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:33:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 115F 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:33:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 115F 205 KB
65 KB 129ms
78ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 11:25:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 115F 42 B
63 B 133ms
132ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Crtk5zwhM-u2wK_H_tzUwU7YKjsfjqRu8Xjwym2Fry6ZR5nD6zteKkBTIZFSZac7cnX-P5nGdCbKUlJTQlCrB_oDp1T0T5YM2xM1KAB2vIu9HGq7M

Requested by

Host: skitterphoto.com
URL: https://skitterphoto.com/photographers/83719/tktxusa1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 16F4 0
0 123ms
123ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240131&jk=31040375612043&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B34 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 10:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Feb 2025 10:55:41 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 381B 170 B
243 B 103ms
39ms Image
image/png 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiZyYjGATAB&v=APEucNXx2a3GcPJitUUaUQJfpcIMGIBSyYCgVaaMyb2Mvi8TKPIsjLYnEnFn_vp-4urvhXpX2Kh7CQxMWJo8aadSULx7rea7pg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 381B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEf5EIcKdLLeRiPsDs5PIDU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEf5EIcKdLLeRiPsDs5PIDU&google_cver=1&C=1

43 B
765 B

53ms
53ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEf5EIcKdLLeRiPsDs5PIDU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiZyYjGATAB&v=APEucNXx2a3GcPJitUUaUQJfpcIMGIBSyYCgVaaMyb2Mvi8TKPIsjLYnEnFn_vp-4urvhXpX2Kh7CQxMWJo8aadSULx7rea7pg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6d55JtnD9LoeaYf7eszOY1jZ4rafCUWctwf4rCDm2lLLjNlV62UbD%2FJa5MjYBPMXaZNSXuVOALtTDSqr5nspUXyGHXo3gY9FwQIQ4iIUC1sLzwD8wP0vfVQVLSWpfydD1lOa3uu7aF2Ajw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84fa4fa61b1c24c0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4McPflVkCL798lwFaoGHKPAJH2lZ7fmWcb50YTvJ%2FYumbH1U4zwQ96egcbp9Lw8dnbYi0BnNz03ksDe8nxmuAcaT%2Bi2GwDHpzDqDQrOZoLz4V2Ai9FFqBqXx7sweZpGCiQxq7L5scjjydg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEEf5EIcKdLLeRiPsDs5PIDU&google_cver=1&C=1
cache-control: no-cache
cf-ray: 84fa4fa5b9a524c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 381B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb4ikJUfAYGDo5tyw3-8wgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEf5EIcKdLLeRiPsDs5PIDU&google_cver=1

43 B
733 B

58ms
58ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEf5EIcKdLLeRiPsDs5PIDU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiZyYjGATAB&v=APEucNXx2a3GcPJitUUaUQJfpcIMGIBSyYCgVaaMyb2Mvi8TKPIsjLYnEnFn_vp-4urvhXpX2Kh7CQxMWJo8aadSULx7rea7pg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6zE6ADjP%2F5VEYQAg1hCuQG%2BspxQOGJ9YKfwp%2FPn%2FC5UjQoGuwtsWaMaKgTzkPNPruum2JOdJAqJyKRNTAoTMwubd09030PH4B4eqBFu5epJVQEaH23oDkHiZ36chk1OJK2CCRyvto7Q9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84fa4fa68c3524c0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEf5EIcKdLLeRiPsDs5PIDU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 73134fbfa16854d24caf7cd541ab86d9.js Show response
www.gstatic.com/mysidia/ Frame 65D6 9 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4097
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 Apr 2024 19:16:56 GMT

GET
H2 200 7dfdf8b262144ac723bd8dfaa5b64477.js Show response
www.gstatic.com/mysidia/ Frame 65D6 146 KB
54 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7dfdf8b262144ac723bd8dfaa5b64477.js?tag=video_mra/web_interstitial_raspberry_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6de3ad3fa25f37085126f16608ca90955af860c946391979e227ee7fc12466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 00:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54855
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 21:57:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 00:18:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 65D6 21 KB
1 KB 34ms
32ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Feb 2024 11:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Feb 2024 11:25:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Feb 2024 11:25:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 65D6 2 KB
822 B 23ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:33:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:33:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 65D6 23 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:33:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 65D6 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:33:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 65D6 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:33:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 65D6 205 KB
65 KB 92ms
90ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 11:25:04 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame 65D6 37 KB
15 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 Apr 2024 18:57:20 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 115F 0
20 B 134ms
133ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1757804241461&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 115F 0
20 B 132ms
132ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1757804241461&version=m202401290101&ct=77&x=1&cor=14422140284619570000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 115F 20 KB
13 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMPCxUTgd0k90z0hSoRjGRNTKgKLfqkEFIuSYY4OGxWg5HPbTiptTInchh3uQQNRolr_E8yvEesy1KWSCcOALo5w36QX49QFlr5JNsbuhQutmWdOS445TvwxKlJo3qqE-QGB9LB9c5DztXyUipRdEnCUXzrx5yDt3YCC0v8pct9a1WOkk&cry=1&dbm_d=AKAmf-ApZ3H-dyuVWopb3jO6JjrLJdLuUujxC-48D0Cd0PuhxmQLhmzz6GV1IElzOgPmcKBBLwH4mXRD7yFptWqZIjKiq7GDmA7RKhzXye3MWGRYlZbx3vP8QGxPeHlPDF1a7rgw603sXQg36CK-GjrSo942xqRXXVVtT0j5LYFpY3eSzeyv67pkYsVf38VKohklgM67wx2dF2wymPf3ZnQ4Q-8b7scR5RolQNGKavGlU88wyTuPBBR7h14v0_4RAimjltebJaiCAgzJR7D3mulZzEin_8X-nLddXwndkifOvhaIXD-n4npRheyzz7EM_tYsmhrJ0nGtNjyvxVMUhSfGLBqPxcVW3dRCRdzIn24zYeNp_b8mWvQL2cWRgYrT7eyu-dxbb2hmiSFZrzlXNWZIAXKEAbkgTkPDg0l2HZfhta0wdihfOuI6uYVmUNhQsJsvKLEm2T7y_OUgywta60Zf3fYMBNQGESPjwO1fYC6YxtwtSIRdTQE7ZSOARN2vyJZ2-1sth7F64YdJTf7XHHIDts4HG7LxAS97Sk28QyAI57Cy6AV2NNtMSPSRpvpXxUBF28UX4nUzA6qD3jb0yEcFHiXp8359Fj9dJ26VGfGHJ4NsHPIsS0jI7E1QVTBmL1eNvRkxXOckAe1qF_jV8AcH7O94g1ocJhnGGrmXYtlvP9qEedwwc8UUgZFdkEF4UfssHt9Sa-HBufjlqhO4HbQoh1_hiexd4MxNn9fCJlijWx4qphg8NcL_bnQdP7Eg39E3Q4pfGWmmQHv2MyCBJybVbGp55u6hEu24Q683S2IM4KWjfiveqsjLlN_cx2LLwY2KEXoP42-vL-5TpX14lcQOwMfnNtXGbcKSbUdaFh5L5FKWdWlVVx4kwD92ka3-UWoTWspMx77qUGAm-FEwSnMRaETxWb7d0uV9cEje8FIJbQhLSU1KVe8BteKsJjXDciSMKNCWrVZiRQ5Lx32p0QAjE7hAeVWAVVT2a7pKU1AQ9GUMDope7Gev6CQg0RoCy9NqyJ1vAvQSHK7arnusRWhpAi8fL8l4mWiL0oPSWcQ2kRCX2LLnaIgPpIk1G2YcZNOTkG8eZw2RhdZGh5amhhKcVJ3obHVg5aB-sRFxqCPJ6uQMp9p_NyLUGTkBliPy5YfLFJWWU9havSfSYsQv691vIeKa9mFTLpaqK1MaDBL2qSh7EB2p8VytAoE67ndwaIErOCbTZyGfWLSzfzW_eVftlQFp1HdI1Dp8LD8wR4MksKNT4_FQ8PJrERh_jv1a5bwLF3503XpaXiL3CIibj9rIa10KD7FJZYTcBihJ-qVg7sGmI9eP9gpiHmUgxGeWiPjAR47hSed-30mJ5z5ARp5M7CQWwzlndKvDMzAPEgpb_72wtcSWEcxbFAy1nulstKIcN3cBV0i47YQeyzFGLmGremCa1x2D8TnusvfJbNXfLjp-rwhcRsiemIducxiLQ3Q95zjiBDn4cJs_Z-V8si-VlMnxpo-4r24ZuRYbVl_uqotyTTnhwCgYEmtJvIHBaITZgWMynkSVsF_z6yQRV_SAVstMEil16NCs9jd-h0f_pU0jR3hMph0HoxiXDV7xZtuMoX3bUzX94Y6MCIW0i3uZ4rWCcqFMWbushRdYfxA0z8FFJSnL-G7KLqxSkABSAFNYIJwkCQGTi_z51YZx9ZCEVQvNA8ZBplelEPC76UgF4-E-jtGT6aLrynKa13cbwyQNe36p1AdDR8ilD5AA_YK35KB4PQg37tz8QjOZbcKBdJKhFNXfqY06M0erIBdMw9uVJzMazLXp9oRULtAggiWBGeIfmA4Z3F0JhDCunHDvSV7JHgvkwMvS2E6oLOoA7_zGyqNUCt4k3n2PjOAnHn4CN5uDa0oKs9gHyHk0GwEivAzMZuWgySfs87-9a5hrlFl0NGvyKZMo_kmF5UIC6EQD1zPpgVcsw4B5CcYkgZeHNJzMbU7rDsCAgVZ-kJr6OPPGmW875SnMSM6GlKcnKuEaqHZ0uUrhbyPRt_wwnDobepcJfRtB041KnHUSiZ84W1BIuyK01kcdlyDEojW6-f9fzVxhH5zDb0CowjX_zHHk7hqm95nIPGDQCWM5fT8lCZHXo5q9c_ukAqK9jGtUWnkT8nixS8F5UAR32zt5ZbqQAXbIyIWNmXRnMDHiAFjyh7XDgsVRc3rM9Vl1tlgA6kSAgToDqt3ltJVl8ygJnKBhinMeaD41sZLpYZfUJC4yeSFI6OJVO3LwBcxvWJ2vlhjupEsyBVBt3lMVULDWnSHdr6Yc5RbwLLAskgOc4-wTOQLOVOoRC-kxlKxZawYtGKFW_gb7f49gbsiJTnqg2g-BuTbTl7KmvMGfa5XZB0qQoXJMHCypLCb_UmiOT6M75kZUfGh-cb9_ZT4dXy0euFBoffRtezjsDkR9hfceaXg1uQ0KF118GFSwY_UYbCaIt6n8kp4wQ4O_VAJQ8sJL3EJEesEsbu8Cq5CaVdQvGRNGibhPLfkmt29DlKiFRGkj2dmsHVombg9iKoMOXmslGyr98ypM7wW5srJfSHRjCh4itBTDfhJenSG6nLVvu5t2xEj20hLC7Pmgjc5n6V4E0yRnAwciXCxg9EHCLgBlhPNZycuTfgVkw8VOYsvZvWj77YlLqT63x1zS5aWyGYIgZcraMvb0S8__IRaq7RigCSy2zaG20AXjd_nMnbn6GpATESsZBcllpkiSxfJDaQqfdVvOvFgzFsZ0v_U-7qzex0Bx8hG4UxIVfpGt1AZEUiSNUo7_MPOiGIauxhYaKoZ13hGbqPPvDXUTcc6b_Kwl7J1yZqoZrhhk_aF166KuFdeWFkPqudAPFQG0EkGyZczoiAwlMYKvs2SSjN9xmLESoQEZ1EmMvyxpRTwAu3XWtvtzueESL4DHTi_tCbEXgVxBkyoJLAQUwnrsIam2udJocz8QKDYw0yk7p7Sj8vztFE_3vaKexgTYcKGE_fGiPKA2ydC0fWEWR5dS60m7tn7orCn8cd3vlAjlxkyUSRZ_cQExv82-WInzFgn_yqxgFYcOGDc2m6xoi5lvVG84ZcqQEaHePblxY5RJBd1quxdhgBmuBNiOwBuDWIR2TefrnW1Xot6bNG7_Pke1WfGUbbDECOg85CNRyBVK7MdvCj63aUd_QpOCb2L6xskv5M3hs0RbJaM-8ZbZFxDfNKRKhWakn3bM0IBs5wEwGAYnUCooYKTD7o0PTHA_X2gHIvDvafx4WcluQJPqZJjHg0Evmu6GPqYXvBrHxpgKFBJWLpwWBn9p4JFe42GQ8mER5QY7n_MxrbQZ5kfcNlqobvBPQ6cxsCvPSh9TvfLrXUcRmwqhwO27go8aFUQdUdn-_T4bw9AkMnWtaTubyk15HzKZoWgLml6De-uFAuEqCtPUgUwhnbfqpt-Z3Ei0kyikJ3aI1Bzhd2c3q-uNJ8KsWq5R9NZMNG-unyQXa4hqjVxNFLAvnMGCIyy5W7H-c7RTT3PXryisCg7OsDuACbojdgyYz6NR5O-q6VFwzq-Nx5vrdD1dJL7DVzrt8fmgwPn3vQmvPq55U0uacgECWkfaoquEPlSiCvx68n_0J6lhPjcfl7rE5BpBYDTc2fptfy3ZmL6N9ziGIx2n4jUomhvSRxwBehRAv61VFcONLVDJ6x3B5cgq6zBuw4cD0Bb9dbwz8jb-oHax8unSH5T_fliS4BcYTA4TUGnhFcQdzcUYNMGouc16DyfIFOnHrt0Zahj-YnVEb3umB6BfVidJpjNfS3OalU-o3uuWfo_eTYWpRtSxy12_ySLUSYw8CCzGe-KZUYHoXHhQVVcIU9Y1sgOq_RfYCUn0vNeSllMkxGXmq5OeMDo_JyNPKUXSmD_xU0F2VjBwm6a9osrTZ_71FU5FnlB6HnCL4dRrXHCkCjcNa1dbdCz03HFKwwMrUWJrHa3LIDvLb7j7U6R0TDpxD74pF2OAkAhxyc0uoD2uEYRaX7HJ0ROMuLqd3hNADMZERbFwZogxom7E-h26NRGplBKSLiVFXyG6_kwlEc97kbUoSpL4Wd2XiDdlZ6foQRbF_P8Aag&cid=CAQSTgAvHhf_Q2jp8l4DbCzBaqM-gOlTN7xSyFQYEgJ9fSTjyC3f6yL3-ZC4o7q5oCCpicQr-3MqtcE5jrKtp-Ssdpr04R4Lyyf4JTrrVxB0NhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fskitterphoto.com%2F&ds=l&xdt=1&iif=1&cor=14422140284619570000&adk=1877897942&idt=78&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c0bc10a39191a052355a465832408b2fd38054058a5172d28bea0118be8cca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13533
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8B34 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ImlCJg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 115F 41 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMPCxUTgd0k90z0hSoRjGRNTKgKLfqkEFIuSYY4OGxWg5HPbTiptTInchh3uQQNRolr_E8yvEesy1KWSCcOALo5w36QX49QFlr5JNsbuhQutmWdOS445TvwxKlJo3qqE-QGB9LB9c5DztXyUipRdEnCUXzrx5yDt3YCC0v8pct9a1WOkk&cry=1&dbm_d=AKAmf-ApZ3H-dyuVWopb3jO6JjrLJdLuUujxC-48D0Cd0PuhxmQLhmzz6GV1IElzOgPmcKBBLwH4mXRD7yFptWqZIjKiq7GDmA7RKhzXye3MWGRYlZbx3vP8QGxPeHlPDF1a7rgw603sXQg36CK-GjrSo942xqRXXVVtT0j5LYFpY3eSzeyv67pkYsVf38VKohklgM67wx2dF2wymPf3ZnQ4Q-8b7scR5RolQNGKavGlU88wyTuPBBR7h14v0_4RAimjltebJaiCAgzJR7D3mulZzEin_8X-nLddXwndkifOvhaIXD-n4npRheyzz7EM_tYsmhrJ0nGtNjyvxVMUhSfGLBqPxcVW3dRCRdzIn24zYeNp_b8mWvQL2cWRgYrT7eyu-dxbb2hmiSFZrzlXNWZIAXKEAbkgTkPDg0l2HZfhta0wdihfOuI6uYVmUNhQsJsvKLEm2T7y_OUgywta60Zf3fYMBNQGESPjwO1fYC6YxtwtSIRdTQE7ZSOARN2vyJZ2-1sth7F64YdJTf7XHHIDts4HG7LxAS97Sk28QyAI57Cy6AV2NNtMSPSRpvpXxUBF28UX4nUzA6qD3jb0yEcFHiXp8359Fj9dJ26VGfGHJ4NsHPIsS0jI7E1QVTBmL1eNvRkxXOckAe1qF_jV8AcH7O94g1ocJhnGGrmXYtlvP9qEedwwc8UUgZFdkEF4UfssHt9Sa-HBufjlqhO4HbQoh1_hiexd4MxNn9fCJlijWx4qphg8NcL_bnQdP7Eg39E3Q4pfGWmmQHv2MyCBJybVbGp55u6hEu24Q683S2IM4KWjfiveqsjLlN_cx2LLwY2KEXoP42-vL-5TpX14lcQOwMfnNtXGbcKSbUdaFh5L5FKWdWlVVx4kwD92ka3-UWoTWspMx77qUGAm-FEwSnMRaETxWb7d0uV9cEje8FIJbQhLSU1KVe8BteKsJjXDciSMKNCWrVZiRQ5Lx32p0QAjE7hAeVWAVVT2a7pKU1AQ9GUMDope7Gev6CQg0RoCy9NqyJ1vAvQSHK7arnusRWhpAi8fL8l4mWiL0oPSWcQ2kRCX2LLnaIgPpIk1G2YcZNOTkG8eZw2RhdZGh5amhhKcVJ3obHVg5aB-sRFxqCPJ6uQMp9p_NyLUGTkBliPy5YfLFJWWU9havSfSYsQv691vIeKa9mFTLpaqK1MaDBL2qSh7EB2p8VytAoE67ndwaIErOCbTZyGfWLSzfzW_eVftlQFp1HdI1Dp8LD8wR4MksKNT4_FQ8PJrERh_jv1a5bwLF3503XpaXiL3CIibj9rIa10KD7FJZYTcBihJ-qVg7sGmI9eP9gpiHmUgxGeWiPjAR47hSed-30mJ5z5ARp5M7CQWwzlndKvDMzAPEgpb_72wtcSWEcxbFAy1nulstKIcN3cBV0i47YQeyzFGLmGremCa1x2D8TnusvfJbNXfLjp-rwhcRsiemIducxiLQ3Q95zjiBDn4cJs_Z-V8si-VlMnxpo-4r24ZuRYbVl_uqotyTTnhwCgYEmtJvIHBaITZgWMynkSVsF_z6yQRV_SAVstMEil16NCs9jd-h0f_pU0jR3hMph0HoxiXDV7xZtuMoX3bUzX94Y6MCIW0i3uZ4rWCcqFMWbushRdYfxA0z8FFJSnL-G7KLqxSkABSAFNYIJwkCQGTi_z51YZx9ZCEVQvNA8ZBplelEPC76UgF4-E-jtGT6aLrynKa13cbwyQNe36p1AdDR8ilD5AA_YK35KB4PQg37tz8QjOZbcKBdJKhFNXfqY06M0erIBdMw9uVJzMazLXp9oRULtAggiWBGeIfmA4Z3F0JhDCunHDvSV7JHgvkwMvS2E6oLOoA7_zGyqNUCt4k3n2PjOAnHn4CN5uDa0oKs9gHyHk0GwEivAzMZuWgySfs87-9a5hrlFl0NGvyKZMo_kmF5UIC6EQD1zPpgVcsw4B5CcYkgZeHNJzMbU7rDsCAgVZ-kJr6OPPGmW875SnMSM6GlKcnKuEaqHZ0uUrhbyPRt_wwnDobepcJfRtB041KnHUSiZ84W1BIuyK01kcdlyDEojW6-f9fzVxhH5zDb0CowjX_zHHk7hqm95nIPGDQCWM5fT8lCZHXo5q9c_ukAqK9jGtUWnkT8nixS8F5UAR32zt5ZbqQAXbIyIWNmXRnMDHiAFjyh7XDgsVRc3rM9Vl1tlgA6kSAgToDqt3ltJVl8ygJnKBhinMeaD41sZLpYZfUJC4yeSFI6OJVO3LwBcxvWJ2vlhjupEsyBVBt3lMVULDWnSHdr6Yc5RbwLLAskgOc4-wTOQLOVOoRC-kxlKxZawYtGKFW_gb7f49gbsiJTnqg2g-BuTbTl7KmvMGfa5XZB0qQoXJMHCypLCb_UmiOT6M75kZUfGh-cb9_ZT4dXy0euFBoffRtezjsDkR9hfceaXg1uQ0KF118GFSwY_UYbCaIt6n8kp4wQ4O_VAJQ8sJL3EJEesEsbu8Cq5CaVdQvGRNGibhPLfkmt29DlKiFRGkj2dmsHVombg9iKoMOXmslGyr98ypM7wW5srJfSHRjCh4itBTDfhJenSG6nLVvu5t2xEj20hLC7Pmgjc5n6V4E0yRnAwciXCxg9EHCLgBlhPNZycuTfgVkw8VOYsvZvWj77YlLqT63x1zS5aWyGYIgZcraMvb0S8__IRaq7RigCSy2zaG20AXjd_nMnbn6GpATESsZBcllpkiSxfJDaQqfdVvOvFgzFsZ0v_U-7qzex0Bx8hG4UxIVfpGt1AZEUiSNUo7_MPOiGIauxhYaKoZ13hGbqPPvDXUTcc6b_Kwl7J1yZqoZrhhk_aF166KuFdeWFkPqudAPFQG0EkGyZczoiAwlMYKvs2SSjN9xmLESoQEZ1EmMvyxpRTwAu3XWtvtzueESL4DHTi_tCbEXgVxBkyoJLAQUwnrsIam2udJocz8QKDYw0yk7p7Sj8vztFE_3vaKexgTYcKGE_fGiPKA2ydC0fWEWR5dS60m7tn7orCn8cd3vlAjlxkyUSRZ_cQExv82-WInzFgn_yqxgFYcOGDc2m6xoi5lvVG84ZcqQEaHePblxY5RJBd1quxdhgBmuBNiOwBuDWIR2TefrnW1Xot6bNG7_Pke1WfGUbbDECOg85CNRyBVK7MdvCj63aUd_QpOCb2L6xskv5M3hs0RbJaM-8ZbZFxDfNKRKhWakn3bM0IBs5wEwGAYnUCooYKTD7o0PTHA_X2gHIvDvafx4WcluQJPqZJjHg0Evmu6GPqYXvBrHxpgKFBJWLpwWBn9p4JFe42GQ8mER5QY7n_MxrbQZ5kfcNlqobvBPQ6cxsCvPSh9TvfLrXUcRmwqhwO27go8aFUQdUdn-_T4bw9AkMnWtaTubyk15HzKZoWgLml6De-uFAuEqCtPUgUwhnbfqpt-Z3Ei0kyikJ3aI1Bzhd2c3q-uNJ8KsWq5R9NZMNG-unyQXa4hqjVxNFLAvnMGCIyy5W7H-c7RTT3PXryisCg7OsDuACbojdgyYz6NR5O-q6VFwzq-Nx5vrdD1dJL7DVzrt8fmgwPn3vQmvPq55U0uacgECWkfaoquEPlSiCvx68n_0J6lhPjcfl7rE5BpBYDTc2fptfy3ZmL6N9ziGIx2n4jUomhvSRxwBehRAv61VFcONLVDJ6x3B5cgq6zBuw4cD0Bb9dbwz8jb-oHax8unSH5T_fliS4BcYTA4TUGnhFcQdzcUYNMGouc16DyfIFOnHrt0Zahj-YnVEb3umB6BfVidJpjNfS3OalU-o3uuWfo_eTYWpRtSxy12_ySLUSYw8CCzGe-KZUYHoXHhQVVcIU9Y1sgOq_RfYCUn0vNeSllMkxGXmq5OeMDo_JyNPKUXSmD_xU0F2VjBwm6a9osrTZ_71FU5FnlB6HnCL4dRrXHCkCjcNa1dbdCz03HFKwwMrUWJrHa3LIDvLb7j7U6R0TDpxD74pF2OAkAhxyc0uoD2uEYRaX7HJ0ROMuLqd3hNADMZERbFwZogxom7E-h26NRGplBKSLiVFXyG6_kwlEc97kbUoSpL4Wd2XiDdlZ6foQRbF_P8Aag&cid=CAQSTgAvHhf_Q2jp8l4DbCzBaqM-gOlTN7xSyFQYEgJ9fSTjyC3f6yL3-ZC4o7q5oCCpicQr-3MqtcE5jrKtp-Ssdpr04R4Lyyf4JTrrVxB0NhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fskitterphoto.com%2F&ds=l&xdt=1&iif=1&cor=14422140284619570000&adk=1877897942&idt=78&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:13:00 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjk1OTUwNDIyNjUxOAogIHNlcnZlcl9pcDogMTM5Nzk1MTU1CiAgcHJvY2Vzc19pZDogMjcwMTU5Nzk3Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 115F 0
867 B 119ms
56ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjk1OTUwNDIyNjUxOAogIHNlcnZlcl9pcDogMTM5Nzk1MTU1CiAgcHJvY2Vzc19pZDogMjcwMTU5Nzk3Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA5NjEwNDAyNDg1Mzc5NDEyOTkxCmRlYnVnX2tleTogNTM2ODY4NzAwMTc1Mjg4NzQ1OQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMDMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjA3MDU1NwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjI2NzkwMjA5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE1Mzc2NTM3CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xef89c319ac1df5120000000000000000","13":"0xf6af092aab4a499d0000000000000000","14":"0x7d98ee1d37fb803f0000000000000000","15":"0x8d3fd26ab4e811c30000000000000000"},"debug_key":"5368687001752887459","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"9610402485379412991"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khr4rmdzysvp Show response
hal9000.redintelligence.net/zone/ Frame 115F 11 KB
4 KB 90ms
27ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/khr4rmdzysvp?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf_4kjyK-ZdnEAvmQtOUPjbye8AuRwdCbaYP1g5LcD_AuEAEgr7DrJGD1hYCAzATIAQmpAkTCD6pwGbI-qAMByAObBKoEmgJP0NlnBe8Teix4McyQpt8re_jFsfut8nMx7bh8iG1iNK9yhabuwVLvwooZIryq90cxTb6iagLjBDVIYE66gXvWLwP3eiiJFpCL7jDgvafVtt7bdA8dOaIlmUvbS3Gcde4fWHluOfy0lr1W5oR3igC0Rq12g5NoevS5h-P1lfVf1doEvFO0HjZZ_xk87B7ZKH62QJAQ9-BEVP-0ldyhIFp2IrqhQGOiUlalrTtq6QPQm9dJpYfef6JmqbpP8az0eal2sdOdaby2UDsglxE8vatPF6ixI2xsJTahdgwKoUkwYuUXT1md_1hVhiQy6LFySxHiutYHFPqQwoXjV_xVeBhuuPMDqKxSCLbhwuwcnsV85uuyZnnyd-MNtZvABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY1tXH1oePhAOACgGYCwHICwGADAGqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAbIYBRhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Q2jp8l4DbCzBaqM-gOlTN7xSyFQYEgJ9fSTjyC3f6yL3-ZC4o7q5oCCpicQr-3MqtcE5jrKtp-Ssdpr04R4Lyyf4JTrrVxB0NhgB%26sig%3DAOD64_2CaegZtPtmCbPojNPHRPcXs2LOgQ%26client%3Dca-pub-9805514773957839%26dbm_c%3DAKAmf-COxHXEEoa6RhzUPfYNyMHAWok8F_Eh9efdogd9a6vHYcI9wFMdHh2d5VYfmSK2Ln-BxTi6VqMR1JyKeV05Mq3pdPxTlS-ft-bDuvixhf93JwBoO0AQNjsiumsBLcRXdDlN_QG0Zdr0mb5dY8G85WzORDFc0ZeQORMQYDDIr5aTZhkKroA%26cry%3D1%26dbm_d%3DAKAmf-CuaSaE1kolfz-5pY_oxGKT5Hxdugs4Oo-CsBlYEOSR0WSWLIfBefP7jK9S6kRThVSQvL2LOuyFBPZUfDyKGxdY58idqan5wR2VQE6XbO1gkCjDJ_mad9EFKoz4skcMbEypJuCAiIPpNLnL2yF5zWGB8QfaQ_RtBfCK82prajNjzET3EaAREAl7wRIiMSix3np4I3Fb-mPRFNiLF6PXDaT__VChKPMyspS5RKW2uYa9Ot6M3n3CmBQKjVfcElUpxSz3KIxAIrRfKYXKQ-PsSTOAa_VK_nh4guGzKXiZiZVyO2kVNkdpqsWA7C9nmlAgbhFkf9A4CfOh5deR7wNFE4W0agzQMiOU74y42kVu3KumhzTAZ3P2pIsxY0TWIoCwZOQgPWB2QkaZPJ2hKPktb4Od8KNv9imWBKApb_2F_Utua_0Y88qkAuY719P8Fyvvf65ncpV8qtVUXv8wN2PMCgujdcx1q13Wep_VsGt_MV5cF45bVmlkSAYf5W4LpavmG11sKKD8NPV7kiEDKFi7t_sU35atG7Oy2R77gvAK_LkGCHfGzqviF0QtGNcoudq7azmvZDTJpGgrtf5midOoBXV-olZT72qgn4yoYcjddUxOmzC0ffg%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: ee60209e5bbce23b8549d3bf9ed2f3e89c85a5460aed3f4d6830071fc63f2840

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Feb 2024 11:25:04 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4238
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4306 38 KB
13 KB 21ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 317353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 19:15:51 GMT
expires: Wed, 29 Jan 2025 19:15:51 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B14 51 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 318872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 18:50:32 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4306 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 10:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Feb 2025 10:55:41 GMT

GET
H/1.1

200
OK

request.php Show response
hal900013.redintelligence.net/ Frame 115F
Redirect Chain

https://hal900013.redintelligence.net/request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=b8927e31f9&subid=&uid=5e1ef834eabddd38&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900013.redintelligence.net/request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=b8927e31f9&subid=&uid=5e1ef834eabddd38&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
937 B

162ms
112ms

Script
application/x-javascript

116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=b8927e31f9&subid=&uid=5e1ef834eabddd38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf_4kjyK-ZdnEAvmQtOUPjbye8AuRwdCbaYP1g5LcD_AuEAEgr7DrJGD1hYCAzATIAQmpAkTCD6pwGbI-qAMByAObBKoEmgJP0NlnBe8Teix4McyQpt8re_jFsfut8nMx7bh8iG1iNK9yhabuwVLvwooZIryq90cxTb6iagLjBDVIYE66gXvWLwP3eiiJFpCL7jDgvafVtt7bdA8dOaIlmUvbS3Gcde4fWHluOfy0lr1W5oR3igC0Rq12g5NoevS5h-P1lfVf1doEvFO0HjZZ_xk87B7ZKH62QJAQ9-BEVP-0ldyhIFp2IrqhQGOiUlalrTtq6QPQm9dJpYfef6JmqbpP8az0eal2sdOdaby2UDsglxE8vatPF6ixI2xsJTahdgwKoUkwYuUXT1md_1hVhiQy6LFySxHiutYHFPqQwoXjV_xVeBhuuPMDqKxSCLbhwuwcnsV85uuyZnnyd-MNtZvABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY1tXH1oePhAOACgGYCwHICwGADAGqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAbIYBRhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Q2jp8l4DbCzBaqM-gOlTN7xSyFQYEgJ9fSTjyC3f6yL3-ZC4o7q5oCCpicQr-3MqtcE5jrKtp-Ssdpr04R4Lyyf4JTrrVxB0NhgB%26sig%3DAOD64_2CaegZtPtmCbPojNPHRPcXs2LOgQ%26client%3Dca-pub-9805514773957839%26dbm_c%3DAKAmf-COxHXEEoa6RhzUPfYNyMHAWok8F_Eh9efdogd9a6vHYcI9wFMdHh2d5VYfmSK2Ln-BxTi6VqMR1JyKeV05Mq3pdPxTlS-ft-bDuvixhf93JwBoO0AQNjsiumsBLcRXdDlN_QG0Zdr0mb5dY8G85WzORDFc0ZeQORMQYDDIr5aTZhkKroA%26cry%3D1%26dbm_d%3DAKAmf-CuaSaE1kolfz-5pY_oxGKT5Hxdugs4Oo-CsBlYEOSR0WSWLIfBefP7jK9S6kRThVSQvL2LOuyFBPZUfDyKGxdY58idqan5wR2VQE6XbO1gkCjDJ_mad9EFKoz4skcMbEypJuCAiIPpNLnL2yF5zWGB8QfaQ_RtBfCK82prajNjzET3EaAREAl7wRIiMSix3np4I3Fb-mPRFNiLF6PXDaT__VChKPMyspS5RKW2uYa9Ot6M3n3CmBQKjVfcElUpxSz3KIxAIrRfKYXKQ-PsSTOAa_VK_nh4guGzKXiZiZVyO2kVNkdpqsWA7C9nmlAgbhFkf9A4CfOh5deR7wNFE4W0agzQMiOU74y42kVu3KumhzTAZ3P2pIsxY0TWIoCwZOQgPWB2QkaZPJ2hKPktb4Od8KNv9imWBKApb_2F_Utua_0Y88qkAuY719P8Fyvvf65ncpV8qtVUXv8wN2PMCgujdcx1q13Wep_VsGt_MV5cF45bVmlkSAYf5W4LpavmG11sKKD8NPV7kiEDKFi7t_sU35atG7Oy2R77gvAK_LkGCHfGzqviF0QtGNcoudq7azmvZDTJpGgrtf5midOoBXV-olZT72qgn4yoYcjddUxOmzC0ffg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240131%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-9805514773957839%26fa%3D1%26ifi%3D3%26uci%3Da!3&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fskitterphoto.com&random=6878160278562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 706721cce9518ee5d71b0dce4a44ae81a958eb87f63870af6c53953aa284e6d1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Feb 2024 11:25:04 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 18131300063646304438266012589013
Connection: close
Content-Length: 331
Expires: Sat, 03 Feb 2024 11:25:04 +0100

Redirect headers

Pragma: no-cache
Date: Sat, 03 Feb 2024 11:25:04 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=b8927e31f9&subid=&uid=5e1ef834eabddd38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf_4kjyK-ZdnEAvmQtOUPjbye8AuRwdCbaYP1g5LcD_AuEAEgr7DrJGD1hYCAzATIAQmpAkTCD6pwGbI-qAMByAObBKoEmgJP0NlnBe8Teix4McyQpt8re_jFsfut8nMx7bh8iG1iNK9yhabuwVLvwooZIryq90cxTb6iagLjBDVIYE66gXvWLwP3eiiJFpCL7jDgvafVtt7bdA8dOaIlmUvbS3Gcde4fWHluOfy0lr1W5oR3igC0Rq12g5NoevS5h-P1lfVf1doEvFO0HjZZ_xk87B7ZKH62QJAQ9-BEVP-0ldyhIFp2IrqhQGOiUlalrTtq6QPQm9dJpYfef6JmqbpP8az0eal2sdOdaby2UDsglxE8vatPF6ixI2xsJTahdgwKoUkwYuUXT1md_1hVhiQy6LFySxHiutYHFPqQwoXjV_xVeBhuuPMDqKxSCLbhwuwcnsV85uuyZnnyd-MNtZvABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY1tXH1oePhAOACgGYCwHICwGADAGqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAbIYBRhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Q2jp8l4DbCzBaqM-gOlTN7xSyFQYEgJ9fSTjyC3f6yL3-ZC4o7q5oCCpicQr-3MqtcE5jrKtp-Ssdpr04R4Lyyf4JTrrVxB0NhgB%26sig%3DAOD64_2CaegZtPtmCbPojNPHRPcXs2LOgQ%26client%3Dca-pub-9805514773957839%26dbm_c%3DAKAmf-COxHXEEoa6RhzUPfYNyMHAWok8F_Eh9efdogd9a6vHYcI9wFMdHh2d5VYfmSK2Ln-BxTi6VqMR1JyKeV05Mq3pdPxTlS-ft-bDuvixhf93JwBoO0AQNjsiumsBLcRXdDlN_QG0Zdr0mb5dY8G85WzORDFc0ZeQORMQYDDIr5aTZhkKroA%26cry%3D1%26dbm_d%3DAKAmf-CuaSaE1kolfz-5pY_oxGKT5Hxdugs4Oo-CsBlYEOSR0WSWLIfBefP7jK9S6kRThVSQvL2LOuyFBPZUfDyKGxdY58idqan5wR2VQE6XbO1gkCjDJ_mad9EFKoz4skcMbEypJuCAiIPpNLnL2yF5zWGB8QfaQ_RtBfCK82prajNjzET3EaAREAl7wRIiMSix3np4I3Fb-mPRFNiLF6PXDaT__VChKPMyspS5RKW2uYa9Ot6M3n3CmBQKjVfcElUpxSz3KIxAIrRfKYXKQ-PsSTOAa_VK_nh4guGzKXiZiZVyO2kVNkdpqsWA7C9nmlAgbhFkf9A4CfOh5deR7wNFE4W0agzQMiOU74y42kVu3KumhzTAZ3P2pIsxY0TWIoCwZOQgPWB2QkaZPJ2hKPktb4Od8KNv9imWBKApb_2F_Utua_0Y88qkAuY719P8Fyvvf65ncpV8qtVUXv8wN2PMCgujdcx1q13Wep_VsGt_MV5cF45bVmlkSAYf5W4LpavmG11sKKD8NPV7kiEDKFi7t_sU35atG7Oy2R77gvAK_LkGCHfGzqviF0QtGNcoudq7azmvZDTJpGgrtf5midOoBXV-olZT72qgn4yoYcjddUxOmzC0ffg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240131%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-9805514773957839%26fa%3D1%26ifi%3D3%26uci%3Da!3&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fskitterphoto.com&random=6878160278562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sat, 03 Feb 2024 11:25:04 +0100

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4306 0
20 B 139ms
138ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BFHzxkCK-ZdbpDdO11PIPmbqciAoAAAAAOAHgBAI&bg=!ExClEF_NAAa8BdJLnAU7ADQBe5WfOFXGb0gF0ayfu6h739Pve6VGOJBwL6QXjF_3DCCo4eDkc195VHCxhHa4hyjJtUMdAgAAAGVSAAAAAWgBB5kC_14uteAIGul5vJUDUPF6WcY_AeKWzZfZd4T6xQ19MBWK7DhC3r3-_gRhNbbOB7Krswtv6bSMN6-7ZmN7s_0pEMenOvra_4oePw10ypGCwbE3JNm04Oi58Ty2bq4XkeZOGIm8-JQJDFEjjO0zuw3NuUWYIdPBa_Z9Tlww_9R2OYMApeFlVUPCSiLGVwJ9GON-3NP-33gVFRyYaBvPIYUBQMieuyGwmIo4TgU5OxpnbO8GGhWgX0VoEdAmevNozTGByqtEYWqhcTdYnuIKm7rz8EcmN_DxyJjh176SvZ-JRgceotvd51mAsyqd6c4tqatrUGRFY0wMGH8Iur-pHr0D5tX0F6wJF1-J7szsIfFhQX8d7ORO6K_YBMgvyuBnIAf0s5a0FEmyOmz8wNV49kbd_P6pQjDtZ1TJRgzhnkdLJk5W3IuaTfU6JDazfFcp0InulFSsAVI7PvApaIVy6y8RJRoDkeoVxwRZcHDiq4SmJTrxDUh-ZdZIpi52ZcvCzfbQ0fFrWq--AGqJHRW6uRwiuHo5mXjA0nafZUQuf44KSjZ2J5-vFjhEiZBmbnqVb71wxQXuHQd5gY-67EEiMarS5otbNHVLR4sk8_7rsBvluakkGf9WE-miimYmXZTbPxc46e0wznbaH699OIo344NO-fqjQLss9KAipihMuFX0oV_JKQ19pkSSPk7ExyKtX0sVKDmGSgpTsFpPI5n_5ztFYlz7ejVAmwWeRXHuws_97KupCvUbp1qzMH5FXJj64K6NoTBL9MMbKXjQvaiV4CrmJ12kkEE49laFp_CR6lmHWl2IVwqhAnJWnYk2STgi-IqMwvhYPS3Qfu5_e-RL222EvkwMOJaZPYbfaI1PXQjMJg32gdRRUdlFL9E_LdbuKL3xrv9lmuDjtNlaad5p5PuArhnZKfSK5WxuG5M3EsIdLAN1ww366ZWLoOLBEp-Bcxgph5E4rxClzxILecgM40md10X-052M1JmqYAw6OChjPfe3DyUSiR1pO-mQg3KPQl6e

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900013.redintelligence.net/ Frame 9D11 4 KB
2 KB 76ms
26ms Document
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request_content.php?s=18131300063646304438266012589013&a=030d7833
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=b8927e31f9&subid=&uid=5e1ef834eabddd38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCf_4kjyK-ZdnEAvmQtOUPjbye8AuRwdCbaYP1g5LcD_AuEAEgr7DrJGD1hYCAzATIAQmpAkTCD6pwGbI-qAMByAObBKoEmgJP0NlnBe8Teix4McyQpt8re_jFsfut8nMx7bh8iG1iNK9yhabuwVLvwooZIryq90cxTb6iagLjBDVIYE66gXvWLwP3eiiJFpCL7jDgvafVtt7bdA8dOaIlmUvbS3Gcde4fWHluOfy0lr1W5oR3igC0Rq12g5NoevS5h-P1lfVf1doEvFO0HjZZ_xk87B7ZKH62QJAQ9-BEVP-0ldyhIFp2IrqhQGOiUlalrTtq6QPQm9dJpYfef6JmqbpP8az0eal2sdOdaby2UDsglxE8vatPF6ixI2xsJTahdgwKoUkwYuUXT1md_1hVhiQy6LFySxHiutYHFPqQwoXjV_xVeBhuuPMDqKxSCLbhwuwcnsV85uuyZnnyd-MNtZvABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY1tXH1oePhAOACgGYCwHICwGADAGqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAbIYBRhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Q2jp8l4DbCzBaqM-gOlTN7xSyFQYEgJ9fSTjyC3f6yL3-ZC4o7q5oCCpicQr-3MqtcE5jrKtp-Ssdpr04R4Lyyf4JTrrVxB0NhgB%26sig%3DAOD64_2CaegZtPtmCbPojNPHRPcXs2LOgQ%26client%3Dca-pub-9805514773957839%26dbm_c%3DAKAmf-COxHXEEoa6RhzUPfYNyMHAWok8F_Eh9efdogd9a6vHYcI9wFMdHh2d5VYfmSK2Ln-BxTi6VqMR1JyKeV05Mq3pdPxTlS-ft-bDuvixhf93JwBoO0AQNjsiumsBLcRXdDlN_QG0Zdr0mb5dY8G85WzORDFc0ZeQORMQYDDIr5aTZhkKroA%26cry%3D1%26dbm_d%3DAKAmf-CuaSaE1kolfz-5pY_oxGKT5Hxdugs4Oo-CsBlYEOSR0WSWLIfBefP7jK9S6kRThVSQvL2LOuyFBPZUfDyKGxdY58idqan5wR2VQE6XbO1gkCjDJ_mad9EFKoz4skcMbEypJuCAiIPpNLnL2yF5zWGB8QfaQ_RtBfCK82prajNjzET3EaAREAl7wRIiMSix3np4I3Fb-mPRFNiLF6PXDaT__VChKPMyspS5RKW2uYa9Ot6M3n3CmBQKjVfcElUpxSz3KIxAIrRfKYXKQ-PsSTOAa_VK_nh4guGzKXiZiZVyO2kVNkdpqsWA7C9nmlAgbhFkf9A4CfOh5deR7wNFE4W0agzQMiOU74y42kVu3KumhzTAZ3P2pIsxY0TWIoCwZOQgPWB2QkaZPJ2hKPktb4Od8KNv9imWBKApb_2F_Utua_0Y88qkAuY719P8Fyvvf65ncpV8qtVUXv8wN2PMCgujdcx1q13Wep_VsGt_MV5cF45bVmlkSAYf5W4LpavmG11sKKD8NPV7kiEDKFi7t_sU35atG7Oy2R77gvAK_LkGCHfGzqviF0QtGNcoudq7azmvZDTJpGgrtf5midOoBXV-olZT72qgn4yoYcjddUxOmzC0ffg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240131%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-9805514773957839%26fa%3D1%26ifi%3D3%26uci%3Da!3&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fskitterphoto.com&random=6878160278562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: fc0cb45b28f36c3eb1d8814fc8f23eec89adedba86d457e4b6c0012ec1b1c14b

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1502
Content-Type: text/html; charset=utf-8
Date: Sat, 03 Feb 2024 11:25:04 GMT
Expires: Sat, 03 Feb 2024 11:25:04 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 115F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54298ba1510b5756a383b61b3e9deb83d3d7db06a4ee96737a6c489f18f1347d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 128ms
128ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240131&jk=31040375612043&bg=!AQKlAk3NAAa8BdJLnAU7ADQBe5WfOBw-kYUL3vo9Bf3XHQLcycih4po8FTjrJpmoqgYJUusAA8BKZyLm7lHE0qhVfX2uAgAAAEtSAAAAAmgBBwoAPBrjs29nhvt8gU8wRejUyChjk5GsreVY5nWvKyt9co5T5Giefve4v3og3PeP-9oofe0ySFJ-G4XGgkh56ZkCv9m3o9er4vjVrSpuecghtH5kNWxqYBp65QUKI1DydPQsHQ7VYrcsx3SBPrMilr1X5XyqXTFsBGwjKj0zKL1YMXjd-LDrNOMK6dC6SobYvcfz0_iiR3iPFNMUnoY7797XgFyHlXj-vzeQuzw80i0AbJ_677ylfKV1ToO8t5yTuKRG-WzHvv1LJ9OGLYHmzKaCutNOhK82TptD6mINsPuRCqRe_swso_-J1fsA4pHTAhS2mtzp8RgaT-7_ajYFCPYP6Zeub4-UQwM4tVrABT4t543SGWoPspK_aehoxXyOrDwxJkCLgBpA8S-MxcLOekdKykZKWaFjo7sjQGkUGy__p4FdatOOsrX6IynRwmKPiQICZT5SUH-pRmCqAyaefr66WHajvu2-pZ3GU1cjmApVVQDNuvgKBacWtKPFYeicFeWAmb_dmhMO6yQg5OJJJPWt1G01lsLWYb6nlTh8cbj6jfacpyO1UZWykoPq575z-6R3W1mxTP8sn7Rngw8_IlOk4UAr48eLGcsrtLBlM6KpuTZzXrqWFR2DShKxaZ31DVJ4YxGj1HoPll_GveX44t_kIJiwEK0Z8IvU-I6cmMPozcvhq2prRBh_pTxzqBN-ImQFPueLdBOmejhNrkk2qoxuyhRZuXNrm-v_yku8n7coU2RwE-wuV2vduL8DfpzzIC4GVPUTp9wsVqf4_x_DnXBx2MaX2uIWRTr7D4s1G8Z42y7sGp6Th46WxrYA_oakWtlnI5vf6tHK9t8hY2RDDYbSmrMPIWZhAN_sq_j8PRIUPcu9pOYS1ml7VoNisU2WTk8COzeYFNLkLMn1a5-oXL2wKmelg7D_Fva1OLOGRsdJwkUXSMhBbNBAxoQJfE6YsRr77xdJZWgHAIZSb6elNmbMrxFL3JiCf2100ptTTqCHw8lHDJrhT2twYFFKIV9IzTY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 9D11 24 KB
24 KB 124ms
42ms Image
image/gif 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-728x90.gif
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=18131300063646304438266012589013&a=030d7833
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: 7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Feb 2024 11:25:04 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-5f90"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24464

GET
H/1.1 200
OK viewability Show response
hal900013.redintelligence.net/ Frame 9D11 0
150 B 77ms
26ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/viewability?s=18131300063646304438266012589013&a=20dd0799&vb=m
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=18131300063646304438266012589013&a=030d7833
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900013.redintelligence.net/request_content.php?s=18131300063646304438266012589013&a=030d7833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Feb 2024 11:25:04 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 9D11 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 ad728x._BannerAd_ Show response
fundingchoicesmessages.google.com/f/AGSKWxW1X1nVsRAuc1GXPEJf8o5WcsBZdFEfArxTR0glTUkTliGEipI9p4w58IWweJUc5xqpvyoM4kl1DNT-An0L_CpP52SVvjIouUzLpBb7BSi6zzgqMfPycsGWSm-cAUb8NQ79I66zGzhjsOsKqoFonu96uuu_C... 54 B
108 B 40ms
40ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW1X1nVsRAuc1GXPEJf8o5WcsBZdFEfArxTR0glTUkTliGEipI9p4w58IWweJUc5xqpvyoM4kl1DNT-An0L_CpP52SVvjIouUzLpBb7BSi6zzgqMfPycsGWSm-cAUb8NQ79I66zGzhjsOsKqoFonu96uuu_CfF8bX-m3m0rMtI8yK5mqc7bFmWfbHDw/_/125x600_/ads/a./ads/overlay-/ad728x._BannerAd_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RUrZBjkAORk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxyli0GUH1qw5S5ieLhzZRcHATUTw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71d1fe1f072ae11927dcc4d4617b9c3a9cd9359016d64bdeb526275685060648

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-AAGv6ggrbBtmKudx-Ep-mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-AAGv6ggrbBtmKudx-Ep-mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KIhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZBL6-ZJIAYi0gfif5iukbEO_w8WB5Ez6dlS9iOitbBZAG4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCwsd55VGoiFeDgmHP2xlk3gQO-_LmYASfBcCA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 65 KB
24 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24657
x-xss-protection: 0
server: cafe
etag: 1770201614985610734
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 12:00:22 GMT

POST
H3 204 AGSKWxWCg6Tf56xbLk5alMarfZrupyt8XxVi4bZuBD9ZDVUy8leWOQct9M631aqyrVrWP7dX9aSg4I4KrPdcEyHyn3SUu-SrwAT2cIVMdSJqD6ewKg-CeUcWPhRxAGac3LPH0zXWAM8ICA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 83ms
34ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWCg6Tf56xbLk5alMarfZrupyt8XxVi4bZuBD9ZDVUy8leWOQct9M631aqyrVrWP7dX9aSg4I4KrPdcEyHyn3SUu-SrwAT2cIVMdSJqD6ewKg-CeUcWPhRxAGac3LPH0zXWAM8ICA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bJ0oVDFdTuofGsMrQ74r5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skitterphoto.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bJ0oVDFdTuofGsMrQ74r5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcEw4-mMtm8CDw_cWMAMA6xwjCQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://skitterphoto.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWCg6Tf56xbLk5alMarfZrupyt8XxVi4bZuBD9ZDVUy8leWOQct9M631aqyrVrWP7dX9aSg4I4KrPdcEyHyn3SUu-SrwAT2cIVMdSJqD6ewKg-CeUcWPhRxAGac3LPH0zXWAM8ICA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 91ms
69ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWCg6Tf56xbLk5alMarfZrupyt8XxVi4bZuBD9ZDVUy8leWOQct9M631aqyrVrWP7dX9aSg4I4KrPdcEyHyn3SUu-SrwAT2cIVMdSJqD6ewKg-CeUcWPhRxAGac3LPH0zXWAM8ICA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MZFEVJVuj9SYixhaE5Xkcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skitterphoto.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-MZFEVJVuj9SYixhaE5Xkcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcEw4-mMtm8CN_psbmQHrjyLd"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://skitterphoto.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWCg6Tf56xbLk5alMarfZrupyt8XxVi4bZuBD9ZDVUy8leWOQct9M631aqyrVrWP7dX9aSg4I4KrPdcEyHyn3SUu-SrwAT2cIVMdSJqD6ewKg-CeUcWPhRxAGac3LPH0zXWAM8ICA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 46ms
37ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWCg6Tf56xbLk5alMarfZrupyt8XxVi4bZuBD9ZDVUy8leWOQct9M631aqyrVrWP7dX9aSg4I4KrPdcEyHyn3SUu-SrwAT2cIVMdSJqD6ewKg-CeUcWPhRxAGac3LPH0zXWAM8ICA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gpnKCn_hB1NwScKY50XzDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skitterphoto.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gpnKCn_hB1NwScKY50XzDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcEw4-mMtm0DH_cmLmAHnnyKA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://skitterphoto.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWCg6Tf56xbLk5alMarfZrupyt8XxVi4bZuBD9ZDVUy8leWOQct9M631aqyrVrWP7dX9aSg4I4KrPdcEyHyn3SUu-SrwAT2cIVMdSJqD6ewKg-CeUcWPhRxAGac3LPH0zXWAM8ICA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 45ms
36ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWCg6Tf56xbLk5alMarfZrupyt8XxVi4bZuBD9ZDVUy8leWOQct9M631aqyrVrWP7dX9aSg4I4KrPdcEyHyn3SUu-SrwAT2cIVMdSJqD6ewKg-CeUcWPhRxAGac3LPH0zXWAM8ICA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YjV62VIdfMZoAdbnH3pouw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skitterphoto.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YjV62VIdfMZoAdbnH3pouw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcEw4-mMtm8CFN3cXMgMA73cjLg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://skitterphoto.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUHyxPYq4Qn8maM5WvC5TNkDnd4GPPZPtIvSE3mrAVX0EwDZa1eCwNtNlyAfQnYveLtDAqpYhm1aOuNHk7Vxlp2hrD17wT7S8nc1AWfsFBZHNVu_obtnKS-a7JH_svi0p3sBVmYgg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUHyxPYq4Qn8maM5WvC5TNkDnd4GPPZPtIvSE3mrAVX0EwDZa1eCwNtNlyAfQnYveLtDAqpYhm1aOuNHk7Vxlp2hrD17wT7S8nc1AWfsFBZHNVu_obtnKS-a7JH_svi0p3sBVmYgg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2OTU5NTA0LDg0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZGUiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9za2l0dGVycGhvdG8uY29tL3Bob3RvZ3JhcGhlcnMvODM3MTkvdGt0eHVzYTEiLG51bGwsW1s4LCJSVXJaQmprQU9SayJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccbb44af712311feaf91b3e8fe133c6b3a383f9feb631280d59575cc5bae040d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NP4GfSdI5AJmcITHEZPqMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://skitterphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-NP4GfSdI5AJmcITHEZPqMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KEhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA3BI9g3UaEDulz2ANAeLPmTNYfwNx2e1zrHVALCx3nlUaiIV4OCYc_bGWTeDB3_5lzAAo81c5"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU3jo3QaeuE9NzPNw82y4ELvyR0v-O3ecmoKENlgDfe2fKGIfYyc0VX-zrkxZhivsQ9ulwpCJwHUycE_jF7lzoqvbFU2qNkhTirUuSjCde3qJ_Ln1ZWiEhS8JKaIFZwP2lFCR5Ulw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 40ms
40ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU3jo3QaeuE9NzPNw82y4ELvyR0v-O3ecmoKENlgDfe2fKGIfYyc0VX-zrkxZhivsQ9ulwpCJwHUycE_jF7lzoqvbFU2qNkhTirUuSjCde3qJ_Ln1ZWiEhS8JKaIFZwP2lFCR5Ulw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nvKsn1RVd-yD2OnFh_encw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skitterphoto.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-nvKsn1RVd-yD2OnFh_encw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcEw4-mMtm8CPTxd3MQMA8A8jaA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://skitterphoto.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWCg6Tf56xbLk5alMarfZrupyt8XxVi4bZuBD9ZDVUy8leWOQct9M631aqyrVrWP7dX9aSg4I4KrPdcEyHyn3SUu-SrwAT2cIVMdSJqD6ewKg-CeUcWPhRxAGac3LPH0zXWAM8ICA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 44ms
44ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWCg6Tf56xbLk5alMarfZrupyt8XxVi4bZuBD9ZDVUy8leWOQct9M631aqyrVrWP7dX9aSg4I4KrPdcEyHyn3SUu-SrwAT2cIVMdSJqD6ewKg-CeUcWPhRxAGac3LPH0zXWAM8ICA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ro3m4hj7f7fFL72wGn-NlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skitterphoto.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Feb 2024 11:25:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ro3m4hj7f7fFL72wGn-NlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcEw4-mMtm8CM_Yd3MQMA6t8iwA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://skitterphoto.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 115F 42 B
64 B 140ms
140ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYHWlWvWQGgyZyWa07ISVIDy7_M6JWZ5hLfbHBgLbZaAzl2snGj8b4QW8iyc75GYIATk1C0b_OPULt3kqaWxGYlfwc4wPGFs3flK2O5-LA_usxE8Qeq4IZJfy47h9Q1S-V0e1vrIF_tIk&sai=AMfl-YSqzPzJOIU3U5XiJBLnP52irfp_1g-i-5WqBlWUPBWElvPuIbwmw9xRpa8VLJD-9M5hyBLaozVNpeV3D07UvNictlQJMFaSLJKqGd8tyBwT6lQvKTuGDdo8656GSLq00zg-0OPcY4IzGKlKCThL&sig=Cg0ArKJSzEmeUbES9SZHEAE&cid=CAQSTgAvHhf_Q2jp8l4DbCzBaqM-gOlTN7xSyFQYEgJ9fSTjyC3f6yL3-ZC4o7q5oCCpicQr-3MqtcE5jrKtp-Ssdpr04R4Lyyf4JTrrVxB0NhgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=951,1000,1000,1000,1000&tos=951,49,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=289230400&rst=1706959504109&rpt=580&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900013.redintelligence.net/ Frame 9D11 0
150 B 77ms
26ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/viewability?s=18131300063646304438266012589013&a=20dd0799&vb=v
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=18131300063646304438266012589013&a=030d7833
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900013.redintelligence.net/request_content.php?s=18131300063646304438266012589013&a=030d7833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Feb 2024 11:25:05 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 115F 0
20 B 132ms
132ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1757804241461&version=m202401290101&ct=77&x=1&cor=14422140284619570000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Feb 2024 11:25:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
skitterphoto.com/	1970-01-20 18:09:26	Name: XSRF-TOKEN Value: eyJpdiI6InJoV2s1aXlGYUVmYk81d2tLa0ZIT0E9PSIsInZhbHVlIjoiaFwvNjFPOE1OaUZSTmo0QWZQZEJreGYzUUoySTJGXC9ScHBCXC8rRHJ5T2lnMnFGamJ2azhOekFWV1U2bUJQYVBRXC9CcnZwSHl4VjhJZGt3bnJzUjBPeUd3PT0iLCJtYWMiOiJmZTgwNmNhYzYwZTBkN2I3NzFmMDE5MWNiNjI2NTlmNzllNmMyZjRjYmI4YWE2MjFjYzk1NDEzNzhkMDExY2U1In0%3D
skitterphoto.com/	1970-01-20 18:09:26	Name: laravel_session Value: eyJpdiI6IlE1TTZtYm85QnFYWGxSeUdIamw1M0E9PSIsInZhbHVlIjoiV21yY0hQZlFrYWFYOTBjS1d5Nk11Q1o2OU5hRkRoR3RmNW01b1VaU1RyYzBQMEV0YWtCVGFcLzdIbnJvelJnXC9ySlZIUEVKbWVhZHB3XC9RWVZnbUxHYmc9PSIsIm1hYyI6ImExZTYxZTg5ZmQ4NDhmMjA3OTdlZDk2ZGYwYjE1NDAwMzIzMmMwMmU4N2UxNDdiN2I5ZWE3ZTMwZDYzMWJmNzgifQ%3D%3D
.skitterphoto.com/	1970-01-21 03:45:19	Name: _ga Value: GA1.2.184799987.1706959503
.skitterphoto.com/	1970-01-20 18:10:45	Name: _gid Value: GA1.2.621183173.1706959503
.skitterphoto.com/	1970-01-20 18:09:19	Name: _gat Value: 1
.skitterphoto.com/	1970-01-21 03:45:19	Name: _ga_619P63YNGX Value: GS1.2.1706959502.1.0.1706959502.60.0.0
.doubleclick.net/	1970-01-21 03:45:19	Name: IDE Value: AHWqTUmSVO_UWmkUiicfR6YWv4V_bN2h5Y10RUR_XMoELE5wTSxnRQsqVfKewJnL
.skitterphoto.com/	1970-01-21 03:30:55	Name: __gads Value: ID=116423c8df6fde54:T=1706959502:RT=1706959502:S=ALNI_MZuSuBcGIOIYh-FQ97uH3z17YFlOg
.skitterphoto.com/	1970-01-21 03:30:55	Name: __gpi Value: UID=00000d4f8b62673e:T=1706959502:RT=1706959502:S=ALNI_MYUaSzOUBKFl4ctKTqegW3vVJUhUA
.skitterphoto.com/	1970-01-20 22:28:31	Name: __eoi Value: ID=96fe54e5d9fb1f1e:T=1706959502:RT=1706959502:S=AA-AfjbUFVB0Qgm2xZSYMHOBapBl
.casalemedia.com/	1970-01-20 20:18:55	Name: CMPS Value: 5215
.doubleclick.net/	1970-01-20 18:52:31	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 02:54:55	Name: CMID Value: Zb4ikEPz3.1.TSFzwQ2vJgAA
.casalemedia.com/	1970-01-20 20:18:55	Name: CMPRO Value: 5215
.redintelligence.net/	1970-01-20 20:18:55	Name: 8lcfmzhxc8d6_uid Value: 160846f6dd0684ed
.skitterphoto.com/	1970-01-21 02:54:55	Name: FCNEC Value: %5B%5B%22AKsRol97Cz-Smg9KS0KWT1YNRG15Oqk91VJXokmbkOwknfQsR6Xj2PsgrYViDTlblZeq9mQPAByI4BtLcEnsTSDA6gzXPa6fPCr28DgSeCq7MGTOH5vstl8UfXbPxxx_HCA1ieQAN10fL2En1cCP_bjXaPvByD7L8g%3D%3D%22%5D%5D

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skitterphoto.com/photographers/83719/tktxusa1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.googleapis.com
cdn.contentspread.net
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900013.redintelligence.net
pagead2.googlesyndication.com
region1.analytics.google.com
skitterphoto.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
116.202.48.214
172.217.16.130
172.217.16.134
172.64.151.101
178.162.201.225
2001:4860:4802:32::36
2a00:1450:4001:801::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9b
2a03:2880:f083:100:face:b00c:0:3
51.75.147.170
78.46.111.106
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1018eed8f6d7532cfa8954d5887e7a28cb5fdd201b84b2475b26f5c3891bde8c
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2bac26152f0bf917f3429ac97ff46cfe9c55b15751a99a348bac4d4839273ed0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3011e6d33e9ec97fa9fb3252bebc4d023c25a9efb8448dbefcf623fbf3cc6432
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
368f3b9477efb952f5f8c6fb6124dbfff4954531fade6b4f187996ea73516924
369355f5a3b6b152cf581eeec774a5247914f7fa115dd1fceb0dba1ef7526e8d
374f7e6606005eefafa3769082a2dd351474f9d9ac6dad6bca7fa43fdb0a9cd2
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
54298ba1510b5756a383b61b3e9deb83d3d7db06a4ee96737a6c489f18f1347d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ef683b501cbf37603edc414dc96c3668b57aaf93203995bfa943f1676ee72f3
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
706721cce9518ee5d71b0dce4a44ae81a958eb87f63870af6c53953aa284e6d1
71d1fe1f072ae11927dcc4d4617b9c3a9cd9359016d64bdeb526275685060648
75c1e220bdd4b0c138d089de77a6de9711bcf1b46fc20d18664fccffba224c45
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
7c0bc10a39191a052355a465832408b2fd38054058a5172d28bea0118be8cca5
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
898229cca3393fd5b1a0679f3a9e8d580ffb412be1a589b3a2a3a473d2a2f3ce
89c491423c07c10b468fe83f2aae3295f958d46fc4a6a09c5efc559f8fe03827
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
95f9b4430fcc285f17833c44c253e93ef936430c040033ebae69a93484c0b95b
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
ae775e8a264a0664ad0933c609f5597933fe3d9121bbfd68f88aa7115c58f108
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
bfc4cb0edb908b69b5028fdac9757854c725a49f679724209b069c5d10e8fc32
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
ca3cb0008adeec663ab595b358d327b6aa551553aab37a51c66baac199a4b47e
ca72c36303fb46cb36a1d5a28d3d0c5c9629685c57f3fde47cb853561dd0a6d7
ccbb44af712311feaf91b3e8fe133c6b3a383f9feb631280d59575cc5bae040d
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
d4da7d4a3769315bf878ccfd8ec32593cd3dad0b0d030ac1fbac33355b8b698c
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
dd6de3ad3fa25f37085126f16608ca90955af860c946391979e227ee7fc12466
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e06e25b2781de8ab68250dae2f8d3ac85fa76a7199834384f4488e4a73971866
e154d246cbf24001ca0d0b4975e6d2b557b2f574083db23a5bed206e7f490097
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e812d3de1343df34a9360657f48b80936b2351bd0b86e7431f23673132e284e3
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ee60209e5bbce23b8549d3bf9ed2f3e89c85a5460aed3f4d6830071fc63f2840
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc0cb45b28f36c3eb1d8814fc8f23eec89adedba86d457e4b6c0012ec1b1c14b

skitterphoto.com Open in urlscan Pro 178.162.201.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

97 %HTTPS

68 %IPv6

14 Domains

22 Subdomains

23 IPs

4 Countries

1185 kBTransfer

3210 kBSize

16 Cookies

3 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

skitterphoto.com Open in urlscan Pro
178.162.201.225 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

97 %
HTTPS

68 %
IPv6

14
Domains

22
Subdomains

23
IPs

4
Countries

1185 kB
Transfer

3210 kB
Size

16
Cookies

86 HTTP transactions
2 data transactions