tomroeser.com Open in urlscan Pro
172.67.184.219 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tomroeser.com/
Effective URL:
https://tomroeser.com/
Submission: On May 14 via api (May 14th 2024, 2:58:04 am UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 43 HTTP transactions. The main IP is 172.67.184.219, located in United States and belongs to CLOUDFLARENET, US. The main domain is tomroeser.com.
TLS certificate: Issued by E1 on May 2nd 2024. Valid for: 3 months.

This is the only time tomroeser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	172.67.184.219 172.67.184.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	172.67.71.57 172.67.71.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.8.141 172.67.8.141	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
43	14

12 172.67.184.219 (United States)

ASN13335 (CLOUDFLARENET, US)

tomroeser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.57 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.8.141 (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9e63a8d89428041b20c9a1bfbdbbfc78.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 9e63a8d89428041b20c9a1bfbdbbfc78.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 164	264 KB
12	tomroeser.com tomroeser.com	1 MB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 421	104 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205	186 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	252 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 17157	215 B
1	waust.at waust.at — Cisco Umbrella Rank: 40895	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 380	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	5 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	24 KB
43	11

	Domain	Requested by
12	tomroeser.com	tomroeser.com
9	pagead2.googlesyndication.com	tomroeser.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com tomroeser.com
3	securepubads.g.doubleclick.net	tomroeser.com securepubads.g.doubleclick.net
1	9e63a8d89428041b20c9a1bfbdbbfc78.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	whos.amung.us	waust.at
1	waust.at	tomroeser.com
1	www.googletagmanager.com	tomroeser.com
1	ajax.googleapis.com	tomroeser.com
1	cdnjs.cloudflare.com	tomroeser.com
1	code.jquery.com	tomroeser.com
43	13

This site contains links to these domains. Also see Links.

Domain
whos.amung.us
generatepress.com

Subject Issuer	Validity	Valid
tomroeser.com E1	`2024-05-02` - `2024-07-31`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
waust.at GTS CA 1P5	`2024-05-04` - `2024-08-02`	3 months	crt.sh
amung.us GTS CA 1P5	`2024-05-09` - `2024-08-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://tomroeser.com/
Frame ID: 9DCCF4EFBA059A0B2CF8BAA3C0FF20B1
Requests: 30 HTTP requests in this frame

Frame: https://9e63a8d89428041b20c9a1bfbdbbfc78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 81A42E46A3CEA6DD61147D61792E6792
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/zrt_lookup_fy2021.html
Frame ID: 9474B5F35245772D9F17402C9E7029D2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4984848321149724&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715655479&plat=1%3A64%2C2%3A64%2C8%3A4194368%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Ftomroeser.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715655479530&bpp=2&bdt=241&idt=145&shv=r20240509&mjsv=m202405130101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=284722267799&frm=20&pv=2&ga_vid=1119753646.1715655480&ga_sid=1715655480&ga_hid=183072566&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083437%2C31083636%2C95331982%2C31083611%2C95331711%2C95332403%2C95332415&oid=2&pvsid=896119944310955&tmod=1631422410&uas=0&nvt=1&fsapi=1&fc=1920&brdim=920%2C920%2C920%2C920%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=174
Frame ID: 8FDC5E2AA12D59837867B563F10D0760
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D0F339C841C764737D4FE68A2E4C6872
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012405022220000/amp4ads-v0.mjs
Frame ID: 09659917104E7B42B21126ADAEFA0124
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tom Roeser – Aguario marinho dicas

Page URL History Show full URLs

http://tomroeser.com/ HTTP 307
https://tomroeser.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

43
Requests

93 %
HTTPS

54 %
IPv6

11
Domains

13
Subdomains

14
IPs

3
Countries

1798 kB
Transfer

3497 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://whos.amung.us/stats/20qdpe8bbg/
Title: 625

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tomroeser.com/ HTTP 307
https://tomroeser.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
tomroeser.com/
Redirect Chain

http://tomroeser.com/
https://tomroeser.com/

154 KB
42 KB

137ms
98ms

Document
text/html

172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

195b2979c4db32680e5f9bac637b23a2811131feef20696b5457e4d0182f5c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 88379fb8f8a89b52-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 14 May 2024 02:57:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://tomroeser.com/index.php?rest_route=/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQ3J9ST3bCdVO0zo%2FbwcJN9jI%2FVTEaMoyB%2BPHFwsgDoioHj69h0jThwSTIhCxMJuJnFWxA%2FU7XFQdlz8biFFKFMhdvIT3utZ5EtWbDeckRXg4xF%2FCQss9sE1N%2BYKrx6%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
version: MS24041201
x-content-type-options: nosniff
x-ua-compatible: IE=edge

Redirect headers

Location: https://tomroeser.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 70ms
19ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: tomroeser.com
URL: https://tomroeser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Origin: https://tomroeser.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 20853275
x-cache: HIT, HIT
content-length: 24038
x-served-by: cache-lga21982-LGA, cache-fra-etou8220066-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715655479.351628,VS0,VE0
etag: W/"28feccc0-1111d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 116, 97950

GET
H3 200 aes.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ 13 KB
5 KB 56ms
29ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 442481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4256
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-3430"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bk1KtL2ulUaTKLWIpdgodE3d8iPoR0gpMVU979pXi0jJZi7Sw%2FfItPOwqXkA2hZzlIxXjPC31MMN%2FbW3%2BO6UDbDT399cFR16jUMTrmtw8%2BK1x7DDeqF4yXpYTs1jiWyql2n625Zu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88379fb9c984911f-FRA
expires: Sun, 04 May 2025 02:57:59 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 84ms
36ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

87f8361626a1816a484cf60ba2f356512f09fab7ab2293819c18b5e28c1a66b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30366
x-xss-protection: 0
server: cafe
etag: 508 / 19857 / 31083530 / config-hash: 1814271900439722489
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 14 May 2024 02:57:59 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 69ms
18ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 20:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 May 2025 20:27:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
100 KB 91ms
36ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SSY0Q3XBF5

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76eaf44fc0e18959f06f5edc943d7cf030f87083df9fdbed29ac808aaa7c5fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 May 2024 02:57:59 GMT

GET
H3 200 style.min.css
tomroeser.com/wp-includes/css/dist/block-library/ 111 KB
15 KB 33ms
32ms Stylesheet
text/css 172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomroeser.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 10 May 2025 13:28:35 GMT
date: Tue, 14 May 2024 02:57:59 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307764
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2024 15:33:45 GMT
server: cloudflare
etag: W/"6633b259-1bae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RiS8EbZ3mrEW2sYreBSTJ4oBqq6B6csUMuXZRD0b%2FNhhMdkh9crROIsic3t8M08hBdkf7IjhJfQvAovUMqhV25%2Fg3ElyFQ0vRiiLkQvBMAE3vBrKiJG0drRNAL26cCXK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 88379fb9a8e89b52-FRA
version: MS24041201

GET
H3 200 main.min.css
tomroeser.com/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 31ms
29ms Stylesheet
text/css 172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomroeser.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.0

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 07 May 2025 22:16:11 GMT
date: Tue, 14 May 2024 02:57:59 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 535309
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2024 20:09:48 GMT
server: cloudflare
etag: W/"6633f30c-4c6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dy4BUZ%2B%2F7MnjpSfkfpiHfLuXxfRFpEu1opVcGZjdSa44LImITKSJuJLBXltBoowMsQSIaKXd3ayk6TnnV9YIPMR5BFX7IkUf22dpQ34M72G%2FChsThwU0hZyAfCdfWhGH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 88379fb9a8e99b52-FRA
version: MS24041201

GET
H3 200 jquery.min.js Show response
tomroeser.com/wp-includes/js/jquery/ 86 KB
31 KB 64ms
63ms Script
application/javascript 172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomroeser.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 14 May 2025 02:57:59 GMT
date: Tue, 14 May 2024 02:57:59 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2024 15:33:45 GMT
server: cloudflare
etag: W/"6633b259-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NH8n1W6n8YdQlmjp0bj%2FCsCUEJaGAInv4hDbLJgX5Q64k6wTyk0YEa2LdES8lyex0TadO0MeaeXxET2%2FpIL%2BkV9Klll7D%2BxXdGnZN8eZxemic8xJsL2roiCpnuVMe81d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 88379fb9a8ea9b52-FRA
version: MS24041201

GET
H3 200 jquery-migrate.min.js Show response
tomroeser.com/wp-includes/js/jquery/ 13 KB
5 KB 30ms
30ms Script
application/javascript 172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomroeser.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 09 May 2025 14:58:00 GMT
date: Tue, 14 May 2024 02:57:59 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 388799
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2024 15:33:45 GMT
server: cloudflare
etag: W/"6633b259-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EDdITDElGKMhqMYBd4Yn3Sy8N70%2FCBSeMSUW%2FUgUi57cVRkE1uHuVyfAK%2FZNSqFqmoZxflMg3HhP%2FkirGTMCdfG7qHYEfLf5jv9CgQeFpbokGHjBrk4g7yFHCGe9N7TL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 88379fb9a8eb9b52-FRA
version: MS24041201

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 85ms
38ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4984848321149724

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b71027ad46fa135df1691df928d896470e2210f059841f73748c07d73af30abf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Origin: https://tomroeser.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52409
x-xss-protection: 0
server: cafe
etag: 9199378079982359447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 14 May 2024 02:57:59 GMT

GET
H3 200 fta20221130455.jpg
tomroeser.com/wp-content/uploads/2024/05/ 175 KB
176 KB 47ms
47ms Image
image/jpeg 172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tomroeser.com/wp-content/uploads/2024/05/fta20221130455.jpg

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de54341ef037e5887b1264a3488214ce98f8bf2c492be6b9e4f57eda211e7d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 12 May 2025 14:48:25 GMT
date: Tue, 14 May 2024 02:57:59 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130175
alt-svc: h3=":443"; ma=86400
content-length: 179416
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 10 May 2024 10:34:21 GMT
server: cloudflare
etag: "663df82d-2bcd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTsXMGZ6LqWwGIU%2FX2%2BLunq91LFEL1sEwthrTLYX8ie587qt%2BTADl4NlhrSJRW5D9H7aWekdDqTsGsaW4sEwpVwo6rKNOgKUadHND4Ls3ABNjU43JvNI2rKEW3juGqWH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88379fb9a8ed9b52-FRA
version: MS24041201

GET
H3 200 xique-xique.jpg
tomroeser.com/wp-content/uploads/2024/05/ 505 KB
506 KB 82ms
81ms Image
image/jpeg 172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tomroeser.com/wp-content/uploads/2024/05/xique-xique.jpg

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1550ea32ca8b2ba0c4030af71a8302db5ea7d34629c89b983a266cd96016d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 14 May 2025 02:57:59 GMT
date: Tue, 14 May 2024 02:57:59 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 517201
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 10 May 2024 09:33:10 GMT
server: cloudflare
etag: "663de9d6-7e451"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=otgZurKtrhTKfJt0V7GSFJBsx0%2FAHbLj6JelXDeU3j5hKwRMFp5s3FnK2oK7Un77mnsFDwzNH1D%2Fa0H%2BFTnMDfpRhzjl8ADU65YC0MJYkn7UZeeuthaUSDR%2Bt8z0cMVI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88379fb9a8ef9b52-FRA
version: MS24041201

GET
H3 200 0.-sug-abertura.jpg
tomroeser.com/wp-content/uploads/2024/05/ 284 KB
285 KB 107ms
106ms Image
image/jpeg 172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tomroeser.com/wp-content/uploads/2024/05/0.-sug-abertura.jpg

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b110cfe58a41868c830ad087a2dbd9c9f3b700e509b08c6c768fbc4ee0f438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 14 May 2025 02:57:59 GMT
date: Tue, 14 May 2024 02:57:59 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 290970
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 10 May 2024 08:32:12 GMT
server: cloudflare
etag: "663ddb8c-4709a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RkKkIWz7R0UgrPCo5hBy51hIddV6wKgn%2F8kjj6VwA5UKzfW6u6EFEjHX9VcYMOaen2ILcXDRb0C85gZhUr8E3qftbhPaDdafOwUOvzXwYmOpN14ffMnCN1uBdLpx%2F3Uw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88379fb9a8f09b52-FRA
version: MS24041201

GET
H3 200 email-decode.min.js Show response
tomroeser.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 21ms
20ms Script
application/javascript 172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomroeser.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663b4689-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mLyjKB18xqUCmBvHJ2oaUWZJitn56wxXpm0gAy18fA6pAPgZZtBaN8EjfS2Bmn8ARXilBSfeWNuEwmWeW6qAr7deVivr4LUp5x0YhZzdJ25V0RXPKKeNfgDiVrvJcP%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 88379fba596f9b52-FRA
expires: Thu, 16 May 2024 02:57:59 GMT

GET
H3 200 d.js Show response
waust.at/ 14 KB
7 KB 75ms
32ms Script
application/x-javascript 172.67.71.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: tomroeser.com
URL: https://tomroeser.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Jan 2023 17:19:26 GMT
server: cloudflare
etag: W/"63c0411e-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r1Kv9%2Bs6f6N4zE6EO%2FggkwddW7Ts1WhkVmyo3smef%2BM1VOE5%2F7C1UVY8ElPvKy6UUe%2FCCexf%2BvGrfU2bvSATJwfFC%2BUmHN3TUu%2FgDgtsjOKiXBBm8om5WqCC"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 88379fba9826361d-FRA
expires: Wed, 15 May 2024 02:53:22 GMT

GET
H3 200 menu.min.js Show response
tomroeser.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 30ms
27ms Script
application/javascript 172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomroeser.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.0

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 06 May 2025 21:18:08 GMT
date: Tue, 14 May 2024 02:57:59 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625191
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2024 20:09:48 GMT
server: cloudflare
etag: W/"6633f30c-1b3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DpWp9eTxF0QxhE1vNU8IYcKnrshEjH7YmVL9FLKx8pa%2F0xbwIPqJkMB59eeY0cVqGuIMV2GWOAKavvR5dTTr7gj%2Bk1XOKWKK3EQVB8aOKgXi2JrgmjyuqXnvGFCncinM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 88379fba59719b52-FRA
version: MS24041201

GET
BLOB 200
OK 4eb583ba-77df-471e-bb8d-670c25ee2f02
https://tomroeser.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tomroeser.com/4eb583ba-77df-471e-bb8d-670c25ee2f02
Requested by: Host: tomroeser.com
URL: https://tomroeser.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H3 200 wp-emoji-release.min.js Show response
tomroeser.com/wp-includes/js/ 18 KB
5 KB 44ms
44ms Script
application/javascript 172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomroeser.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 14 May 2025 02:57:59 GMT
date: Tue, 14 May 2024 02:57:59 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2024 15:33:45 GMT
server: cloudflare
etag: W/"6633b259-4926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4xPuEtdUaIViEs6jj%2FQtzX9MtIUsf9BsxvWF0ddRt9beBd7Ipvg%2B6pYYyfMtmZyNNMxdurHl7328TbFZZtl3a2Rd%2Bn0Tea3xN6e1qTIeRYX9fDfhBXeW%2FeL%2FRO7BrA4S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 88379fbaa9909b52-FRA
version: MS24041201

GET
H3 200 / Show response
whos.amung.us/pingjs/ 30 B
215 B 170ms
137ms Script
text/javascript 172.67.8.141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=20qdpe8bbg&t=Tom%20Roeser%20%E2%80%93%20Aguario%20marinho%20dicas&c=d&x=https%3A%2F%2Ftomroeser.com%2F&y=&a=0&v=27&r=9442
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aac1834b0232e4b942486a83cf069f5d35901d6b58b86d8d812e6137bb58c65d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 88379fbb28fe65db-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/javascript;charset=UTF-8

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/ 453 KB
142 KB 21ms
21ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

84d39219097d5843cfbeb6d6f0efd56a801a083ed76c64cd6d210b282051e2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 14:45:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43944
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144939
x-xss-protection: 0
server: cafe
etag: 1759730024324250755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 13 May 2025 14:45:35 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/ 416 KB
140 KB 91ms
52ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4984848321149724&plah=tomroeser.com&aplac=true&bust=31083611

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4984848321149724

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ca7995d112226d29be51e8b03eae0dea52804e0371a6f4bd9b5ff9089e89781c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143783
x-xss-protection: 0
server: cafe
etag: 3512641219930819629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 14 May 2024 02:57:59 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 75ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SSY0Q3XBF5&gtm=45je45d0v9184710997za200&_p=1715655479391&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1119753646.1715655480&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715655479&sct=1&seg=0&dl=https%3A%2F%2Ftomroeser.com%2F&dt=Tom%20Roeser%20%E2%80%93%20Aguario%20marinho%20dicas&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=434
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSY0Q3XBF5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 02:57:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tomroeser.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 47 KB
12 KB 403ms
402ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=896119944310955&correlator=3550826264408989&eid=31083341%2C31083354%2C31083585%2C31083362%2C31083530&output=ldjh&gdfp_req=1&vrg=202405080101&ptt=17&impl=fif&ltd_cs=1&iu_parts=22106840220%3A23080250276%2Ctomroeser.com%2Ctomroeser.com_m_BOTTOM_ANCHOR_01032024&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&didk=1031423124&sfv=1-0-40&fas=1&sc=1&abxe=1&dt=1715655479612&lmt=1715655479&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Ftomroeser.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&dlt=1715655479289&idt=300&cust_params=id_post_wp%3D2887&adks=1090562370&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

39719ce771fc342c23edec610398bf79aae15810bf26f42f575ebcd5a0cd05e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11902
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tomroeser.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9e63a8d89428041b20c9a1bfbdbbfc78.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 81A4 0
0 92ms
27ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e63a8d89428041b20c9a1bfbdbbfc78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://tomroeser.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 May 2024 02:57:59 GMT
expires: Wed, 14 May 2025 02:57:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/ 47 KB
15 KB 21ms
20ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl_page_level_ads.js?cb=31083530

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

0c49525a1a9278db15e66f3eae2839444c670ff295f793b8fa72b53efea33bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 10:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60992
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15075
x-xss-protection: 0
server: cafe
etag: 9083288197580068312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 13 May 2025 10:01:27 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/ Frame 9474 0
0 62ms
21ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240509/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4984848321149724&plah=tomroeser.com&aplac=true&bust=31083611

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://tomroeser.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 39939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 May 2024 15:52:20 GMT
etag: 5035419970550746386
expires: Mon, 27 May 2024 15:52:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 8FDC 0
0 74ms
46ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4984848321149724&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715655479&plat=1%3A64%2C2%3A64%2C8%3A4194368%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Ftomroeser.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715655479530&bpp=2&bdt=241&idt=145&shv=r20240509&mjsv=m202405130101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=284722267799&frm=20&pv=2&ga_vid=1119753646.1715655480&ga_sid=1715655480&ga_hid=183072566&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083437%2C31083636%2C95331982%2C31083611%2C95331711%2C95332403%2C95332415&oid=2&pvsid=896119944310955&tmod=1631422410&uas=0&nvt=1&fsapi=1&fc=1920&brdim=920%2C920%2C920%2C920%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=174

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://tomroeser.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 May 2024 02:57:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 39ms
39ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

dc2b1ad4d4703dfa67bf759a6d362adf54e36c216a10f99371d4ddacea961585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12546
x-xss-protection: 0

GET
H3 404 favicon.ico
tomroeser.com/ 3 KB
2 KB 46ms
45ms Other
text/html 172.67.184.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomroeser.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.184.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6OPMatZn%2BXeIohfr1ySq8pmab4XXnJvhuoMcjLn32I5kpxYZJlgdb4%2BUV%2BzD00uB%2FerSv0T0EC3Pwn89iePCHwiCZHAW6vsiiUQ1I8a4PmOy3yvLTEw2zgJOXzUSZl0"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 88379fbcba839b52-FRA
alt-svc: h3=":443"; ma=86400
version: MS24041201

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 109ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 02:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 May 2024 02:57:59 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D0F3 0
0 65ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://tomroeser.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 49747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 May 2024 13:08:53 GMT
expires: Tue, 13 May 2025 13:08:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012405022220000/ Frame 0965 196 KB
56 KB 115ms
19ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a1cab0d16be9936d6722638fb8e5a8f0cc9e020b024fe042178f36c0e96bf9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 May 2024 17:10:21 GMT
age: 35259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56100
x-xss-protection: 0
server: sffe
etag: "193bd302c45422e7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:21 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 0965 15 KB
5 KB 154ms
58ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd3a0419bb57c685bef172fc325325894762b903abad517aa47b2273304342f3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 May 2024 17:10:21 GMT
age: 35259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5205
x-xss-protection: 0
server: sffe
etag: "210802518b12a93a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:21 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 0965 95 KB
28 KB 143ms
47ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912331d6e7d06cf8470caaebe35ba2bcd335000ac00a68e53bce292195067b0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 May 2024 17:10:21 GMT
age: 35259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29022
x-xss-protection: 0
server: sffe
etag: "0e3c5d295c30e73a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:21 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 0965 5 KB
2 KB 150ms
55ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6960d6e86ca7620309992930e6a90bdfd76443e523d80097de2d030b8247cc69

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 May 2024 17:10:21 GMT
age: 35259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "ec1752382ab3b3ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:21 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012405022220000/v0/ Frame 0965 40 KB
13 KB 151ms
56ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

744d25ee650f5edeb1fadfaec9593f3c2393b00ec59363b4d634a90715041c6a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 May 2024 17:10:21 GMT
age: 35259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12943
x-xss-protection: 0
server: sffe
etag: "664530f02d87cb50"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 May 2025 17:10:21 GMT

GET
H2 200 10769561194949899247
tpc.googlesyndication.com/simgad/ Frame 0965 38 KB
39 KB 22ms
20ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10769561194949899247?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlE46QM1gGVHC85J0Q4TbZfsU9SSQ

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40fa61391bf431b047b6570b4cb477ed67a0c7abf914a1f4d5432676397d9cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 19:12:42 GMT
x-content-type-options: nosniff
age: 546318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39409
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 23:44:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 May 2025 19:12:42 GMT

GET
H3 200 pt.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 0965 3 KB
3 KB 20ms
19ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 11:20:47 GMT
x-content-type-options: nosniff
server: cafe
age: 56233
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Tue, 14 May 2024 11:20:47 GMT

GET
H3 200 icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 0965 344 B
368 B 22ms
21ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: tomroeser.com
URL: https://tomroeser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 15:48:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40176
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 14 May 2024 15:48:24 GMT

GET
DATA 200
OK truncated
/ Frame 0965 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e476561f06c6fc6b04f09bbf5fdb18e2f9a17aae818dbf59f3041e3a35a7495c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET adview
pagead2.googlesyndication.com/pagead/ Frame 0965 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0965 42 B
65 B 54ms
54ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3wIzUcJMmVTq5HZZPWS8Sy0U5KOes1TE4iCU7jA64TitHEw3sISEUNHwpiOy7ev4Xz7ONSQzqoJ-DYNoAauX7SkjgUUFXC4A-HuQepEx-dd0aXaMyBtdkJ49C_WmRQgOboJbpjPbK8cn0ycA4QRXeoEPS7dF7dlVyKtHYzho&sig=Cg0ArKJSzNqKf04vHDETEAE&id=ampim&o=298,1189&d=1005,124&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=213&tls=1443&g=55.645161867141724&h=100&tt=1443&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=124.0.6367.201&uab=64&uafvl=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tomroeser.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 02:58:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/adview?ai=CzcjZN9NCZp3oJ9j41PIP64KfsAL124vfd9H-k6jbEtnZHhABIKKfq35glbKVgqQHoAH0v_3yKMgBAuACAKgDAcgDCKoEngJP0E8Nrjd7sTdQKfY0NIhBc2CL2Ec4IOZRuoOm001_kzQe8UnGliPrqI5vnOO3rFLwjXk29RLfXIsZ10PjYdAPm1g-MsIzKs4AGW1Mz0OMBys8rI3ScQkTlkShwVWmZ0sTb_uuGcQhefyGDPlYf3wwP_Gx24kiXjYpfDumzQW5Vg9SW3TnDEvwRmzw4g1N5LQDPnd-5RG786CHUU_yFUtTpY5NODntzhbUtMPcI18psTE4X-SUXm3ZI5BtIM4C4m3sIDTRZcHFbCUD3n5Q-NouvBAoLbK7L7QzaNL-MNv8VLzVB91459CPBoVOZEK6Pq767ROQN6B3jDb9rZAw6g6ab4pNLiZbOEcecUn-UBuvPGZTglgB0nSFjFTT610awATMgNbi3ATgBAGIBaXX_olPkgUECAQYAZIFBAgFGASgBgKAB_T3zdIDqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQ6r8M0ggqCJHhgHAQARgdMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WJXtrtuSjIYDmgliaHR0cHM6Ly9zdG9yZS5wbGF5c3RhdGlvbi5jb20vY29uY2VwdC8xMDAwODg4NC8_dXRtX3NvdXJjZT14YSZ1dG1fbWVkaXVtPVBST0cmdXRtX2NhbXBhaWduPURFUFNHRE6ACgPICwHiDRMI-Jqv25KMhgMVWDxVCB1rwQcm2BMK0BUBmBYBgBcBshceChwIABIUcHViLTQxNjIyODA5MTQ0ODgzOTAY0K14shgJEgKwUxgCIgEA&sigh=2zKypin1UFk&uach_m=%5B%5D&ase=2&nis=5&cbvp=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405080101&jk=896119944310955&bg=!rK-lr-DNAAbZcyKb-XM7ADQBe5WfOLYZYxuoS-0sIHcrgf9CsxRexoJFTUTKhPHW1rBHRRajfeCuzhvruUM8fsQnrEG3AgAAADhSAAAAAmgBB34ANrC7RYArFA1zDqj3-UOeuWnXkiwTB-5PBtPA6PmKYoyCDXFl6RY5q3aQ-y0IOSgMtjf-D4zKigoAfh92t0QbR_04C7A8bwdTXQNRmnjZlK3aVISI70Z9PApQcB5k0iXoJAWl8FmpRk9qeQijQ3pgpwqbADuK1NWydLRfdh0no7WNW9SkVU4TuaZrvlkwEOSdsa62v4i_OytVaETJ1On5wa1HUOTG-fE3RnEmHPtKWILWFiLuukazmJkCl_5xLeXt_Z_u54KvLDA_HhRV6NOlZ59OUxGDsVgmJTArdI47ugn9vTlyTYxTHRw8xS1lxdimVW3B_S1tKQKsutOfPA0ArQlqQ8aI_Ih-Z9tO_DBDO8P2-VNn6AGaICAVSPN58wWYipLyaN23J4P_AlUyyDCqnruNRyOu5uYf9jFJvLoP9rtzXE9cq5-kUrOUUBJWMmw-hcciuED5Ep8d2b12nCJYkCZoz2nPOB_Awv8bFXLdnpThrm_LE-kPK3uetoQus8Cn5-egwLl0GffaORwOjuWipVOu-PMnIj2gtjliNVdT1LZBf1vFrwYs-rTaWkvYWDNLk143mBgQaqirxzRSTjAWf0xNv87RSVbT0yvHu62QQxR_NPT2XjlMhElAYlaqzVRLaKf9oLoqckx6aGTbw72Gjvl4PgI2q5tN3QuClLfKH40Q7m1z-J7fENksZOthGLM8CrPDTVys4-jd8hyYZS6n1xoMdnLCQaoYIR2q1B8nYgNLSSjvsESOoBc1bZfOPLkwf7UJIWe_yjX6awKnkpDEqh1Bx2SHFgrwu-hKkah0MMM1J6EG2Oo0wXUd3fWml3mxma8Chn4auxxpXGWH5jh2mGAklnDWawo83AG_M0n-uUTodvhhJpbdGTpM2Au2Xuot0jCoOwiSJGaj-FWrubqXIkdLVSqmx4Sm3gfsq5syhfXctYr5YTwbFA7MseBMuBXKF60hrQKdfTSUQqqElnEQ1VqI6tLxnBBM4Cokrqmpu8niN50mYSXAfWrxnq8KBpPXuuTtSlRgwmCAcJr8mwGXojYuVnxoXobS-bFQ--srbu7TEQ25hUjjoEMxgLqvb9HvNVs4jvaQFJr9dk1o9wO0rwomrL10UY9irqO7W9O6IRTuSg

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tomroeser.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: vhd8tksrpgk0gj8200203h7h0l
.tomroeser.com/	1970-01-21 06:10:15	Name: _ga_SSY0Q3XBF5 Value: GS1.1.1715655479.1.0.1715655479.0.0.0
.tomroeser.com/	1970-01-21 06:10:15	Name: _ga Value: GA1.1.1119753646.1715655480
.tomroeser.com/	1970-01-21 00:53:27	Name: __eoi Value: ID=c2efdfec3b8951fd:T=1715655479:RT=1715655479:S=AA-AfjYQj9aybdzrMm8GegFhrZ4R

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tomroeser.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9e63a8d89428041b20c9a1bfbdbbfc78.safeframe.googlesyndication.com
ajax.googleapis.com
cdn.ampproject.org
cdnjs.cloudflare.com
code.jquery.com
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tomroeser.com
tpc.googlesyndication.com
waust.at
whos.amung.us
www.googletagmanager.com
pagead2.googlesyndication.com
104.17.25.14
142.250.185.130
172.217.18.98
172.67.184.219
172.67.71.57
172.67.8.141
2001:4860:4802:32::36
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a04:4e42:600::649
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
0c49525a1a9278db15e66f3eae2839444c670ff295f793b8fa72b53efea33bca
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
195b2979c4db32680e5f9bac637b23a2811131feef20696b5457e4d0182f5c0e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
39719ce771fc342c23edec610398bf79aae15810bf26f42f575ebcd5a0cd05e3
40fa61391bf431b047b6570b4cb477ed67a0c7abf914a1f4d5432676397d9cbc
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5a1cab0d16be9936d6722638fb8e5a8f0cc9e020b024fe042178f36c0e96bf9c
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6960d6e86ca7620309992930e6a90bdfd76443e523d80097de2d030b8247cc69
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
744d25ee650f5edeb1fadfaec9593f3c2393b00ec59363b4d634a90715041c6a
76eaf44fc0e18959f06f5edc943d7cf030f87083df9fdbed29ac808aaa7c5fca
84d39219097d5843cfbeb6d6f0efd56a801a083ed76c64cd6d210b282051e2a5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87f8361626a1816a484cf60ba2f356512f09fab7ab2293819c18b5e28c1a66b1
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
aac1834b0232e4b942486a83cf069f5d35901d6b58b86d8d812e6137bb58c65d
b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac
b71027ad46fa135df1691df928d896470e2210f059841f73748c07d73af30abf
c912331d6e7d06cf8470caaebe35ba2bcd335000ac00a68e53bce292195067b0
ca7995d112226d29be51e8b03eae0dea52804e0371a6f4bd9b5ff9089e89781c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
dc2b1ad4d4703dfa67bf759a6d362adf54e36c216a10f99371d4ddacea961585
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de54341ef037e5887b1264a3488214ce98f8bf2c492be6b9e4f57eda211e7d03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e476561f06c6fc6b04f09bbf5fdb18e2f9a17aae818dbf59f3041e3a35a7495c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1550ea32ca8b2ba0c4030af71a8302db5ea7d34629c89b983a266cd96016d87
f1b110cfe58a41868c830ad087a2dbd9c9f3b700e509b08c6c768fbc4ee0f438
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
fd3a0419bb57c685bef172fc325325894762b903abad517aa47b2273304342f3

tomroeser.com Open in urlscan Pro 172.67.184.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

93 %HTTPS

54 %IPv6

11 Domains

13 Subdomains

14 IPs

3 Countries

1798 kBTransfer

3497 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tomroeser.com Open in urlscan Pro
172.67.184.219 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

93 %
HTTPS

54 %
IPv6

11
Domains

13
Subdomains

14
IPs

3
Countries

1798 kB
Transfer

3497 kB
Size

4
Cookies

43 HTTP transactions
2 data transactions