urlscan.io logo urlscan.io
SecurityTrails logo

sqworl.com Open in urlscan Pro
104.236.103.127  Public Scan

Go To Rescan Add Verdict Report
URL: http://sqworl.com/2nbsw8
Submission: On September 15 via manual from FI — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 7 countries across 24 domains to perform 79 HTTP transactions. The main IP is 104.236.103.127, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is sqworl.com.
This is the only time sqworl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.236.103.127 14061 (DIGITALOC...)
1 172.217.16.138 15169 (GOOGLE)
3 216.58.212.130 15169 (GOOGLE)
3 169.150.247.37 60068 (CDN77 ^_^)
3 104.75.88.209 16625 (AKAMAI-AS)
1 142.250.186.42 15169 (GOOGLE)
1 151.139.128.10 20446 (STACKPATH...)
1 142.250.186.99 15169 (GOOGLE)
2 157.240.252.13 32934 (FACEBOOK)
1 192.229.233.25 15133 (EDGECAST)
2 216.239.34.178 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
3 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
5 172.217.16.194 15169 (GOOGLE)
3 93.184.220.66 15133 (EDGECAST)
7 151.101.1.44 54113 (FASTLY)
2 74.125.133.156 15169 (GOOGLE)
1 142.250.185.136 15169 (GOOGLE)
1 2 178.250.7.13 44788 (ASN-CRITE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 141.226.124.48 200478 (TABOOLA-AS)
2 104.244.42.72 13414 (TWITTER)
2 142.250.185.98 15169 (GOOGLE)
1 216.58.206.36 15169 (GOOGLE)
2 142.250.186.35 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
1 151.101.64.84 54113 (FASTLY)
3 37.157.6.233 198622 (ADFORM)
2 142.250.186.129 15169 (GOOGLE)
2 37.157.6.236 198622 (ADFORM)
1 178.63.68.35 24940 (HETZNER-AS)
1 3 159.69.70.9 24940 (HETZNER-AS)
1 2 104.64.118.247 16625 (AKAMAI-AS)
1 149.126.4.39 ()
1 85.114.131.234 24961 (MYLOC-AS ...)
79 38
9    104.236.103.127 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sqworl.com
1    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net
fonts.googleapis.com
3    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
pagead2.googlesyndication.com
3    169.150.247.37 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-37.bunnyinfra.net
cdn.iubenda.com
www.iubenda.com
3    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
assets.pinterest.com
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
ajax.googleapis.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
s.skimresources.com
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
1    192.229.233.25 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pips.taboola.com
5    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
googleads.g.doubleclick.net
3    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
7    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net
stats.g.doubleclick.net
1    142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
www.googletagmanager.com
2    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
2    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
partner.googleadservices.com
www.googletagservices.com
1    216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f4.1e100.net
www.google.com
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.ch
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    151.101.64.84 (United States)

ASN54113 (FASTLY, US)
log.pinterest.com
3    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
tpc.googlesyndication.com
2    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    178.63.68.35 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.35.68.63.178.clients.your-server.de
tm.ad-srv.net
3    159.69.70.9 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de
ad.ad-srv.net
ad17.ad-srv.net
2    104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com
www.awin1.com
1    149.126.4.39 (None, )

ASN- ()
smartphoto-media.com
1    85.114.131.234 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21038.dus4.fastwebserver.de
cdn.contentspread.net
Apex Domain
Subdomains		 Transfer
11 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1069
trc.taboola.com — Cisco Umbrella Rank: 626
trc-events.taboola.com — Cisco Umbrella Rank: 2183
ch-trc-events.taboola.com — Cisco Umbrella Rank: 3496
pips.taboola.com — Cisco Umbrella Rank: 1634
226 KB
9 sqworl.com
sqworl.com
36 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 47
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
31 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 4270
r.skimresources.com — Cisco Umbrella Rank: 4091
t.skimresources.com — Cisco Umbrella Rank: 4285
p.skimresources.com — Cisco Umbrella Rank: 5610
21 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1154
syndication.twitter.com — Cisco Umbrella Rank: 1386
149 KB
5 adform.net
track.adform.net — Cisco Umbrella Rank: 4312
s1.adform.net — Cisco Umbrella Rank: 10226
38 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 152
245 KB
4 ad-srv.net
tm.ad-srv.net — Cisco Umbrella Rank: 99469
ad.ad-srv.net — Cisco Umbrella Rank: 47711
ad17.ad-srv.net — Cisco Umbrella Rank: 424212
7 KB
4 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 3484
log.pinterest.com — Cisco Umbrella Rank: 4759
20 KB
3 iubenda.com
cdn.iubenda.com — Cisco Umbrella Rank: 13333
www.iubenda.com — Cisco Umbrella Rank: 62644
34 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18350
1 KB
2 google.ch
www.google.ch — Cisco Umbrella Rank: 25073
515 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2787
658 B
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
416 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 44
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186
90 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
ajax.googleapis.com — Cisco Umbrella Rank: 419
96 KB
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 87436
1 KB
1 smartphoto-media.com
smartphoto-media.com
23 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
57 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1183
601 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
81 KB
1 gstatic.com
fonts.gstatic.com
39 KB
0 thum.io Failed
image.thum.io Failed
79 24
Domain Requested by
9 sqworl.com sqworl.com
6 cdn.taboola.com s.skimresources.com
cdn.taboola.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
sqworl.com
4 platform.twitter.com sqworl.com
platform.twitter.com
3 track.adform.net sqworl.com
s1.adform.net
3 t.skimresources.com sqworl.com
s.skimresources.com
3 assets.pinterest.com sqworl.com
assets.pinterest.com
3 pagead2.googlesyndication.com sqworl.com
pagead2.googlesyndication.com
2 www.awin1.com 1 redirects ad.ad-srv.net
2 ad.ad-srv.net 1 redirects tm.ad-srv.net
2 s1.adform.net track.adform.net
s1.adform.net
2 tpc.googlesyndication.com sqworl.com
2 www.google.ch sqworl.com
2 syndication.twitter.com platform.twitter.com
sqworl.com
2 trc.taboola.com cdn.taboola.com
2 gum.criteo.com 1 redirects sqworl.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 p.skimresources.com sqworl.com
2 www.google-analytics.com sqworl.com
www.google-analytics.com
2 connect.facebook.net sqworl.com
connect.facebook.net
2 cdn.iubenda.com sqworl.com
cdn.iubenda.com
1 cdn.contentspread.net ad.ad-srv.net
1 ad17.ad-srv.net ad.ad-srv.net
1 smartphoto-media.com ad.ad-srv.net
1 pips.taboola.com cdn.taboola.com
1 tm.ad-srv.net sqworl.com
1 www.googletagservices.com sqworl.com
1 log.pinterest.com sqworl.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.google.com sqworl.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ch-trc-events.taboola.com sqworl.com
1 trc-events.taboola.com cdn.taboola.com
1 www.googletagmanager.com www.google-analytics.com
1 www.iubenda.com cdn.iubenda.com
1 r.skimresources.com s.skimresources.com
1 fonts.gstatic.com fonts.googleapis.com
1 s.skimresources.com sqworl.com
1 ajax.googleapis.com sqworl.com
1 fonts.googleapis.com sqworl.com
0 image.thum.io Failed sqworl.com
79 41

This site contains links to these domains. Also see Links.

Domain
mozartmoving.com
www.iubenda.com
Subject Issuer Validity Valid
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-25 -
2023-09-23		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
ad-srv.net
R3		 2023-08-17 -
2023-11-15		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
contentspread.net
R3		 2023-08-24 -
2023-11-22		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://sqworl.com/2nbsw8
Frame ID: 4261921B5B365FDCE92ECA5C2C873D5C
Requests: 57 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3612267415137016
Frame ID: 473FA5AE55C16CB11F043F444F40284F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Frame ID: 9E08C6FB293591713695BCB25E912E1A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fsqworl.com
Frame ID: A4274A5F1220A21EF393BB2A238D5A4E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&h=280&slotname=6709750226&adk=397385836&adf=1684144924&pi=t.ma~as.6709750226&w=728&fwrn=4&fwrnh=100&lmt=1694804399&rafmt=1&format=728x280&url=http%3A%2F%2Fsqworl.com%2F2nbsw8&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1694811598566&bpp=5&bdt=998&idt=665&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=6956968678787&frm=20&pv=2&ga_vid=674784162.1694811599&ga_sid=1694811599&ga_hid=1401743716&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077327%2C31077773%2C31076998%2C21065724&oid=2&pvsid=3439915672889454&tmod=1774225875&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=GsxSvvqWYJ&p=http%3A//sqworl.com&dtd=683
Frame ID: 652E3850CD2BAA89417A9E6A8009CFA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&adk=1812271804&adf=3025194257&lmt=1694804399&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fsqworl.com%2F2nbsw8&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1694811598582&bpp=2&bdt=1014&idt=676&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=6956968678787&frm=20&pv=1&ga_vid=674784162.1694811599&ga_sid=1694811599&ga_hid=1401743716&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077327%2C31077773%2C31076998%2C21065724&oid=2&pvsid=3439915672889454&tmod=1774225875&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=684
Frame ID: 4EBFE2F486F8472C462D9D9869EAC90E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 3C9A349A3542DCDFF4D9C156AF05FF8B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9C6C86640311CF21309460C7FCEC79A8
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=54110887;rtbwp=ZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ;rtbdata=wFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ&client=ca-pub-7139769428607423&adurl=
Frame ID: 0EC1EC0CAB247105BEE00DA9D931E69F
Requests: 11 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=27ehwom8mjk5&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230913%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7139769428607423%26fa%3D4%26ifi%3D3%26uci%3Da!3%26xpc%3D7wnmJEiyHc%26p%3Dhttp%253A%2F%2Fsqworl.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fsqworl.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:sqworl.com&extVar[]=AF_DOM_RTB:sqworl.com&subid=5825308226331308465&rnd=81398&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ%26client%3Dca-pub-7139769428607423%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110887%3Bcrtbwp%3DZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ%3Bcrtbdata%3DwFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2%3Badfibeg%3D0%3Bcdata%3DKfkklFmBlNq8ax9L-LnSQmuUznoTveDy3X3n1hPrS7DP-N21YjwCqMSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_ttS2aOTQIUpTzOGsjYO3wLwR8fLYRuRgvSUGUCVnvM5TE4_sQZGQgqA2%3B%3BCREFURL%3Dhttp%253a%252f%252fsqworl.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Frame ID: BC0E52253B831EF520CF63EE85BA5DF1
Requests: 5 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2965113&v=15168&q=361106&r=783431&pv=1&pref2=15168&pref1=33868800131941204452300012448017
Frame ID: 699AC2190DE476D9ECC5E749FF4C547F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sqworl | Visual Bookmarks for Educators | Sqworl

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • iubenda\.com/cookie-solution/confs/js/
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

65 %
HTTPS

0 %
IPv6

24
Domains

41
Subdomains

38
IPs

7
Countries

1217 kB
Transfer

3564 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png HTTP 307
  • https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
Request Chain 10
  • http://assets.pinterest.com/js/pinit.js HTTP 307
  • https://assets.pinterest.com/js/pinit.js
Request Chain 16
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 19
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 39
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 302
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Request Chain 74
  • https://ad.ad-srv.net/request.php?zone=27ehwom8mjk5&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230913%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7139769428607423%26fa%3D4%26ifi%3D3%26uci%3Da!3%26xpc%3D7wnmJEiyHc%26p%3Dhttp%253A%2F%2Fsqworl.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fsqworl.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:sqworl.com&extVar[]=AF_DOM_RTB:sqworl.com&subid=5825308226331308465&rnd=81398&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ%26client%3Dca-pub-7139769428607423%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110887%3Bcrtbwp%3DZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ%3Bcrtbdata%3DwFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2%3Badfibeg%3D0%3Bcdata%3DKfkklFmBlNq8ax9L-LnSQmuUznoTveDy3X3n1hPrS7DP-N21YjwCqMSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_ttS2aOTQIUpTzOGsjYO3wLwR8fLYRuRgvSUGUCVnvM5TE4_sQZGQgqA2%3B%3BCREFURL%3Dhttp%253a%252f%252fsqworl.com%3BC%3D1%3Bcpdir%3D HTTP 302
  • https://ad.ad-srv.net/request.php?zone=27ehwom8mjk5&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230913%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7139769428607423%26fa%3D4%26ifi%3D3%26uci%3Da!3%26xpc%3D7wnmJEiyHc%26p%3Dhttp%253A%2F%2Fsqworl.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fsqworl.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:sqworl.com&extVar[]=AF_DOM_RTB:sqworl.com&subid=5825308226331308465&rnd=81398&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ%26client%3Dca-pub-7139769428607423%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110887%3Bcrtbwp%3DZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ%3Bcrtbdata%3DwFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2%3Badfibeg%3D0%3Bcdata%3DKfkklFmBlNq8ax9L-LnSQmuUznoTveDy3X3n1hPrS7DP-N21YjwCqMSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_ttS2aOTQIUpTzOGsjYO3wLwR8fLYRuRgvSUGUCVnvM5TE4_sQZGQgqA2%3B%3BCREFURL%3Dhttp%253a%252f%252fsqworl.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Request Chain 75
  • https://www.awin1.com/cshow.php?s=2965113&v=15168&q=361106&r=783431&pv=0&pref2=15168&pref1=33868800131941204452300012448017 HTTP 302
  • https://smartphoto-media.com/banner/campaign/nc-general-1-de-120x600-px.jpg

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2nbsw8
sqworl.com/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash
6a7c5f8b3f9daa3d63aa62a0b85f85f5b39e567504e22952e21618a6a88e36b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3881
Content-Type
text/html
Date
Fri, 15 Sep 2023 20:49:17 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.7 (Ubuntu)
Vary
Accept-Encoding
X-Powered-By
PHP/5.5.9-1ubuntu4.22
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Nunito:400,300,700
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
babaaa81145b4526fa24c3e7390463fb37e7ecb5b68a7239c101d12918268333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:59:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 15 Sep 2023 20:59:57 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Fri, 15 Sep 2023 20:59:57 GMT
style.css
sqworl.com/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/css/style.css?v=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
46e5365ad8d0b582339cfdcdb3c58df70a9b6f042b29545090b5ad192fcfc31f

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/2nbsw8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:49:17 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Aug 2016 18:23:14 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"568b-53a0c357cf903-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4677
tipsy.css
sqworl.com/css/ 		2 KB
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/css/tipsy.css
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
0889308c17c381d319d123a50a0aaafa256f57c667e1309510a90311edf404eb

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/2nbsw8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:49:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 02:17:48 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"876-50a6014fe3772-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
530
media.css
sqworl.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/css/media.css
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
06ec94c6f183b0450ee88b453cc5dcf08708d666c87a76c6d48dda51b0d6886a

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/2nbsw8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:49:18 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Mar 2017 20:16:18 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"cec-54a01739347c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
822
modernizr-2.6.2.min.js
sqworl.com/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/js/modernizr-2.6.2.min.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/2nbsw8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:49:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 02:17:56 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"3c36-50a60156e46f2-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6246
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
cc93735a467710c092c77249a2a275efb2e3d92945524589e6431449217fd1eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:59:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
53907
X-XSS-Protection
0
Server
cafe
ETag
5558014128926326977
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Fri, 15 Sep 2023 20:59:58 GMT
iubenda_cs.js
cdn.iubenda.com/cookie_solution/safemode/ 		237 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iubenda.com/cookie_solution/safemode/iubenda_cs.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
3a585399acea802506b248a0f83926def3bc57198d35a8e48dadd149c556f2b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:59:58 GMT
Content-Encoding
gzip
CDN-EdgeStorageId
1081
Transfer-Encoding
chunked
P3P
CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
CDN-CachedAt
09/15/2023 08:39:59
CDN-PullZone
954456
Connection
keep-alive
Last-Modified
Fri, 15 Sep 2023 07:41:15 GMT
Server
BunnyCDN-DE1-1080
CDN-ProxyVer
1.04
CDN-RequestPullCode
200
ETag
"65040a9b-d6"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
CDN-Cache
HIT
CDN-Uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
Cache-Control
public, max-age=3600
CDN-RequestId
4b1fe8a80a435ab5eca7eb920deaa526
CDN-RequestCountryCode
CH
CDN-Status
200
CDN-RequestPullSuccess
True
sqworl_logo.png
sqworl.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sqworl.com/img/sqworl_logo.png
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
13f69fb9d246edd6b451b2b31124dcf540a2612bb5b5ddf0be757e812cb03525

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/2nbsw8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:49:18 GMT
Last-Modified
Fri, 19 Dec 2014 17:27:57 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"322c-50a9507a07b7b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12844
/
image.thum.io/get/auth/57215-sqworl/width/200/crop/900/noanimate/https://mozartmoving.com/ 		0
0
pinit_fg_en_rect_gray_20.png
assets.pinterest.com/images/pidgets/
Redirect Chain
  • http://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
  • https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
908 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

akamai-x-true-ttl
86400
x-cdn
akamai
x-akamai-ew-subworker
8096267
etag
"8a25277cfdf72f8f916b4cdc34052149"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
image/png
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=82025
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
908

Redirect headers

Location
https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
pinit.js
assets.pinterest.com/js/
Redirect Chain
  • http://assets.pinterest.com/js/pinit.js
  • https://assets.pinterest.com/js/pinit.js
361 B
439 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=224
accept-ranges
bytes
content-length
203

Redirect headers

Location
https://assets.pinterest.com/js/pinit.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 00:18:41 GMT
X-Content-Type-Options
nosniff
Age
160877
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
95786
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 13 Sep 2024 00:18:41 GMT
jquery.tipsy.js
sqworl.com/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/js/jquery.tipsy.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
67b2a3e28c0d6e105b04a4806b84c02cede9775d5ba3be5bd57fb80772724952

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/2nbsw8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:49:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 02:17:55 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"263b-50a6015669632-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2712
jquery.infieldlabel.min.js
sqworl.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/js/jquery.infieldlabel.min.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
15c390fc54814643250ccf0ab0530dcf3c0b86e6293b46c3e55fa861c4bd394e

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/2nbsw8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:49:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 02:17:54 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"6c8-50a601558f9d2-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
761
30768X884129.skimlinks.js
s.skimresources.com/js/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s.skimresources.com/js/30768X884129.skimlinks.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
22da01693f4a80c11dbf4f02d3ecc9a0f0cf9a000f7d72ff0b40e475f4fa0eec

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:59:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2023 14:55:38 GMT
Server
AmazonS3
x-amz-request-id
9CVEXB2XJHK9N2P2
ETag
"4bd4be92faee4cd3355615d9575e2512"
X-HW
1694811598.cds253.fr8.h2,1694811598.cds247.fr8.c
Content-Type
application/octet-stream
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19530
x-amz-id-2
1HByOTZkZE6qCmKqg1FM0I0nv5bMJqaiFI3myo9+MNIV/c8zjq51YJzJnr+P1C+0l/hPf141+UM=
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Nunito:400,300,700
Protocol
HTTP/1.1
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://sqworl.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 22:34:33 GMT
X-Content-Type-Options
nosniff
Age
80725
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
39124
X-XSS-Protection
0
Last-Modified
Thu, 14 Sep 2023 00:02:20 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 13 Sep 2024 22:34:33 GMT
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
01736cfff16702f23bf62c34b88fe672b62b0d1cd6549b35ead1916442111bd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Sep 2023 20:59:58 GMT
content-md5
Av3y92lTERqLonVhXD33zg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
DZKDjBX2D1vf/nXRGhVNuP0odJHijTBsr1WB9g3zPmVcoq4i+AYe31mVgR8eaU4ZRf/sdpaELQ8aFL9fUvlqYA==
x-fb-content-md5
b5d34b3aeea1a5c2e263c6f933ce394b
cross-origin-opener-policy
same-origin-allow-popups
etag
"3605dc3ea6219fae47124e808ebabb5a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 15 Sep 2023 21:19:28 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&appId=1393466737546175&version=v2.0
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:59:58 GMT
Content-Encoding
gzip
Age
137
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/67BA)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
gear-bg-24.png
sqworl.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sqworl.com/img/gear-bg-24.png
Requested by
Host: sqworl.com
URL: http://sqworl.com/css/style.css?v=1
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
0c4a1f78c32fa975cccbc35ac2fc2cf186506b408f3256f039d820e456597de0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/css/style.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:49:18 GMT
Last-Modified
Wed, 17 Dec 2014 02:17:56 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"6c1-50a6015779d92"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1729
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Sep 2023 19:47:06 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4372
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 15 Sep 2023 21:47:06 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
/
r.skimresources.com/api/ 		162 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
7bc52f1d29d9289798db7d48f3d38399dd42f31b4519100e62861c18cd23c90b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 15 Sep 2023 20:59:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://sqworl.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
robots.txt
t.skimresources.com/api/v2/ Frame 473F 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3612267415137016
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 20:59:58 GMT
via
1.1 google
cache-control
private, no-store
server
Python/3.10 aiohttp/3.8.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.skimresources.com/px.gif?ch=1&rn=6.622528501182763
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date
Fri, 15 Sep 2023 20:59:58 GMT
Via
1.1 google
Server
Skimlinks Pixel 1.0
Content-Length
43
Content-Type
image/gif
px.gif
p.skimresources.com/ 		43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.skimresources.com/px.gif?ch=2&rn=6.622528501182763
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date
Fri, 15 Sep 2023 20:59:58 GMT
Via
1.1 google
Server
Skimlinks Pixel 1.0
Content-Length
43
Content-Type
image/gif
page
t.skimresources.com/api/v2/ 		22 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 20:59:58 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
http://sqworl.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link
t.skimresources.com/api/v2/ 		22 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 20:59:58 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
http://sqworl.com
warning
299 - "Deprecated API"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
loader.js
cdn.taboola.com/libtrc/skimlinks-publishers/ 		149 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js
Protocol
HTTP/1.1
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c8827a5539e532aaaa19dbcc01354ce00f2857f12fa686038d78fcadd9320d99

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DIvazJgS8CdZNryRre0WhiUkYSOvIxXs
content-encoding
gzip
Via
1.1 varnish
Date
Fri, 15 Sep 2023 20:59:58 GMT
x-amz-request-id
37N93ERJQ9SPKMMX
Age
1116
x-amz-server-side-encryption
AES256
X-Cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
11
x-amz-replication-status
FAILED
Connection
keep-alive
Content-Length
44804
x-amz-id-2
lDOwBYpZAgnuJX/aVWH69j3XNXGiJugdy3soI4Q+0izFw3lIXR6MTtjbR9qgZpD1cKJHPv0/Rho=
X-Served-By
cache-fra-eddf8230110-FRA
last-modified
Thu, 14 Sep 2023 14:16:31 UTC
Server
nginx
X-Timer
S1694811599.533117,VS0,VE1
etag
"9577773654c2f996b4708f1cde58bc8533985416"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
28
Cache-Control
private,max-age=14400
Accept-Ranges
bytes
X-Cache-Hits
1
core-fcf8c9eac36aece9d290934b54a63296.js
cdn.iubenda.com/cookie_solution/iubenda_cs/ 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js
Requested by
Host: cdn.iubenda.com
URL: http://cdn.iubenda.com/cookie_solution/safemode/iubenda_cs.js
Protocol
HTTP/1.1
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
3883953ece04ad3f10b29882c2d75b7dfed7c4fc3a2505063b78cb6549038645

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:59:58 GMT
Content-Encoding
gzip
CDN-EdgeStorageId
1080
Transfer-Encoding
chunked
P3P
CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
CDN-CachedAt
09/15/2023 08:39:59
CDN-PullZone
954456
Connection
keep-alive
Last-Modified
Fri, 15 Sep 2023 07:41:15 GMT
Server
BunnyCDN-DE1-1080
CDN-ProxyVer
1.04
CDN-RequestPullCode
200
ETag
"65040a9b-7e3c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
CDN-Cache
HIT
CDN-Uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
Cache-Control
public, max-age=31536000
CDN-RequestId
b0016529d0a0e4f1ff2e1a234920cf1c
CDN-RequestCountryCode
CH
CDN-Status
200
CDN-RequestPullSuccess
True
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
b0b5a6d2a2a37d700ff15572ded23ab6513d2499af6d9df15e80606406cb73e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 20:59:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131883
x-xss-protection
0
server
cafe
etag
15546069142909654304
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Sep 2023 20:59:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/ Frame 9E08 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
86018
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 21:06:21 GMT
etag
8554266389219770021
expires
Thu, 28 Sep 2023 21:06:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
380745.js
www.iubenda.com/cookie-solution/confs/js/ 		89 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.iubenda.com/cookie-solution/confs/js/380745.js
Requested by
Host: cdn.iubenda.com
URL: http://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js
Protocol
HTTP/1.1
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
06f1bd029bb57ef9b4aace3a36a730983913dee2d416b55cae48dc435e20c765
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 18 Aug 2023 12:05:07 GMT
Date
Fri, 15 Sep 2023 20:59:58 GMT
Strict-Transport-Security
max-age=63072000
CDN-EdgeStorageId
1081
CDN-CachedAt
08/18/2023 11:05:07
CDN-PullZone
966339
Connection
keep-alive
Content-Length
89
Last-Modified
Fri, 18 Aug 2023 10:22:50 GMT
Server
BunnyCDN-DE1-1080
CDN-ProxyVer
1.04
CDN-RequestPullCode
200
ETag
"64df467a-59"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
CDN-Cache
HIT
CDN-Uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
Cache-Control
public, max-age=3600
Access-Control-Allow-Credentials
true
CDN-RequestId
33628cd1ca2c72f17e7eac74be64fe11
Accept-Ranges
bytes
CDN-RequestCountryCode
CH
CDN-Status
200
CDN-RequestPullSuccess
True
sdk.js
connect.facebook.net/en_US/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=5f0d14685a7fe9f54e4f7837dd52efde
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
6d48f80c1f7a8f436a90fc5350dfcaeb822060cbfec47348f94f149b2a5f71a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://sqworl.com/
Origin
http://sqworl.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Sep 2023 20:59:59 GMT
content-md5
hEeRe8YMLtQ8QPBrEm/dxQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88948
x-fb-debug
w3mgHT+HVtujaVRtzvIdTK0STOGSV0wmDHUyJnB7rmPoTcAtb+4ZXIdtcQDv5rtA58XcnDttMp6boN0b5tujhQ==
x-fb-content-md5
6f277628c80df3cabfc3ec66059af07a
cross-origin-opener-policy
same-origin-allow-popups
etag
"af3a4055f1688e9c150ac4286543739c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 14 Sep 2024 20:50:59 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame A427 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fsqworl.com
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2563537
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Sep 2023 20:59:59 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/675D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
impl.20230913-6-RELEASE.js
cdn.taboola.com/libtrc/ 		809 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230913-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0ebcb226f6a2a75fac2a800ee351cac06b0b9e403f7eeeacd7f046dfc7458af9

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
e6uIDgw.sz2e7WLY2.ud6NGdXYQAg3ZM
content-encoding
br
via
1.1 varnish
date
Fri, 15 Sep 2023 20:59:58 GMT
x-amz-request-id
H29S83P68N3W1CBX
age
13500
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171411
x-amz-id-2
DEpfsGuZB48qoPdIGT+hsn1Dqf+L4Kttw9ZQmNB/UrcV0KCY5qM9L3bxldGFylxWlG01mTIOfFs=
x-served-by
cache-fra-etou8220056-FRA
last-modified
Wed, 13 Sep 2023 09:14:33 GMT
server
AmazonS3-br
x-timer
S1694811599.711194,VS0,VE0
etag
"997f98a41a7feca4a291fdef058f4868"
vary
Accept-Encoding
content-type
application/javascript
abp
17
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
38130
pinit_main.js
assets.pinterest.com/js/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.244591685915998
Requested by
Host: assets.pinterest.com
URL: http://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=288
accept-ranges
bytes
content-length
18679
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/j/ 		16 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1401743716&t=pageview&_s=1&dl=http%3A%2F%2Fsqworl.com%2F2nbsw8&ul=en-us&de=UTF-8&dt=Sqworl%20%7C%20Visual%20Bookmarks%20for%20Educators%20%7C%20Sqworl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=991549268&gjid=887502264&cid=674784162.1694811599&tid=UA-50855-7&_gid=1227166374.1694811599&_r=1&_slc=1&z=893254772
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
296021c91b01be4129994cf73621317625b7a80eaf234241408fa85cb5c54902
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 20:59:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sqworl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-50855-7&cid=674784162.1694811599&jid=991549268&gjid=887502264&_gid=1227166374.1694811599&_u=IEBAAEAAAAAAACAAI~&z=998493033
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 15 Sep 2023 20:59:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sqworl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HVD4KN0Q8F&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e9d5e49ce52adb7f100b82138f39468cdcae1955e620baba4929aafc2f34d5b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 20:59:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82833
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Sep 2023 20:59:59 GMT
sync
gum.criteo.com/
Redirect Chain
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 20:59:59 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
261881
expires
60

Redirect headers

location
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control
no-cache
content-length
0
json
trc.taboola.com/skimlinks-publishers/trc/3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/skimlinks-publishers/trc/3/json?tim=22%3A59%3A58.797&lti=deflated&data=%7B%22id%22%3A495%2C%22ii%22%3A%22%2F2nbsw8%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1694598297290%2C%22vi%22%3A1694811598795%2C%22cv%22%3A%2220230913-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fsqworl.com%2F2nbsw8%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fsqworl.com%2F2nbsw8%22%2C%22vpi%22%3A%22%2F2nbsw8%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1210%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Aabp%3D0%22%2C%22uip%22%3A%22SkimlinksPublisher%22%2C%22orig_uip%22%3A%22SkimlinksPublisher%22%2C%22cd%22%3A1210%2C%22mw%22%3A1600%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F2nbsw8%2CSkimlinksPublisher%3Drbox-tracking%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230913-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f503a30f3de8e4d16361d34dc28ed355348a752364f51a1d94ff03bbff98a81

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
223
date
Fri, 15 Sep 2023 20:59:59 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.7485416666666667
x-fastly-to-nlb-rtt
102244
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220056-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1694811599.819004,VS0,VE223
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
http://sqworl.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/skimlinks-publishers/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/skimlinks-publishers/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230913-6-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
http://sqworl.com
pragma
no-cache
date
Fri, 15 Sep 2023 20:59:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
distance-from-article.20230913-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230913-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e6683f38016b2a2deeecde460d3a5829fe0e7d657f00e02cb3ec247c89a36c7

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MyFFu.MN7l85oJI2uCWwynRtjJsAAPLK
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Sep 2023 20:59:59 GMT
x-amz-request-id
52DQ4CZPQ9JZA8K7
age
183023
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
xFbIJx7Ga1+ggDOGKPQwb7qucUNJkIdBzscDbE3JtFkgLalfRwLeq/fyFa6CvzVtGOp9tMrT7B4=
x-served-by
cache-fra-etou8220056-FRA
last-modified
Wed, 13 Sep 2023 18:09:36 GMT
server
AmazonS3
x-timer
S1694811599.104996,VS0,VE0
etag
"701fc3d562afff1d50de41b6cb5f29d3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
279227
article-detection.20230913-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230913-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c50fbc8b93d93020dcd019b9a9c035fef70c9338216b0fd85b02e8dfd1913f63

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
l.BZiDbCuPDNBs_71FhCuCTGi9HFBfP5
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Sep 2023 20:59:59 GMT
x-amz-request-id
WM1SJE86GQS6YBCZ
age
183030
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
UsHdMYwCu/fIjWSG/FLTRakPxfV/xX+fXvsyvgcfuxoNdCK+qtpC905BPs+143JvdcO7vzoNz9U=
x-served-by
cache-fra-etou8220056-FRA
last-modified
Wed, 13 Sep 2023 18:09:29 GMT
server
AmazonS3
x-timer
S1694811599.104982,VS0,VE0
etag
"d6e803678897aedb291df97b4c46a629"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
16
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
279349
debug
ch-trc-events.taboola.com/skimlinks-publishers/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/skimlinks-publishers/log/2/debug?tim=22%3A59%3A59.091&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20rbox-tracking&llvl=2&id=4923&cv=20230913-6-RELEASE&lt=deflated&pct=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 20:59:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109228
settings
syndication.twitter.com/ Frame A427 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=57ee49d23cea5dfbcd32f59161d18432227edeff
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fsqworl.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
104
date
Fri, 15 Sep 2023 20:59:58 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 15 Sep 2023 20:59:59 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
bc0ab1fa2bd7ceea
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
9d63bd7dbfcbd210070d9db36b7597d3aa8b90dfe6de3dc6376643b50b1819a4
content-length
337
cookie.js
partner.googleadservices.com/gampad/ 		387 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sqworl.com&callback=_gfp_s_&client=ca-pub-7139769428607423
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a6f3ef16cb196981a0786c0fbd4f6f9076d794b0c61cf66b14177c76541ab92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 20:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 652E 		436 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&h=280&slotname=6709750226&adk=397385836&adf=1684144924&pi=t.ma~as.6709750226&w=728&fwrn=4&fwrnh=100&lmt=1694804399&rafmt=1&format=728x280&url=http%3A%2F%2Fsqworl.com%2F2nbsw8&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1694811598566&bpp=5&bdt=998&idt=665&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=6956968678787&frm=20&pv=2&ga_vid=674784162.1694811599&ga_sid=1694811599&ga_hid=1401743716&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077327%2C31077773%2C31076998%2C21065724&oid=2&pvsid=3439915672889454&tmod=1774225875&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=GsxSvvqWYJ&p=http%3A//sqworl.com&dtd=683
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6e32c0163845e26a18e0efdb7668bd7ddb42e51cb4f0b59a6a9dbf74168e036b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 20:59:59 GMT
expires
Fri, 15 Sep 2023 20:59:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-50855-7&cid=674784162.1694811599&jid=991549268&_u=IEBAAEAAAAAAACAAI~&z=1376651962
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 20:59:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-50855-7&cid=674784162.1694811599&jid=991549268&_u=IEBAAEAAAAAAACAAI~&z=1376651962
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 20:59:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4EBF 		83 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&adk=1812271804&adf=3025194257&lmt=1694804399&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fsqworl.com%2F2nbsw8&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1694811598582&bpp=2&bdt=1014&idt=676&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=6956968678787&frm=20&pv=1&ga_vid=674784162.1694811599&ga_sid=1694811599&ga_hid=1401743716&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077327%2C31077773%2C31076998%2C21065724&oid=2&pvsid=3439915672889454&tmod=1774225875&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=684
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
49a9e4014319420438c5918d10fa0150cefbf5fe042fd599cb5267678abc8179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
20510
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 21:00:00 GMT
expires
Fri, 15 Sep 2023 21:00:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-HVD4KN0Q8F&gtm=45je39d0&_p=1401743716&_gaz=1&ul=en-us&sr=1600x1200&cid=674784162.1694811599&_eu=ABAI&_s=1&dl=http%3A%2F%2Fsqworl.com%2F2nbsw8&dt=Sqworl%20%7C%20Visual%20Bookmarks%20for%20Educators%20%7C%20Sqworl&sid=1694811599&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVD4KN0Q8F&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 20:59:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sqworl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HVD4KN0Q8F&cid=674784162.1694811599&gtm=45je39d0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVD4KN0Q8F&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 20:59:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sqworl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HVD4KN0Q8F&cid=674784162.1694811599&gtm=45je39d0&aip=1&z=327355270
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 20:59:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 20:59:59 GMT
Content-Encoding
gzip
Age
2563538
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2618
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (frb/6796)
Etag
"506673dbdb9085e7201e137e893cc152+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame 3C9A 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2563534
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13592
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Sep 2023 20:59:59 GMT
Etag
"28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:10 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6796)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fsqworl.com%2F2nbsw8%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1694811599477%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=57ee49d23cea5dfbcd32f59161d18432227edeff
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
117
date
Fri, 15 Sep 2023 20:59:59 GMT
strict-transport-security
max-age=631138519
last-modified
Fri, 15 Sep 2023 20:59:59 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
3fc8095ef9bb22ce
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
9d63bd7dbfcbd210070d9db36b7597d3aa8b90dfe6de3dc6376643b50b1819a4
content-length
43
truncated
/ Frame 3C9A 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
log.pinterest.com/ 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=y7tJhUMxJzXv&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fsqworl.com%2F2nbsw8
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 15 Sep 2023 20:59:59 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
4
x-pinterest-rid
1333165959235371
content-length
0
x-served-by
cache-fra-eddf8230106-FRA
pragma
no-cache
server
envoy
x-timer
S1694811600.831689,VS0,VE30
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
4ea85336b0a5084b51c4115830555b04067ab0f8337fd9eba09113d6ae71d47b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 21:00:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53717
x-xss-protection
0
server
cafe
etag
14427907835914180573
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Sep 2023 21:00:00 GMT
bulk
trc.taboola.com/skimlinks-publishers/log/3/ 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/skimlinks-publishers/log/3/bulk?tvi48=11593&tvi50=12025&route=AM%3ACH%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230913-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
103
date
Fri, 15 Sep 2023 21:00:00 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
101731
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220056-FRA
pragma
no-cache
server
nginx
x-timer
S1694811600.123279,VS0,VE103
content-type
image/gif
access-control-allow-origin
http://sqworl.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/ Frame 9C6C 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
65505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 02:48:15 GMT
etag
8554266389219770021
expires
Fri, 29 Sep 2023 02:48:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/adfscript/ Frame 0EC1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=54110887;rtbwp=ZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ;rtbdata=wFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ&client=ca-pub-7139769428607423&adurl=
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
098f8b9582676d2de3382352574afadfa4d01b8fb6dc9c4ab3dcab727c3237e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 20:59:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1472
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 0EC1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 17:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
11601
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 17:46:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 0EC1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 18:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
9002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 18:29:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0EC1 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 21:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 21:00:00 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 0EC1 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54110887;rtbwp=ZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ;rtbdata=wFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ&client=ca-pub-7139769428607423&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 21:00:00 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:03 GMT
/
track.adform.net/adfserve/ Frame 0EC1 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=54110887;rtbwp=ZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ;rtbdata=wFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ&client=ca-pub-7139769428607423&adurl=;js=1;adfxid=1x;5469;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=http%3A%2F%2Fsqworl.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
486b30fc2f4e4b2b5735ff65ad92c83b1ad3b0c9da4baf49726bbb3ff2ff4512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 20:59:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3198
expires
-1
bd4e7bcd7e.html
tm.ad-srv.net/tm/a/container/html/ Frame 0EC1 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=ca0d669b16&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ%26client%3Dca-pub-7139769428607423%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110887%3Bcrtbwp%3DZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ%3Bcrtbdata%3DwFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2%3Badfibeg%3D0%3Bcdata%3DKfkklFmBlNq8ax9L-LnSQmuUznoTveDy3X3n1hPrS7DP-N21YjwCqMSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_ttS2aOTQIUpTzOGsjYO3wLwR8fLYRuRgvSUGUCVnvM5TE4_sQZGQgqA2%3B%3BCREFURL%3Dhttp%253a%252f%252fsqworl.com%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=sqworl.com&eVRDB=sqworl.com&eVAI=5825308226331308465&rnd=81398&gdpr=0&gdpr_consent=
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
178.63.68.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.35.68.63.178.clients.your-server.de
Software
nginx /
Resource Hash
4f53917c8792946fc15b80780593c57ba5edad142a07e05f5c54c1a724bf99e7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Sep 2023 21:00:01 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Expires
0
/
track.adform.net/csimpr/ Frame 0EC1 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=54110887&csi=xW0Wrx0FqusnVylXneE0qG-C88E7ba7oZuQ5uxhAbBTrygPkIxxfk0m5ipINGxjNO31va5C-vhUklAWXzxyRYGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Sep 2023 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230913-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Sep 2023 21:00:01 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
780
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-etou8220056-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1694811601.101668,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
2
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
3481
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230913-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Sep 2023 21:00:01 GMT
x-amz-request-id
AXB48TVMJDNAM2N4
age
13101
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by
cache-fra-etou8220056-FRA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694811601.101642,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
30
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
16718
ThirdParty
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 0EC1 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f56bc825839f62fe7b2597768b08fa433e8ad2e02db872cface67b4821ffe034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 21:00:01 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:03 GMT
/
pips.taboola.com/ 		4 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230086-FRA
date
Fri, 15 Sep 2023 21:00:01 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
http://sqworl.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
request.php
ad.ad-srv.net/ Frame BC0E
Redirect Chain
  • https://ad.ad-srv.net/request.php?zone=27ehwom8mjk5&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fgoogleads.g.doublecl...
  • https://ad.ad-srv.net/request.php?zone=27ehwom8mjk5&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fgoogleads.g.doublecl...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/request.php?zone=27ehwom8mjk5&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230913%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7139769428607423%26fa%3D4%26ifi%3D3%26uci%3Da!3%26xpc%3D7wnmJEiyHc%26p%3Dhttp%253A%2F%2Fsqworl.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fsqworl.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:sqworl.com&extVar[]=AF_DOM_RTB:sqworl.com&subid=5825308226331308465&rnd=81398&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ%26client%3Dca-pub-7139769428607423%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110887%3Bcrtbwp%3DZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ%3Bcrtbdata%3DwFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2%3Badfibeg%3D0%3Bcdata%3DKfkklFmBlNq8ax9L-LnSQmuUznoTveDy3X3n1hPrS7DP-N21YjwCqMSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_ttS2aOTQIUpTzOGsjYO3wLwR8fLYRuRgvSUGUCVnvM5TE4_sQZGQgqA2%3B%3BCREFURL%3Dhttp%253a%252f%252fsqworl.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Requested by
Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=ca0d669b16&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ%26client%3Dca-pub-7139769428607423%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110887%3Bcrtbwp%3DZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ%3Bcrtbdata%3DwFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2%3Badfibeg%3D0%3Bcdata%3DKfkklFmBlNq8ax9L-LnSQmuUznoTveDy3X3n1hPrS7DP-N21YjwCqMSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_ttS2aOTQIUpTzOGsjYO3wLwR8fLYRuRgvSUGUCVnvM5TE4_sQZGQgqA2%3B%3BCREFURL%3Dhttp%253a%252f%252fsqworl.com%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=sqworl.com&eVRDB=sqworl.com&eVAI=5825308226331308465&rnd=81398&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
415a5274495c4ef914787bc45cdec504b7b6570667b25517532823754b05f02e

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1582
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Sep 2023 21:00:01 GMT
Expires
Fri, 15 Sep 2023 22:00:01 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
33868800131941204452300012448017

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Sep 2023 21:00:01 GMT
Expires
Fri, 15 Sep 2023 22:00:01 +0200
Location
request.php?zone=27ehwom8mjk5&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230913%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7139769428607423%26fa%3D4%26ifi%3D3%26uci%3Da!3%26xpc%3D7wnmJEiyHc%26p%3Dhttp%253A%2F%2Fsqworl.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fsqworl.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:sqworl.com&extVar[]=AF_DOM_RTB:sqworl.com&subid=5825308226331308465&rnd=81398&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ%26client%3Dca-pub-7139769428607423%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110887%3Bcrtbwp%3DZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ%3Bcrtbdata%3DwFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2%3Badfibeg%3D0%3Bcdata%3DKfkklFmBlNq8ax9L-LnSQmuUznoTveDy3X3n1hPrS7DP-N21YjwCqMSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_ttS2aOTQIUpTzOGsjYO3wLwR8fLYRuRgvSUGUCVnvM5TE4_sQZGQgqA2%3B%3BCREFURL%3Dhttp%253a%252f%252fsqworl.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
nc-general-1-de-120x600-px.jpg
smartphoto-media.com/banner/campaign/ Frame BC0E
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2965113&v=15168&q=361106&r=783431&pv=0&pref2=15168&pref1=33868800131941204452300012448017
  • https://smartphoto-media.com/banner/campaign/nc-general-1-de-120x600-px.jpg
23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartphoto-media.com/banner/campaign/nc-general-1-de-120x600-px.jpg
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=27ehwom8mjk5&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230913%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7139769428607423%26fa%3D4%26ifi%3D3%26uci%3Da!3%26xpc%3D7wnmJEiyHc%26p%3Dhttp%253A%2F%2Fsqworl.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fsqworl.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:sqworl.com&extVar[]=AF_DOM_RTB:sqworl.com&subid=5825308226331308465&rnd=81398&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ%26client%3Dca-pub-7139769428607423%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110887%3Bcrtbwp%3DZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ%3Bcrtbdata%3DwFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2%3Badfibeg%3D0%3Bcdata%3DKfkklFmBlNq8ax9L-LnSQmuUznoTveDy3X3n1hPrS7DP-N21YjwCqMSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_ttS2aOTQIUpTzOGsjYO3wLwR8fLYRuRgvSUGUCVnvM5TE4_sQZGQgqA2%3B%3BCREFURL%3Dhttp%253a%252f%252fsqworl.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
H2
Server
149.126.4.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecea1f330b15f16b635fb2e00c30ecdaad22f2e20106d1ed8edb2a27dd598e3b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 21:00:03 GMT
strict-transport-security
max-age=3600
last-modified
Fri, 03 Jun 2022 09:04:52 GMT
etag
"5c90-6299ceb4-9620a81bb48b25ea;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
23696
expires
Fri, 22 Sep 2023 21:00:03 GMT

Redirect headers

Date
Fri, 15 Sep 2023 21:00:02 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://smartphoto-media.com/banner/campaign/nc-general-1-de-120x600-px.jpg
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
viewability
ad17.ad-srv.net/ Frame BC0E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad17.ad-srv.net/viewability?s=33868800131941204452300012448017&a=fd37866f&vb=m
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=27ehwom8mjk5&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230913%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7139769428607423%26fa%3D4%26ifi%3D3%26uci%3Da!3%26xpc%3D7wnmJEiyHc%26p%3Dhttp%253A%2F%2Fsqworl.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fsqworl.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:sqworl.com&extVar[]=AF_DOM_RTB:sqworl.com&subid=5825308226331308465&rnd=81398&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ%26client%3Dca-pub-7139769428607423%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110887%3Bcrtbwp%3DZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ%3Bcrtbdata%3DwFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2%3Badfibeg%3D0%3Bcdata%3DKfkklFmBlNq8ax9L-LnSQmuUznoTveDy3X3n1hPrS7DP-N21YjwCqMSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_ttS2aOTQIUpTzOGsjYO3wLwR8fLYRuRgvSUGUCVnvM5TE4_sQZGQgqA2%3B%3BCREFURL%3Dhttp%253a%252f%252fsqworl.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 21:00:02 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
cshow.php
www.awin1.com/ Frame 699A 		43 B
702 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2965113&v=15168&q=361106&r=783431&pv=1&pref2=15168&pref1=33868800131941204452300012448017
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=27ehwom8mjk5&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230913%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7139769428607423%26fa%3D4%26ifi%3D3%26uci%3Da!3%26xpc%3D7wnmJEiyHc%26p%3Dhttp%253A%2F%2Fsqworl.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fsqworl.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:sqworl.com&extVar[]=AF_DOM_RTB:sqworl.com&subid=5825308226331308465&rnd=81398&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ%26client%3Dca-pub-7139769428607423%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110887%3Bcrtbwp%3DZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ%3Bcrtbdata%3DwFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2%3Badfibeg%3D0%3Bcdata%3DKfkklFmBlNq8ax9L-LnSQmuUznoTveDy3X3n1hPrS7DP-N21YjwCqMSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_ttS2aOTQIUpTzOGsjYO3wLwR8fLYRuRgvSUGUCVnvM5TE4_sQZGQgqA2%3B%3BCREFURL%3Dhttp%253a%252f%252fsqworl.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ad.ad-srv.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 15 Sep 2023 21:00:02 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
truncated
/ Frame BC0E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/cynamics/tools/js/ Frame BC0E 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=27ehwom8mjk5&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230913%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7139769428607423%26fa%3D4%26ifi%3D3%26uci%3Da!3%26xpc%3D7wnmJEiyHc%26p%3Dhttp%253A%2F%2Fsqworl.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fsqworl.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:sqworl.com&extVar[]=AF_DOM_RTB:sqworl.com&subid=5825308226331308465&rnd=81398&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoSEVz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE5AFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05D2ZtSz5-yRyIBfXYogPOMsx2fi2-rRczTanf3SogAcRjbUMni_1maWX6ABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2XyJaGenLpCxH_PkDnIYtgxiz9ZQ%26client%3Dca-pub-7139769428607423%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110887%3Bcrtbwp%3DZQTFzwAF1B4D59z9AA7kAkAceRuCWiun1o7WYQ%3Bcrtbdata%3DwFGzcNbe6Geg1tCGMwu4FA6XoXid68U6x6Y50J-pc6WN5mspk34ZJ_Q3DyFEAUP2ezqg1wNTqmHSKhwG3nq0dVnVXjT8zWyS7UUM0UFKXOp4QM3-aKQ3LdhcinOG8BJJIUzXFzg4uJUdzuLcFSodxUpbioUF0W-EL0jSnk0otj7WaUjPx3SqVw2%3Badfibeg%3D0%3Bcdata%3DKfkklFmBlNq8ax9L-LnSQmuUznoTveDy3X3n1hPrS7DP-N21YjwCqMSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_ttS2aOTQIUpTzOGsjYO3wLwR8fLYRuRgvSUGUCVnvM5TE4_sQZGQgqA2%3B%3BCREFURL%3Dhttp%253a%252f%252fsqworl.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 Weil am Rhein, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21038.dus4.fastwebserver.de
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 21:00:02 GMT
Last-Modified
Tue, 03 May 2016 20:55:13 GMT
Server
nginx
ETag
"57291031-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
truncated
/ Frame 0EC1 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
032d8e29ef0c61d0229bf88699073aaf96f48eae479bdca331e2738a21e40c40

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 0EC1 		0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C7LVhz8UEZZ6oF_25n88Pgsi7mAWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqQIPMdCZPDGDPqgDAcgDAqoE4QFP0EC9sJYIgzbi0z972SGngDUxMBD1YY8a2TcIU7Sr1PgXsOzaeOkqUtmdGoiTEjDBoG1pPTv0pdPF-Mz5hr1BKlAjZp5RXzo7jjQXEX5RtNpnLh30EMfHVLKj1cugY7MuiOHCKpF4raoDKGURnI8xjfIsWQt6h0dRf9sY8Lmjat6luMWt-5MRQWHlt_BhciFSQkKY_HoBU0sNNfjzCcqVz-eaEVv1F9--NmrQu5xE2JTpb-crnzcVh05Dm5lzXVU7wVa5-zmzfLUTZwuLgcyha9Qg55Ox1Va1bzTDmGV8i-GABvDW7v6bkJajWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzEzOTc2OTQyODYwNzQyMxgA&sigh=NT8eEVr_sNU&uach_m=[UACH]&cid=CAQSGwBpAlJWVTz5b2iO_t8wAig2v8gyfP-EI_Io4xgB&cbvp=2&vis=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/2nbsw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 15 Sep 2023 21:00:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Sep 2023 21:00:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
image.thum.io
URL
https://image.thum.io/get/auth/57215-sqworl/width/200/crop/900/noanimate/https://mozartmoving.com/

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| html5 object| Modernizr function| yepnope object| _iub object| adsbygoogle function| $ function| jQuery string| groupID function| openall string| GoogleAnalyticsObject function| ga function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| _taboola object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter number| PIN_19615 object| FB object| __twttrll object| twttr object| __twttr object| TRC function| _typeof object| _tblConsole undefined| msg object| PIN_1694811598705 string| value object| key object| PinUtils object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| placementData function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| googletag object| __buffer object| google_llp function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray

15 Cookies

Domain/Path Name / Value
sqworl.com/ Name: PHPSESSID
Value: roq3mbi1g1cos4vime9gaanf00
.sqworl.com/ Name: _ga
Value: GA1.2.674784162.1694811599
.sqworl.com/ Name: _gid
Value: GA1.2.1227166374.1694811599
.sqworl.com/ Name: _gat
Value: 1
sqworl.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dd53f08cd-e845-48d4-8440-eb0f9b43644b-tuctbfe4b4e
.sqworl.com/ Name: _ga_HVD4KN0Q8F
Value: GS1.2.1694811599.1.0.1694811599.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.sqworl.com/ Name: __gads
Value: ID=2a5497a0a7df5471-2238a06a77de0069:T=1694811599:RT=1694811599:S=ALNI_MZ_K1OG1uOr2ut5-NR5nEEuk-vC7Q
.sqworl.com/ Name: __gpi
Value: UID=00000c762c85cbd4:T=1694811599:RT=1694811599:S=ALNI_MY1amsQ7YtE1_E_rhP3xSArjDvc-w
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5028307626339533712
.adform.net/ Name: TPC
Value: 1694811600923
.ad-srv.net/ Name: u8x7eovwf3h6_uid
Value: 48dbe13bc3310cb5
.awin1.com/ Name: awpv15168
Value: 783431|1694811602|d6aafbc0-540a-11ee-b5a9-2261897cac57
.awin1.com/ Name: AWSESS
Value: 361106:2965113

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ad-srv.net
ad17.ad-srv.net
ajax.googleapis.com
assets.pinterest.com
cdn.contentspread.net
cdn.iubenda.com
cdn.taboola.com
ch-trc-events.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
image.thum.io
log.pinterest.com
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
platform.twitter.com
r.skimresources.com
region1.analytics.google.com
s.skimresources.com
s1.adform.net
smartphoto-media.com
sqworl.com
stats.g.doubleclick.net
syndication.twitter.com
t.skimresources.com
tm.ad-srv.net
tpc.googlesyndication.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
www.awin1.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.iubenda.com
image.thum.io
104.236.103.127
104.244.42.72
104.64.118.247
104.75.88.209
141.226.124.48
141.226.228.48
142.250.185.136
142.250.185.98
142.250.186.129
142.250.186.35
142.250.186.42
142.250.186.99
149.126.4.39
151.101.1.44
151.101.129.44
151.101.64.84
151.139.128.10
157.240.252.13
159.69.70.9
169.150.247.37
172.217.16.138
172.217.16.194
178.250.7.13
178.63.68.35
192.229.233.25
216.239.34.178
216.239.34.36
216.58.206.36
216.58.212.130
35.190.59.101
35.190.91.160
35.201.67.47
37.157.6.233
37.157.6.236
74.125.133.156
85.114.131.234
93.184.220.66
01736cfff16702f23bf62c34b88fe672b62b0d1cd6549b35ead1916442111bd9
032d8e29ef0c61d0229bf88699073aaf96f48eae479bdca331e2738a21e40c40
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
06ec94c6f183b0450ee88b453cc5dcf08708d666c87a76c6d48dda51b0d6886a
06f1bd029bb57ef9b4aace3a36a730983913dee2d416b55cae48dc435e20c765
0889308c17c381d319d123a50a0aaafa256f57c667e1309510a90311edf404eb
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
098f8b9582676d2de3382352574afadfa4d01b8fb6dc9c4ab3dcab727c3237e5
0c4a1f78c32fa975cccbc35ac2fc2cf186506b408f3256f039d820e456597de0
0ebcb226f6a2a75fac2a800ee351cac06b0b9e403f7eeeacd7f046dfc7458af9
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13f69fb9d246edd6b451b2b31124dcf540a2612bb5b5ddf0be757e812cb03525
15c390fc54814643250ccf0ab0530dcf3c0b86e6293b46c3e55fa861c4bd394e
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1f503a30f3de8e4d16361d34dc28ed355348a752364f51a1d94ff03bbff98a81
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
22da01693f4a80c11dbf4f02d3ecc9a0f0cf9a000f7d72ff0b40e475f4fa0eec
296021c91b01be4129994cf73621317625b7a80eaf234241408fa85cb5c54902
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3883953ece04ad3f10b29882c2d75b7dfed7c4fc3a2505063b78cb6549038645
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3a585399acea802506b248a0f83926def3bc57198d35a8e48dadd149c556f2b1
3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
415a5274495c4ef914787bc45cdec504b7b6570667b25517532823754b05f02e
46e5365ad8d0b582339cfdcdb3c58df70a9b6f042b29545090b5ad192fcfc31f
486b30fc2f4e4b2b5735ff65ad92c83b1ad3b0c9da4baf49726bbb3ff2ff4512
49a9e4014319420438c5918d10fa0150cefbf5fe042fd599cb5267678abc8179
4ea85336b0a5084b51c4115830555b04067ab0f8337fd9eba09113d6ae71d47b
4f53917c8792946fc15b80780593c57ba5edad142a07e05f5c54c1a724bf99e7
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
67b2a3e28c0d6e105b04a4806b84c02cede9775d5ba3be5bd57fb80772724952
6a7c5f8b3f9daa3d63aa62a0b85f85f5b39e567504e22952e21618a6a88e36b4
6d48f80c1f7a8f436a90fc5350dfcaeb822060cbfec47348f94f149b2a5f71a7
6e32c0163845e26a18e0efdb7668bd7ddb42e51cb4f0b59a6a9dbf74168e036b
7bc52f1d29d9289798db7d48f3d38399dd42f31b4519100e62861c18cd23c90b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8
9e6683f38016b2a2deeecde460d3a5829fe0e7d657f00e02cb3ec247c89a36c7
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a6f3ef16cb196981a0786c0fbd4f6f9076d794b0c61cf66b14177c76541ab92b
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0b5a6d2a2a37d700ff15572ded23ab6513d2499af6d9df15e80606406cb73e7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
babaaa81145b4526fa24c3e7390463fb37e7ecb5b68a7239c101d12918268333
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c50fbc8b93d93020dcd019b9a9c035fef70c9338216b0fd85b02e8dfd1913f63
c8827a5539e532aaaa19dbcc01354ce00f2857f12fa686038d78fcadd9320d99
cc93735a467710c092c77249a2a275efb2e3d92945524589e6431449217fd1eb
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d5e49ce52adb7f100b82138f39468cdcae1955e620baba4929aafc2f34d5b5
ecea1f330b15f16b635fb2e00c30ecdaad22f2e20106d1ed8edb2a27dd598e3b
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56bc825839f62fe7b2597768b08fa433e8ad2e02db872cface67b4821ffe034
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf