www.sqworl.com Open in urlscan Pro
104.236.103.127 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sqworl.com/u6bgb8
Submission: On March 21 via manual (March 21st 2023, 9:01:59 am UTC) from IN — Scanned from DE

Summary HTTP 98 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 44 IPs in 8 countries across 29 domains to perform 98 HTTP transactions. The main IP is 104.236.103.127, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.sqworl.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 4th 2022. Valid for: a year.

This is the only time www.sqworl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	104.236.103.127 104.236.103.127	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2400:52e0:1e0... 2400:52e0:1e00::1076:1	200325 (BUNNYCDN) (BUNNYCDN)
1	13.32.99.112 13.32.99.112	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
3	35.201.67.47 35.201.67.47	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::863:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
1	104.79.88.164 104.79.88.164	16625 (AKAMAI-AS) (AKAMAI-AS)
4	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
1	35.176.246.96 35.176.246.96	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	169.150.247.34 169.150.247.34	60068 (CDN77 ^_^) (CDN77 ^_^)
2	13.41.33.70 13.41.33.70	16509 (AMAZON-02) (AMAZON-02)
98	44

9 104.236.103.127 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.sqworl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1e00::1076:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-112.fra60.r.cloudfront.net

image.thum.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::863:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

www.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.238.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.88.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal900022.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.246.96 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-246-96.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.150.247.34 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-34.datapacket.com

hits-i.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.41.33.70 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-33-70.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	262 KB
9	sqworl.com www.sqworl.com	37 KB
8	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 32214 hal900022.redintelligence.net — Cisco Umbrella Rank: 327276	80 KB
8	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 213139	30 KB
8	iubenda.com cdn.iubenda.com — Cisco Umbrella Rank: 9323 www.iubenda.com — Cisco Umbrella Rank: 10469 hits-i.iubenda.com — Cisco Umbrella Rank: 10785	41 KB
7	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 3496 r.skimresources.com — Cisco Umbrella Rank: 3347 t.skimresources.com — Cisco Umbrella Rank: 3516 p.skimresources.com — Cisco Umbrella Rank: 4548	21 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 771 syndication.twitter.com — Cisco Umbrella Rank: 1148	149 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 4194 pixel.mathtag.com — Cisco Umbrella Rank: 975	3 KB
4	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2597 log.pinterest.com — Cisco Umbrella Rank: 3711	20 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18328 api.webgains.io — Cisco Umbrella Rank: 46334	31 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 44542 medialead.de — Cisco Umbrella Rank: 44208	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8720 www.google.de — Cisco Umbrella Rank: 6069	1 KB
3	gstatic.com fonts.gstatic.com	61 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 ajax.googleapis.com — Cisco Umbrella Rank: 305	35 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 98095	6 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	88 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	41 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 43375	438 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 89227	312 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 36521	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 139497	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 107238	931 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 44237	629 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	49 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	601 B
1	thum.io image.thum.io — Cisco Umbrella Rank: 256745	9 KB
98	29

	Domain	Requested by
9	www.sqworl.com	www.sqworl.com
7	pagead2.googlesyndication.com	www.sqworl.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	tpc.googlesyndication.com	www.sqworl.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	cdn.iubenda.com	www.sqworl.com cdn.iubenda.com
4	hal900022.redintelligence.net	hal9000.redintelligence.net hal900022.redintelligence.net
4	hal9000.redintelligence.net	www.sqworl.com hal900022.redintelligence.net
4	platform.twitter.com	www.sqworl.com platform.twitter.com
3	tags.mathtag.com	www.sqworl.com tags.mathtag.com
3	adservice.google.com	pagead2.googlesyndication.com 8019191.fls.doubleclick.net
3	t.skimresources.com	www.sqworl.com s.skimresources.com
3	fonts.gstatic.com	fonts.googleapis.com
3	assets.pinterest.com	www.sqworl.com assets.pinterest.com
2	api.webgains.io	analytics.webgains.io
2	hits-i.iubenda.com	cdn.iubenda.com
2	8019191.fls.doubleclick.net	1 redirects www.sqworl.com
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	www.google.com	www.sqworl.com tpc.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	syndication.twitter.com	platform.twitter.com www.sqworl.com
2	p.skimresources.com	www.sqworl.com
2	www.google-analytics.com	www.sqworl.com www.google-analytics.com
2	connect.facebook.net	www.sqworl.com connect.facebook.net
2	fonts.googleapis.com	www.sqworl.com hal900022.redintelligence.net
1	www.facebook.com	connect.facebook.net
1	www.googletagmanager.com	adv.office-partner.de
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	ad-server.eu	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	www.sqworl.com
1	futalis.de	hal900022.redintelligence.net
1	adv.office-partner.de	hal900022.redintelligence.net
1	pb.media01.eu	hal900022.redintelligence.net
1	log.pinterest.com	www.sqworl.com
1	pixel.mathtag.com	tags.mathtag.com
1	www.googletagservices.com	www.sqworl.com
1	www.google.de	www.sqworl.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.iubenda.com	cdn.iubenda.com
1	r.skimresources.com	s.skimresources.com
1	s.skimresources.com	www.sqworl.com
1	ajax.googleapis.com	www.sqworl.com
1	image.thum.io	www.sqworl.com
98	46

This site contains links to these domains. Also see Links.

Domain
sqworl.com
remoteaccounting247.com
www.iubenda.com

Subject Issuer	Validity	Valid
sqworl.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-04` - `2023-04-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-23`	a year	crt.sh
thum.io Amazon RSA 2048 M01	`2023-02-24` - `2023-11-05`	8 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.skimresources.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-25` - `2023-11-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-28`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
adv.office-partner.de R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.futalis.de R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.sqworl.com/u6bgb8
Frame ID: F726B54B6E73C0245E37AC6D85ED9B07
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Frame ID: AC4243F9F20E30E7DF2765B2ECCFAFBB
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5624406858518352
Frame ID: B5BD3C2383ADC5FB7903D1C59249AD99
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.sqworl.com
Frame ID: 271C59761E59A51966D3A3A63CF0C25E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&h=280&slotname=6709750226&adk=397385836&adf=1684144924&pi=t.ma~as.6709750226&w=728&fwrn=4&fwrnh=100&lmt=1679389314&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.sqworl.com%2Fu6bgb8&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679389314759&bpp=4&bdt=498&idt=157&shv=r20230315&mjsv=m202303150101&ptt=9&saldr=aa&abxe=1&correlator=5431244003856&frm=20&pv=2&ga_vid=836797699.1679389315&ga_sid=1679389315&ga_hid=2002938793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44777876%2C31073099%2C44786919&oid=2&pvsid=3016811810561939&tmod=1725226950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=viF3BsuE6F&p=https%3A//www.sqworl.com&dtd=176
Frame ID: 43B6C6ACDBB8DD16A85F3A688928D041
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&adk=1812271804&adf=3025194257&lmt=1679389314&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fwww.sqworl.com%2Fu6bgb8&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679389314819&bpp=2&bdt=558&idt=127&shv=r20230315&mjsv=m202303150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=5431244003856&frm=20&pv=1&ga_vid=836797699.1679389315&ga_sid=1679389315&ga_hid=2002938793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44777876%2C31073099%2C44786919&oid=2&pvsid=3016811810561939&tmod=1725226950&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=135
Frame ID: 2A5ECA7574E5E7F6DFFAA866D549E7F8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: C9964A58A42D115733EDF1DD8ECEFFA6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9FBE325E4B062B5D7A3A4938C3BBDAEF
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRFNE5UVmxOamN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5NDQyODkyOTI3NDE3NjA4MDQvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1elRzU3N2SUxQMDdRUTZPb0VqZlAwZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yOTQ0Mjg5MjkyNzQxNzYwODA0L3pyaC8wLzIwOS80MS85OTkvMzIyLzIwMDE6MWI2MDoyOjovMC4wMDAvMTY3OTM4OTMxNS8xNjc5NDAxOTE1LzQvcHViLTcxMzk3Njk0Mjg2MDc0MjMv/4aKVnBgA5p0uzunyWQIzl0NOgLs&nodeid=3806&group=zrh&auctionid=2944289292741760804&pbs_auctionid=2944289292741760804&shardkey=2944289292741760804&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%26client%3Dca-pub-7139769428607423%26adurl%3D
Frame ID: D2817B40F23771B4F93AB57089ECD1B7
Requests: 16 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=82425200046285300951395012270022&actionid=981741&produktid=&dt_url=
Frame ID: 80BF250D5D0119FBA5D65694497FD008
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F4A6E41C970E3DE81D9EC7D8F24B198A
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2464388578
Frame ID: 666E06569CCA771AA09B4E7A26EE2760
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPn9-tzU7P0CFa1IHgIdi60Bcw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7517908641943.358
Frame ID: FE8C8674E29E8F1CC93887D30684136A
Requests: 2 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=82425200046285300951395012270022&a=08edf478
Frame ID: FD9404888BB5B69C12A6007715C892B3
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=1393466737546175&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17a8827e6e44f4%26domain%3Dwww.sqworl.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sqworl.com%252Ff12e97c9e79ca24%26relation%3Dparent.parent&container_width=115&href=https%3A%2F%2Fwww.sqworl.com%2Fu6bgb8&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false
Frame ID: AE595CFA22F833F8DB33A81C171694E9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iubenda.com/cookie_solution/iframe_bridge.html?origin=https%3A%2F%2Fwww.sqworl.com%2Fu6bgb8&meth=%22compact%22
Frame ID: C34BFA1DCED44E628FA921A6293B94EF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB9C4DECE6629E06832C024478C6C619
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2130097E4EB8472CC87810E5E4D7209F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

What Is Sage 50 | Sqworl

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Iubenda (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

iubenda\.com/cookie-solution/confs/js/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

98
Requests

99 %
HTTPS

49 %
IPv6

29
Domains

46
Subdomains

44
IPs

8
Countries

993 kB
Transfer

2588 kB
Size

13
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://sqworl.com/u6bgb8?e=1

Search URL Search Domain Scan URL

URL: https://remoteaccounting247.com/what-is-sage-50/

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/380745
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/380745/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/380745/cookie-policy?an=no&s_ck=false
Title: cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=82425200046285300951395012270022&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=82425200046285300951395012270022&actionid=981741&produktid=&dt_url=

Request Chain 64

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=82425200046285300951395012270022&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2464388578

Request Chain 66

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7517908641943.358 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPn9-tzU7P0CFa1IHgIdi60Bcw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7517908641943.358

Request Chain 68

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=82425200046285300951395012270022 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=82425200046285300951395012270022 HTTP 302
https://ad-server.eu/wm/pb/native.png

98 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request u6bgb8 Show response
www.sqworl.com/ 15 KB
5 KB 441ms
106ms Document
text/html 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sqworl.com/u6bgb8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash: 8a52051afa1099dbe0bb5ed6e66e71099a0413099695fda89ee7c5ad944c96ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4921
Content-Type: text/html
Date: Tue, 21 Mar 2023 08:53:58 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.7 (Ubuntu)
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.9-1ubuntu4.22

GET
H2 200 css
fonts.googleapis.com/ 5 KB
981 B 129ms
34ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,300,700

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d384e7e41b82cb578964bead5c6774f433306485ac5cf75b6c3fa0ededbb5302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Mar 2023 09:01:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 08:38:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Mar 2023 09:01:54 GMT

GET
H/1.1 200
OK style.css
www.sqworl.com/css/ 22 KB
5 KB 103ms
102ms Stylesheet
text/css 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sqworl.com/css/style.css?v=1
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 46e5365ad8d0b582339cfdcdb3c58df70a9b6f042b29545090b5ad192fcfc31f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/u6bgb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 08:53:58 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 Aug 2016 18:23:14 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "568b-53a0c357cf903-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4677

GET
H/1.1 200
OK tipsy.css
www.sqworl.com/css/ 2 KB
864 B 206ms
103ms Stylesheet
text/css 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sqworl.com/css/tipsy.css
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 0889308c17c381d319d123a50a0aaafa256f57c667e1309510a90311edf404eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/u6bgb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 08:53:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Dec 2014 02:17:48 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "876-50a6014fe3772-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 530

GET
H/1.1 200
OK media.css
www.sqworl.com/css/ 3 KB
1 KB 310ms
103ms Stylesheet
text/css 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sqworl.com/css/media.css
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 06ec94c6f183b0450ee88b453cc5dcf08708d666c87a76c6d48dda51b0d6886a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/u6bgb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 08:53:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Mar 2017 20:16:18 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "cec-54a01739347c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 822

GET
H/1.1 200
OK modernizr-2.6.2.min.js Show response
www.sqworl.com/js/ 15 KB
6 KB 312ms
104ms Script
application/javascript 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sqworl.com/js/modernizr-2.6.2.min.js
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/u6bgb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 08:53:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Dec 2014 02:17:56 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "3c36-50a60156e46f2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6246

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 122ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d70cd6bf70d7df8161878125a6713ef3319161e0442718e859e987f49faf6569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48682
x-xss-protection: 0
server: cafe
etag: 2970052588107524477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 09:01:54 GMT

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cookie_solution/safemode/ 237 B
652 B 146ms
41ms Script
application/javascript 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/safemode/iubenda_cs.js
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 3a585399acea802506b248a0f83926def3bc57198d35a8e48dadd149c556f2b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
content-encoding: br
cdn-edgestorageid: 874
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 03/21/2023 08:56:06
cdn-pullzone: 954456
last-modified: Tue, 21 Mar 2023 08:01:20 GMT
server: BunnyCDN-DE1-1076
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "64196450-86"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
cdn-requestid: 162cfec5b480baa3749c621b3978b156
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK sqworl_logo.png
www.sqworl.com/img/ 13 KB
13 KB 107ms
106ms Image
image/png 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sqworl.com/img/sqworl_logo.png
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 13f69fb9d246edd6b451b2b31124dcf540a2612bb5b5ddf0be757e812cb03525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/u6bgb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 08:53:59 GMT
Last-Modified: Fri, 19 Dec 2014 17:27:57 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "322c-50a9507a07b7b"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12844

GET
H2 200 /
image.thum.io/get/auth/57215-sqworl/width/200/crop/900/noanimate/https://remoteaccounting247.com/what-is-sage-50/ 9 KB
9 KB 310ms
223ms Image
image/jpeg 13.32.99.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.thum.io/get/auth/57215-sqworl/width/200/crop/900/noanimate/https://remoteaccounting247.com/what-is-sage-50/
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-112.fra60.r.cloudfront.net
Software: /
Resource Hash: ff94c6a4ce3b98851ce25e69f6967e4e4d405fb5c9628690b495ce05a61b3d57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
content-disposition: inline; filename= "remoteaccounting247.com.jpg"
thum_status_code: 200
x-amz-cf-id: JxPH5GLzAF0pWVnQrX9nD67Vc7UKth1laK31qxZqJ2M_24kPVrZ-8g==
expires: Wed, 22 Mar 2023 09:01:54 GMT

GET
H2 200 pinit_fg_en_rect_gray_20.png
assets.pinterest.com/images/pidgets/ 908 B
1 KB 119ms
23ms Image
image/png 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
x-cdn: fastly
etag: "8a25277cfdf72f8f916b4cdc34052149"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Origin
cache-control: max-age=86400
alt-svc: h3=":443";ma=600
content-length: 908

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
323 B 120ms
23ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
content-encoding: br
x-cdn: fastly
etag: "62d32c28f14783b94192cd8d35bc010d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600
content-length: 203

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:24:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:24:28 GMT

GET
H/1.1 200
OK jquery.tipsy.js Show response
www.sqworl.com/js/ 10 KB
3 KB 107ms
107ms Script
application/javascript 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sqworl.com/js/jquery.tipsy.js
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 67b2a3e28c0d6e105b04a4806b84c02cede9775d5ba3be5bd57fb80772724952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/u6bgb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 08:53:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Dec 2014 02:17:55 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "263b-50a6015669632-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2712

GET
H/1.1 200
OK jquery.infieldlabel.min.js Show response
www.sqworl.com/js/ 2 KB
1 KB 104ms
103ms Script
application/javascript 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sqworl.com/js/jquery.infieldlabel.min.js
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 15c390fc54814643250ccf0ab0530dcf3c0b86e6293b46c3e55fa861c4bd394e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/u6bgb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 08:53:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Dec 2014 02:17:54 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "6c8-50a601558f9d2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 761

GET
H2 200 30768X884129.skimlinks.js Show response
s.skimresources.com/js/ 51 KB
19 KB 167ms
27ms Script
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/30768X884129.skimlinks.js
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 35dafcef9dc680a5dc966be72beae1f1ae35706ea566f1d91467a8aae59def19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:41:56 GMT
server: AmazonS3
x-amz-request-id: GNGZ0D6JC5BEE7NW
etag: "e77453998cc02aa49255591042f65ea0"
x-hw: 1679389314.cds158.fr8.hn,1679389314.cds247.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 19505
x-amz-id-2: NdpGtx3zy0nDYHhTCBaVGJhblqcazfaNVIrGbyLHNSnyPKqnZsbTa+xkJtRynoG40mUp4XPGTj8=

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
36 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sqworl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:41 GMT
x-content-type-options: nosniff
age: 1453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:41 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 75ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

adbe649b8667355ada38be96acbd5bebb1c3eb4847c45e6c5ebfb19b3e245785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Mar 2023 09:01:54 GMT
content-md5: xuqQuXnn9ZZKIUodIwitMA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: SJexw7MQ94x3hsUFSl7uSi4HeBEkRpWwZB4f7ysTjiOtysUa/OQKBFOoAXRt+Kp7iWbsJQ0F0Xv276VYMpAAZg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 23e6225899286beeb904d3552db82290
cross-origin-opener-policy: same-origin-allow-popups
etag: "238161a7e429e89abeca8df02b397fa9"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 21 Mar 2023 09:14:28 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 99ms
21ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:54 GMT
Content-Encoding: gzip
Age: 845
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/67D3)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H/1.1 200
OK gear-bg-24.png
www.sqworl.com/img/ 2 KB
2 KB 107ms
106ms Image
image/png 104.236.103.127
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sqworl.com/img/gear-bg-24.png
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/css/style.css?v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 0c4a1f78c32fa975cccbc35ac2fc2cf186506b408f3256f039d820e456597de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/css/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 08:53:59 GMT
Last-Modified: Wed, 17 Dec 2014 02:17:56 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "6c1-50a6015779d92"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1729

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
22ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Mar 2023 08:23:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2301
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 21 Mar 2023 10:23:33 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 23ms
22ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.6999319149609293
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600
content-length: 18679

GET
H2 200 core-fcf8c9eac36aece9d290934b54a63296.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/ 97 KB
28 KB 58ms
58ms Script
application/javascript 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/safemode/iubenda_cs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 3883953ece04ad3f10b29882c2d75b7dfed7c4fc3a2505063b78cb6549038645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
content-encoding: br
cdn-edgestorageid: 863
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 03/21/2023 08:56:06
cdn-pullzone: 954456
last-modified: Tue, 21 Mar 2023 08:01:20 GMT
server: BunnyCDN-DE1-1076
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "64196450-6e33"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=31536000
cdn-requestid: 8b72ea8d98371c554d3bc14399c760cc
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/ 350 KB
117 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7139769428607423&plah=www.sqworl.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84129e33b6d85b4b4cb4fe5eb9f7214358ff4ea5ecc14bcfc28984cedb7747fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119458
x-xss-protection: 0
server: cafe
etag: 17855381054685625308
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 09:01:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame AC42 10 KB
5 KB 83ms
23ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 17:49:44 GMT
etag: 2378337311435320485
expires: Mon, 03 Apr 2023 17:49:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 45ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7619769052272612fe69db310772ded7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3eeb355a38045f82f663d0241390e2eaef8ad6caf85c84bcfab5115489df7c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.sqworl.com/
Origin: https://www.sqworl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Mar 2023 09:01:54 GMT
content-md5: J6Phrg01w3C/Tims8rA5nQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87126
x-fb-rlafr: 0
x-fb-debug: H+kDBvtLXagBBUII+mcEfQsGuLE75fqXj+rfnz+AkgcQdiIg0+pidFbghganJNC2dCywYNCW6pptZBW8+TUhKg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 8bb60080f3868d4fb380c13abe7656a4
cross-origin-opener-policy: same-origin-allow-popups
etag: "78020a467fc9ee4064ec20ce6f70040f"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 20 Mar 2024 08:37:02 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 162 B
379 B 105ms
32ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/30768X884129.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

a45f341401d3246833429fc2f0a54fcea96cb88d2876d04b63443bac493603ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sqworl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sqworl.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame B5BD 0
134 B 95ms
30ms Image
text/plain 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5624406858518352
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.10 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
via: 1.1 google
server: Python/3.10 aiohttp/3.8.4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 129ms
30ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=5.764271155708842
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Tue, 21 Mar 2023 09:01:54 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 130ms
31ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=5.764271155708842
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Tue, 21 Mar 2023 09:01:54 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 271C 320 KB
104 KB 22ms
21ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.sqworl.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 475748
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Tue, 21 Mar 2023 09:01:54 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6795)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 30ms
29ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2002938793&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sqworl.com%2Fu6bgb8&ul=en-us&de=UTF-8&dt=What%20Is%20Sage%2050%20%7C%20Sqworl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2080654892&gjid=586856531&cid=836797699.1679389315&tid=UA-50855-7&_gid=329754831.1679389315&_r=1&_slc=1&z=1897235394

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sqworl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 09:01:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sqworl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 380745.js Show response
www.iubenda.com/cookie-solution/confs/js/ 89 B
763 B 455ms
330ms Script
application/javascript 2400:52e0:1e00::863:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iubenda.com/cookie-solution/confs/js/380745.js

Requested by

Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::863:1 , Slovenia, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-863 /

Resource Hash

06f1bd029bb57ef9b4aace3a36a730983913dee2d416b55cae48dc435e20c765

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:55 GMT
access-control-request-method: *
strict-transport-security: max-age=63072000
cdn-edgestorageid: 863
cdn-cachedat: 03/15/2023 18:45:13
cdn-pullzone: 966339
content-length: 89
last-modified: Wed, 15 Mar 2023 17:38:57 GMT
server: BunnyCDN-DE1-863
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "641202b1-59"
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
access-control-allow-credentials: true
cdn-requestid: b97f5ce2a3d2689ce2d3f11db53c0bb9
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 93ms
30ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-50855-7&cid=836797699.1679389315&jid=2080654892&gjid=586856531&_gid=329754831.1679389315&_u=IEBAAEAAAAAAACAAI~&z=1253634344

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sqworl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Mar 2023 09:01:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sqworl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 271C 663 B
604 B 188ms
135ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4a8d02de6a931d9d83cb3d7876020cd4ae1c4c7c

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.sqworl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 113
date: Tue, 21 Mar 2023 09:01:54 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 21 Mar 2023 09:01:55 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 88640adc2eefa296
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 9fa601a4dcf909cddbba7da4844d67bcfdc2e42d182e7d50617a82c50b38f113
content-length: 284

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 94ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.sqworl.com&callback=_gfp_s_&client=ca-pub-7139769428607423

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7139769428607423&plah=www.sqworl.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b88a8f69240ae4498d78726c961c0e46c6a66a19ec12b40df0007c6ef9cef12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 85ms
31ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sqworl.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 86ms
32ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sqworl.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 43B6 436 B
383 B 372ms
371ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&h=280&slotname=6709750226&adk=397385836&adf=1684144924&pi=t.ma~as.6709750226&w=728&fwrn=4&fwrnh=100&lmt=1679389314&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.sqworl.com%2Fu6bgb8&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679389314759&bpp=4&bdt=498&idt=157&shv=r20230315&mjsv=m202303150101&ptt=9&saldr=aa&abxe=1&correlator=5431244003856&frm=20&pv=2&ga_vid=836797699.1679389315&ga_sid=1679389315&ga_hid=2002938793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44777876%2C31073099%2C44786919&oid=2&pvsid=3016811810561939&tmod=1725226950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=viF3BsuE6F&p=https%3A//www.sqworl.com&dtd=176

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

350346679b9fafee9cba1338e2b81b7d56ad48138e15c264595d9789a0c282f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 09:01:55 GMT
expires: Tue, 21 Mar 2023 09:01:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A5E 62 KB
19 KB 263ms
261ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&adk=1812271804&adf=3025194257&lmt=1679389314&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fwww.sqworl.com%2Fu6bgb8&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679389314819&bpp=2&bdt=558&idt=127&shv=r20230315&mjsv=m202303150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=5431244003856&frm=20&pv=1&ga_vid=836797699.1679389315&ga_sid=1679389315&ga_hid=2002938793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44777876%2C31073099%2C44786919&oid=2&pvsid=3016811810561939&tmod=1725226950&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=135

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10939f5698793d96f80d925866832dfb1838cc8b28818f9ba1ebddb0a4d1f7df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18958
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 09:01:55 GMT
expires: Tue, 21 Mar 2023 09:01:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
340 B 84ms
83ms XHR
application/javascript 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/30768X884129.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.10 aiohttp/3.8.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sqworl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 09:01:55 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.4
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.sqworl.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 link Show response
t.skimresources.com/api/v2/ 22 B
114 B 85ms
84ms XHR
application/javascript 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/30768X884129.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.10 aiohttp/3.8.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sqworl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 09:01:55 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.4
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.sqworl.com
warning: 299 - "Deprecated API"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 101ms
46ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-50855-7&cid=836797699.1679389315&jid=2080654892&_u=IEBAAEAAAAAAACAAI~&z=1994760508

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 09:01:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 106ms
49ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-50855-7&cid=836797699.1679389315&jid=2080654892&_u=IEBAAEAAAAAAACAAI~&z=1994760508

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 09:01:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK button.e7f9415a2e000feaab02c86dd5802747.js Show response
platform.twitter.com/js/ 8 KB
3 KB 21ms
21ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:55 GMT
Content-Encoding: gzip
Age: 475749
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2618
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (frb/67D3)
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame C996 37 KB
14 KB 23ms
22ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: https://www.sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 475748
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Tue, 21 Mar 2023 09:01:55 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D3)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
104 B 128ms
127ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.sqworl.com%2Fu6bgb8%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1679389315117%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=4a8d02de6a931d9d83cb3d7876020cd4ae1c4c7c

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 21 Mar 2023 09:01:54 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 21 Mar 2023 09:01:55 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 39c290a467a47910
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 9fa601a4dcf909cddbba7da4844d67bcfdc2e42d182e7d50617a82c50b38f113
content-length: 43

GET
DATA 200
OK truncated
/ Frame C996 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/ 149 KB
51 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea17e7c45034eda2cc5afffd81ad98b80b655bb4566e24e1659488b1b5c17ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52115
x-xss-protection: 0
server: cafe
etag: 7271196395118181723
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 09:01:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 34ms
33ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sqworl.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 32ms
31ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sqworl.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame 9FBE 10 KB
4 KB 23ms
23ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 23:43:37 GMT
etag: 2378337311435320485
expires: Mon, 03 Apr 2023 23:43:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame D281 3 KB
2 KB 155ms
28ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRFNE5UVmxOamN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5NDQyODkyOTI3NDE3NjA4MDQvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1elRzU3N2SUxQMDdRUTZPb0VqZlAwZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yOTQ0Mjg5MjkyNzQxNzYwODA0L3pyaC8wLzIwOS80MS85OTkvMzIyLzIwMDE6MWI2MDoyOjovMC4wMDAvMTY3OTM4OTMxNS8xNjc5NDAxOTE1LzQvcHViLTcxMzk3Njk0Mjg2MDc0MjMv/4aKVnBgA5p0uzunyWQIzl0NOgLs&nodeid=3806&group=zrh&auctionid=2944289292741760804&pbs_auctionid=2944289292741760804&shardkey=2944289292741760804&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%26client%3Dca-pub-7139769428607423%26adurl%3D
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.382.0 /
Resource Hash: 5d18b38d81b22c753c9748ea7247bbe4b80ffb80f524bea9cbfd42870e838d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:55 GMT
x-mm-nodeid: 3806
Content-Encoding: gzip
x-mm-bid-request-time: 1679389315
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Tue, 21 Mar 2023 09:01:55 GMT
Server: MMBD/3.382.0
x-mm-latency: 1 (0)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x81, zrh-bidder-x68
x-mm-lag: 0
Expires: Tue, 21 Mar 2023 09:01:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame D281 3 KB
1 KB 76ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 17:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 17:30:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame D281 20 KB
9 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 17:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 17:30:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D281 158 KB
49 KB 96ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 09:01:55 GMT

GET
H/1.1 200
OK k2vt83281pvm Show response
hal9000.redintelligence.net/zone/ Frame D281 10 KB
3 KB 95ms
27ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=2944289292741760804&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DnmDbGqe1IxPBJCEK0m8Wxw%26exch_seat%3D20035004448%26mt_aid%3D2944289292741760804%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_cid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%2526client%253Dca-pub-7139769428607423%2526adurl%253D%26redirect%3D
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: afea2b94e09a213d82b76e15eafb67e7f7c4f31be2a5129afea4773143a0f53e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3307
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame D281 49 B
329 B 81ms
28ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=2944289292741760804&node_id=3806&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRFNE5UVmxOamN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5NDQyODkyOTI3NDE3NjA4MDQvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1elRzU3N2SUxQMDdRUTZPb0VqZlAwZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yOTQ0Mjg5MjkyNzQxNzYwODA0L3pyaC8wLzIwOS80MS85OTkvMzIyLzIwMDE6MWI2MDoyOjovMC4wMDAvMTY3OTM4OTMxNS8xNjc5NDAxOTE1LzQvcHViLTcxMzk3Njk0Mjg2MDc0MjMv/4aKVnBgA5p0uzunyWQIzl0NOgLs&nodeid=3806&group=zrh&auctionid=2944289292741760804&pbs_auctionid=2944289292741760804&shardkey=2944289292741760804&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%26client%3Dca-pub-7139769428607423%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.382.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:55 GMT
Server: MMBD/3.382.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x74, zrh-bidder-x68
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 21 Mar 2023 09:01:54 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame D281 43 B
415 B 236ms
35ms Image
image/gif 104.79.88.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2944289292741760804&v3=651871&v4=4562306&v5=6622324&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRFNE5UVmxOamN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5NDQyODkyOTI3NDE3NjA4MDQvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1elRzU3N2SUxQMDdRUTZPb0VqZlAwZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yOTQ0Mjg5MjkyNzQxNzYwODA0L3pyaC8wLzIwOS80MS85OTkvMzIyLzIwMDE6MWI2MDoyOjovMC4wMDAvMTY3OTM4OTMxNS8xNjc5NDAxOTE1LzQvcHViLTcxMzk3Njk0Mjg2MDc0MjMv/4aKVnBgA5p0uzunyWQIzl0NOgLs&nodeid=3806&group=zrh&auctionid=2944289292741760804&pbs_auctionid=2944289292741760804&shardkey=2944289292741760804&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%26client%3Dca-pub-7139769428607423%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-164.deploy.static.akamaitechnologies.com
Software: MT3 622 a74c1f2 master zrh-pixel-x9 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:55 GMT
Server: MT3 622 a74c1f2 master zrh-pixel-x9 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 21 Mar 2023 09:01:54 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame D281 49 B
329 B 82ms
28ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2944289292741760804&st=4562306&time=1679389315&nodeid=3806
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRFNE5UVmxOamN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5NDQyODkyOTI3NDE3NjA4MDQvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1elRzU3N2SUxQMDdRUTZPb0VqZlAwZy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yOTQ0Mjg5MjkyNzQxNzYwODA0L3pyaC8wLzIwOS80MS85OTkvMzIyLzIwMDE6MWI2MDoyOjovMC4wMDAvMTY3OTM4OTMxNS8xNjc5NDAxOTE1LzQvcHViLTcxMzk3Njk0Mjg2MDc0MjMv/4aKVnBgA5p0uzunyWQIzl0NOgLs&nodeid=3806&group=zrh&auctionid=2944289292741760804&pbs_auctionid=2944289292741760804&shardkey=2944289292741760804&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%26client%3Dca-pub-7139769428607423%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.382.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:55 GMT
Server: MMBD/3.382.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x65, zrh-bidder-x68
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 21 Mar 2023 09:01:54 GMT

GET
H/1.1 200
OK request.php Show response
hal900022.redintelligence.net/ Frame D281 4 KB
2 KB 163ms
90ms Script
application/x-javascript 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=2ca3639370&subid=&uid=925a02e5b1afffc9&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DnmDbGqe1IxPBJCEK0m8Wxw%26exch_seat%3D20035004448%26mt_aid%3D2944289292741760804%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_cid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%2526client%253Dca-pub-7139769428607423%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230315%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=8302271969337&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=2944289292741760804&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DnmDbGqe1IxPBJCEK0m8Wxw%26exch_seat%3D20035004448%26mt_aid%3D2944289292741760804%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_cid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%2526client%253Dca-pub-7139769428607423%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 7bb0b3492c6eaaed0318722da2a2172b0d58bdc3030d4d5fb9c08f488c481f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Mar 2023 09:01:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 82425200046285300951395012270022
Connection: close
Content-Length: 1305
Expires: Tue, 21 Mar 2023 09:01:55 +0100

GET
H2 200 /
log.pinterest.com/ 0
338 B 117ms
53ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=xr6Di5DpkWc6&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.sqworl.com%2Fu6bgb8
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 21 Mar 2023 09:01:55 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1693479105912523
content-length: 0
x-served-by: cache-hhn-etou8220063-HHN
pragma: no-cache
server: envoy
x-timer: S1679389316.854726,VS0,VE30
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 80BF
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=82425200046285300951395012270022&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=82425200046285300951395012270022&actionid=981741&produktid=&dt_url=

0
629 B

111ms
43ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=82425200046285300951395012270022&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=2ca3639370&subid=&uid=925a02e5b1afffc9&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DnmDbGqe1IxPBJCEK0m8Wxw%26exch_seat%3D20035004448%26mt_aid%3D2944289292741760804%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_cid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%2526client%253Dca-pub-7139769428607423%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230315%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=8302271969337&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 21 Mar 2023 09:01:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 21 Mar 2023 10:01:56 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Tue, 21 Mar 2023 09:01:56 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=82425200046285300951395012270022&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: D972DA1B:9412_91EFC182:01BB_64197283_118D4B73:2FD2E

GET
H2 200 / Show response
adv.office-partner.de/ Frame F4A6 930 B
931 B 250ms
29ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=2ca3639370&subid=&uid=925a02e5b1afffc9&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DnmDbGqe1IxPBJCEK0m8Wxw%26exch_seat%3D20035004448%26mt_aid%3D2944289292741760804%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_cid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%2526client%253Dca-pub-7139769428607423%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230315%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=8302271969337&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 21 Mar 2023 09:01:56 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 28 Mar 2023 09:01:56 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame 666E
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=82425200046285300951395012270022&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2464388578

350 B
401 B

88ms
26ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2464388578
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=2ca3639370&subid=&uid=925a02e5b1afffc9&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DnmDbGqe1IxPBJCEK0m8Wxw%26exch_seat%3D20035004448%26mt_aid%3D2944289292741760804%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_cid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%2526client%253Dca-pub-7139769428607423%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230315%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=8302271969337&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 21 Mar 2023 09:01:55 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2464388578
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame D281 2 KB
2 KB 195ms
93ms Script
text/html 35.176.246.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=82425200046285300951395012270022&nw=1
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.246.96 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-246-96.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f6771520100c9487bff2e9119cbf0696bc5124bdeb36b44b9ec4d961e0703905

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:56 GMT
last-modified: Tue, 21 Mar 2023 09:01:56 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 21 Mar 2023 09:02:56 GMT

GET
H2

200

activityi;dc_pre=CPn9-tzU7P0CFa1IHgIdi60Bcw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7517908641943.358 Show response
8019191.fls.doubleclick.net/ Frame FE8C
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7517908641943.358?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPn9-tzU7P0CFa1IHgIdi60Bcw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7517908641943.358?

391 B
558 B

67ms
66ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CPn9-tzU7P0CFa1IHgIdi60Bcw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7517908641943.358?

Requested by

Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

04eaccf15b5b378cfbd8700ae8611233345c82663bd45a9be514e8fd58757ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 09:01:56 GMT
expires: Tue, 21 Mar 2023 09:01:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 09:01:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPn9-tzU7P0CFa1IHgIdi60Bcw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7517908641943.358?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900022.redintelligence.net/ Frame FD94 7 KB
2 KB 84ms
29ms Document
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request_content.php?s=82425200046285300951395012270022&a=08edf478
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=2ca3639370&subid=&uid=925a02e5b1afffc9&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DnmDbGqe1IxPBJCEK0m8Wxw%26exch_seat%3D20035004448%26mt_aid%3D2944289292741760804%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_cid%3D332f6419-7283-4801-9c3e-a517619e0486%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCTwLBgnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLMBT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXhxAAssff_Y2HcHC9qkB6A_hQUz4Mi22-7SqdGz5bRTqMIR273oFMueOABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vgerzoZrM-FoSkJMIucypKGjx1g%2526client%253Dca-pub-7139769428607423%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230315%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=8302271969337&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 2eb3d72ff66133386810efe6675f74eb17506191241e21f59f497e898b8b0145

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2036
Content-Type: text/html; charset=utf-8
Date: Tue, 21 Mar 2023 09:01:55 GMT
Expires: Tue, 21 Mar 2023 09:01:55 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame D281
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=82425200046285300951395012270022
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=82425200046285300951395012270022
https://ad-server.eu/wm/pb/native.png

68 B
312 B

238ms
44ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:04:26 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Tue, 21 Mar 2023 09:01:56 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D972DA1B:955E_91EFC182:01BB_64197284_118DAB11:2FD2B
X-IPLB-Instance: 40027
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 200 css
fonts.googleapis.com/ Frame FD94 4 KB
747 B 32ms
30ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=82425200046285300951395012270022&a=08edf478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Mar 2023 09:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 07:14:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Mar 2023 09:01:55 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame FD94 27 KB
27 KB 88ms
31ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=82425200046285300951395012270022&a=08edf478
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: b6c1931a438cf3506c7c2c8c341e7241d4f523d71d3bafdff60001b8ea780254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 27173
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame FD94 25 KB
25 KB 86ms
29ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=82425200046285300951395012270022&a=08edf478
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: ea8f1d69dac454ac9eb6603aac85b1fac1af34597c3ec33dacdb1ec8748d57fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 25869
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame FD94 20 KB
20 KB 87ms
30ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=82425200046285300951395012270022&a=08edf478
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 6f013b2b9ff4c019b57ae84bdc4515631ed35579d976cb32756a454e3e595825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 20642
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame FD94 0
150 B 82ms
27ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=82425200046285300951395012270022&a=ff466811&vb=m
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=82425200046285300951395012270022&a=08edf478
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/request_content.php?s=82425200046285300951395012270022&a=08edf478
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:56 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 666E 5 KB
5 KB 24ms
24ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2464388578
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:56 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D281 85 KB
31 KB 117ms
27ms Script
text/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=82425200046285300951395012270022&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 00:43:22 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 29915
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 8ApSeRUsg0LT3j1nBIjQAZPzenb_cocjgKtJ8jlGCN3AV1AzsK5xBw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame D281 85 B
438 B 81ms
23ms Image
image/gif 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1679389616&Signature=e1O4G7afZKlnNPtUrTXexgst74s2sYSgPmcxX9H5xOyLvhaGIxDmhSMGUVxns-HWTSap-2PVMDwuV4bv3xDH0Uo2bEWRkxYzicUkWbYJ9d-OM3V-wnf~7KL5wXN35KlWwXOO39s9BgFAtdNDqIjtR8Ba0n1njb3kmRkOL7iwrt9UhIv4e5G0zR2Zfmq1luRfP-sB0Qp13hBImTS2MvKiDYnOSAyFvNUYEeugyWgDGyyDWeNvqc9MnfzbuGDzHrECev0xC8xC5bFWKpcFrHfVwFEV3EMdas4~dPGSxM477F-sf88KLXlsiVpWaU~2PimcHxot7fHXtidE-tp6OmsvYg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 21 Mar 2023 04:02:02 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 17995
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: RXnVQbX8uwKPQhel4gZDTkIejzZ51KcqfPWq8nMlszY7mZjTt-OjJQ==

GET
H3 200 dc_pre=CPn9-tzU7P0CFa1IHgIdi60Bcw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7517908641943.358
adservice.google.com/ddm/fls/z/ Frame FE8C 42 B
63 B 58ms
58ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPn9-tzU7P0CFa1IHgIdi60Bcw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7517908641943.358

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPn9-tzU7P0CFa1IHgIdi60Bcw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7517908641943.358?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 09:01:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame F4A6 105 KB
41 KB 101ms
50ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a35eb9f244f30a48ff663281292bc218a86eea6d0a6ea80ced1021ca6540347b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 41315
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Mar 2023 09:01:56 GMT

GET
H2 200 iubenda.js Show response
cdn.iubenda.com/ 14 KB
7 KB 45ms
45ms Script
application/javascript 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/iubenda.js
Requested by: Host: www.sqworl.com
URL: https://www.sqworl.com/u6bgb8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 75927687fd866d7ce5cdc33eb4f72d3fd3c4a16b2237cee9ac408168e827febb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:56 GMT
content-encoding: br
cdn-edgestorageid: 722
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 03/21/2023 08:56:06
cdn-pullzone: 954456
last-modified: Tue, 21 Mar 2023 08:01:20 GMT
server: BunnyCDN-DE1-1076
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"64196450-173a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
cdn-requestid: 95e5fe0fbea16a22f7b63f5684875379
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 like.php Show response
www.facebook.com/v2.0/plugins/ Frame AE59 0
2 KB 108ms
53ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=1393466737546175&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17a8827e6e44f4%26domain%3Dwww.sqworl.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sqworl.com%252Ff12e97c9e79ca24%26relation%3Dparent.parent&container_width=115&href=https%3A%2F%2Fwww.sqworl.com%2Fu6bgb8&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7619769052272612fe69db310772ded7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 21 Mar 2023 09:01:56 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: MwPsO7Mz7WKme9VU926FC4FtYb5xx6uZxFeHP6wdN04H4mXL99FJNx8+9j8nPRBqC6T95aTcGJT0l5qjLkXRIw==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 118ms
71ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230315&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8330985d13b8394833669cd9a6bd7666b9bd87e01fc1af30163e53f1140e1c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11264
x-xss-protection: 0

GET
H2 200 iframe_bridge.html Show response
cdn.iubenda.com/cookie_solution/ Frame C34B 3 KB
2 KB 64ms
63ms Document
text/html 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iframe_bridge.html?origin=https%3A%2F%2Fwww.sqworl.com%2Fu6bgb8&meth=%22compact%22
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 2bcabd41edd8ffffa32c431c115ad69461e53322e89644d8ca5b4651a31cdc3d

Request headers

Referer: https://www.sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=86400
cdn-cache: MISS
cdn-cachedat: 03/21/2023 09:01:56
cdn-edgestorageid: 1047
cdn-proxyver: 1.03
cdn-pullzone: 954456
cdn-requestcountrycode: DE
cdn-requestid: e4f1e933d3c118518556b22d80f97af0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
content-encoding: br
content-type: text/html
date: Tue, 21 Mar 2023 09:01:56 GMT
etag: W/"6419644f-4ec"
last-modified: Tue, 21 Mar 2023 08:01:19 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
server: BunnyCDN-DE1-1076
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame D281 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8519da8be3216863e54d9b4dd6fb724e1c729979065be5c0f9c3d4f7c835a10d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame FD94 13 KB
13 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 1456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame FD94 13 KB
13 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 1456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D281 0
18 B 66ms
65ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CesFugnIZZOy5PIjxtwfmzZbAB8-HjptcwIbZgsYCwI23ARABIABglYKAgJQHggEXY2EtcHViLTcxMzk3Njk0Mjg2MDc0MjPIAQmoAwHIAwKqBLABT9BJSWUq2L7tOLh3Sryzc2KLgsqilwOdRt7Z-nMV3YXMhavb7B3kQpc2RJIUqLyqEMsZ_ijHCH4YRGZzeniIRHiQK6AlL6a11C28Tyh1OzgmVngZ4a0PqbB66js7zlntt9fjJpZxrMbxPc9rfh1bnI7yzYLP2yobry6T_BHE6uw1kUIydu2UKZkXxRIhIGtjWYoK1DgWcgDV8-VEWYIGpXVfUOrdtMT6WxaUj4QH2QyABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTcxMzk3Njk0Mjg2MDc0MjMYAA&sigh=h_5GmcTGfq8&uach_m=[UACH]&cid=CAQSGwDUE5ymk7_m6z1gExjAGWqs1O-A-KF4YaTaPBgB&tpd=AGWhJmvN8lajbhYY6erTebbpJ4_BH5L-suujAvk8AyZQle77rpxQk3_BKnD1oGgy4f823hrO0sVthkxWBA1NWWdTUZTb-rjM92M6d7xMrGwYi9eTx8_lct_Jhf_HKVG18glf_DtIt4o0hwCWq_7gxD90qD6sLjwuaKItqXGApqbGyVU2IjKdnbtw4YyhSxqpKH6K1zShRv8Szi9NAfv4COg4rNmHvTge2gsCtIlEWpe6kLKdBfpyUh9IshBRnvEHoYVAObbGHn41kq93tn4FQHgpHOHqETXbgxGPBhYLT8yvtCZKK3yUoMlLBtGB8zIYMc2GeRg1JGQ3Q6BNhlvbmT6z-SM0oYPREE_nLCHsCoCl-zlHEd6K3-mIJ4HPhFYuU4llN4N1QeX-mEoDwWPdQ8dzHQE4q9TxS-toPxdLAJKlkn2lSnIASf6MnxsbWIE0VAyZ-7Seg-5-Sezr7Y4cDOetpKnjmB5tNhpiLrMai4hiVPvariovLWj49xEgThE5ST4LBg-lOFw6b4OnEhlY-uEKR3H65RfsZCG4pWzfYtrx5dEMs1XBFrwD1nBeyiggtjDz2R3ClrijgoLVWzxbbJMbrieIoAAEsYuwtDm3TvzgzHzDkTqGfYlleQ0sFFDCqNlfHVxf_8pFwaqxdDolL4yaLF5R2qKKllSyE9t_KwTrAp68iY9I0wR6aK0N5OIVsPl9kKYxPwjSUHc8jabk09zOxF7RT-Ajur2v8X1pyUkHLYM5q8WwYOElOAqq8qvsqIljdU4_xFHrtI6HLR4-zCxZL_fA-smmAaXYJVmcAzgBx6YQUtctOhYaHLY8SAJT-7tTF4_PLmSHc46_cept7k_P9iWSycS5Nhvm-8RMBHhWdSaUJdqlVGGLP8L10isf-gW4o6kkMN88j2LEVhPrga6nUk0-kuaMRNRZJt6PfSNO3fuhLBdRWBx3NJxRo0L1mZs-ATigDwfQJpHE-fPMEli4_CFnNl40FBtHt1XknGsIr7I7tb5fencEbqB8LhGZXAZkS2vi7RfORklkNAqqJZxz_mJU2trjCQe7QQoN9THMCehIh0Rk48Kvmc15i3KGOaQzJdPZff1OR2X4ib87lKv1nrOvBLcyKanM_mlT_PBmrsbeZ9Qz&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Mar 2023 09:01:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 iubenda_i_badge.js Show response
cdn.iubenda.com/ 8 KB
3 KB 57ms
57ms Script
application/javascript 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/iubenda_i_badge.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/iubenda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 46678d8b5a6cf4f2cee900cd6ac720fd245d010a93f0cf6b67730c87e97db927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:56 GMT
content-encoding: br
cdn-edgestorageid: 1076
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 03/21/2023 08:56:06
cdn-pullzone: 954456
last-modified: Tue, 21 Mar 2023 08:01:20 GMT
server: BunnyCDN-DE1-1076
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "64196450-8cc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
cdn-requestid: afe9b7f4ee674d7f912d3f74e7741059
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 write Show response
hits-i.iubenda.com/ 0
649 B 54ms
54ms XHR
text/plain 169.150.247.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-34.datapacket.com
Software: BunnyCDN-DE1-1077 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sqworl.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic aGl0czFfdTpoaXRzMV91cHdk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 Mar 2023 09:01:56 GMT
cdn-edgestorageid: 1077
x-influxdb-build: OSS
x-influxdb-version: 1.8.2
cdn-cachedat: 03/21/2023 09:01:56
cdn-pullzone: 967785
request-id: 08173de9-c7c7-11ed-aa99-0242ac110002
x-request-id: 08173de9-c7c7-11ed-aa99-0242ac110002
server: BunnyCDN-DE1-1077
cdn-proxyver: 1.03
cdn-requestpullcode: 204
access-control-allow-methods: DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin: https://www.sqworl.com
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
access-control-expose-headers: Date, X-InfluxDB-Version, X-InfluxDB-Build
cache-control: public, max-age=0
cdn-requestid: 739a41924879f0212e99903f8b3e9c14
cdn-requestcountrycode: DE
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
cdn-requestpullsuccess: True

OPTIONS
H2 204 write
hits-i.iubenda.com/ Frame 0
0 113ms
36ms Preflight 169.150.247.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-34.datapacket.com
Software: BunnyCDN-DE1-1077 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://www.sqworl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *, authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public, max-age=0
cdn-cachedat: 03/21/2023 09:01:56
cdn-edgestorageid: 1077
cdn-proxyver: 1.03
cdn-pullzone: 967785
cdn-requestcountrycode: DE
cdn-requestid: cc24842bb24b458970ee86e0c53cea11
cdn-requestpullcode: 204
cdn-requestpullsuccess: True
cdn-status: 204
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
date: Tue, 21 Mar 2023 09:01:56 GMT
server: BunnyCDN-DE1-1077

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 09:01:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB9C 13 KB
5 KB 22ms
22ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 08:37:56 GMT
expires: Wed, 20 Mar 2024 08:37:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2130 783 B
970 B 34ms
33ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0fd3d2b3c21684af7ee6b9377318788e92720fbde5051d26e2792baba3d5fa7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vB3fY_l9JF3RrhWviSFSAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqworl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-vB3fY_l9JF3RrhWviSFSAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 09:01:56 GMT
expires: Tue, 21 Mar 2023 09:01:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response
pagead2.googlesyndication.com/bg/ Frame AB9C 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 08:55:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2130 0
0 55ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230315&jk=3016811810561939&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AB9C 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jwa7xw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:01:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 139ms
44ms Preflight 13.41.33.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-33-70.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 21 Mar 2023 09:01:57 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D281 16 B
232 B 82ms
82ms Fetch
application/json 13.41.33.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-33-70.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Mar 2023 09:01:57 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame FD94 0
150 B 85ms
29ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=82425200046285300951395012270022&a=ff466811&vb=v
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=82425200046285300951395012270022&a=08edf478
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/request_content.php?s=82425200046285300951395012270022&a=08edf478
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 09:01:57 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230315&jk=3016811810561939&bg=!xcalxpLNAAZEjmHWZI47ADkAdvg8Wo1WtBEaaycdvObFw8zXn0Nyh-06dXP45Oar1CT7BMBSSus1oXCu5-K2vK7Rh3os4h9x0AMCAAABclIAAAADaAEHmQKZLpIv-DxdM1XMLmtBTkYaGfxB3UUGtydlJ-Vp_zGWihgD7mEqzXUMNqpXP8Y63P-R08Y10tSeOcA40_1rDb2ShrrJSkMsJIf6IQuQ-fuMfQ0cQgHgM2sPw83KUhHE2s8wcDd3lYba_i2xrvSQvXV2ualhOEEGANar-_1S1Di4nvdnpYcUU2-RO_Z5wkf24JKfC_5Rk_h2M2txLBD7UJmKeWtYx0ZrjdUhzQosCd8oCe1JTy5Qh93s8oyYEtuARgxi4VfT1hDYENud7WrFZX-IeR0iEn9DOn5n1Q_YaZ_VTh3XFsdhE8jsjm7O5ljB08_9eTL2eW6R-_5LSIfGmvZPHkmpwIiucG54E7UoNL8XhIzpALipdKfmqGRqZE0FXVUkLanrhdVZIUBsgCeNJEKs6rBC1qS08nXnObMijqv9oWWLqR4kBjNiDMasCHERf13Y_Mnhc2FgTupapkb9f6fRct8lwrfblYJWCUtPfbo6kKvWw_WrfKJbNB-2uqPW1qGvs2NAJQu47f5bvVDkYkl0CMVW5f4yqqH0wvAk1nzTQraUsF3MPQH6HVKW527nnXPgUAOLV6t3LV_vQZPwTDm0iw_wsEDgvHEoISra4S9C7GR65P9zCP-qckCE_FE0C3pxIaU75uq7OIaNaobm_wFwGtxQfdT9QL3nl0qfQ4RZ-vkYS85raAzInKBHuIGWP1cm0UWFOoGthMLZKHb53vuo8RXlNSKNY-9xopubbH0xp5gifMN2rmwww1Vg3qy8u_qG0hwQQwWPUnfK_ladBB2l8uVRHhXu1A75Y6iGvwPgKcd6TcJoz7jzZDCxX5xn6Ad6KFB3N3q0wP66xabu2hpLUo2b6pEC0CZzPfMZKZNafZXSXNpZO7NDYas
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sqworl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sqworl.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: o5n9ja98jecick04h9b7l5s470
.sqworl.com/	1970-01-20 20:05:49	Name: _ga Value: GA1.2.836797699.1679389315
.sqworl.com/	1970-01-20 10:31:15	Name: _gid Value: GA1.2.329754831.1679389315
.sqworl.com/	1970-01-20 10:29:49	Name: _gat Value: 1
.sqworl.com/	1970-01-20 19:51:25	Name: __gads Value: ID=8ea62aa010cb56b0-222cdedbdcde0034:T=1679389315:RT=1679389315:S=ALNI_MZgsFB7Suud315nla8NZhN-VgkstA
.sqworl.com/	1970-01-20 19:51:25	Name: __gpi Value: UID=00000bc99d76fd26:T=1679389315:RT=1679389315:S=ALNI_Maa-9QthAKXdk8q59JT2lsWHOWqiA
.mathtag.com/	1970-01-20 19:15:25	Name: uuid Value: 332f6419-7283-4801-9c3e-a517619e0486
.retailads.net/	1970-01-20 11:13:01	Name: ppb2172 Value: 2464388578
.futalis.de/	1970-01-20 11:56:13	Name: raSIDb Value: 2464388578
.doubleclick.net/	1970-01-20 19:51:25	Name: IDE Value: AHWqTUmBs9sHxE6KonVW2R_yeYCTHWW8jud3hurdsKW3lh_ezoyOPnNzU8QHOUPXT64
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fsuskkau0jffctrqyyplg22l
pb.media01.eu/	1970-01-20 20:05:49	Name: DTU Value: E5994018937095DEC45F481492FF9806
.office-partner.de/	1970-01-20 20:05:49	Name: source Value: {"webgains_webgains":{"timestamp":1679389316289,"clickCookie":false}}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
ad-server.eu
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
assets.pinterest.com
cdn.iubenda.com
cdn.retailads.net
cdn.track.production.webgains.team
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900022.redintelligence.net
hits-i.iubenda.com
image.thum.io
log.pinterest.com
medialead.de
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.mathtag.com
platform.twitter.com
pv.medialead.de
r.skimresources.com
s.skimresources.com
stats.g.doubleclick.net
syndication.twitter.com
t.skimresources.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.iubenda.com
www.sqworl.com
104.236.103.127
104.244.42.72
104.79.88.164
13.32.99.112
13.41.33.70
144.76.104.53
144.76.238.55
145.239.193.130
151.101.192.84
151.139.128.10
169.150.247.34
172.217.18.6
18.66.147.52
185.29.132.242
2400:52e0:1e00::1076:1
2400:52e0:1e00::863:1
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9d
2a01:4f8:d0a:2321::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:8d::84
2a0b:4d07:102::1
35.176.246.96
35.190.59.101
35.190.91.160
35.201.67.47
49.12.16.151
54.76.176.197
88.198.250.30
94.23.99.218
99.86.4.36
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
04eaccf15b5b378cfbd8700ae8611233345c82663bd45a9be514e8fd58757ab2
06ec94c6f183b0450ee88b453cc5dcf08708d666c87a76c6d48dda51b0d6886a
06f1bd029bb57ef9b4aace3a36a730983913dee2d416b55cae48dc435e20c765
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0889308c17c381d319d123a50a0aaafa256f57c667e1309510a90311edf404eb
0c4a1f78c32fa975cccbc35ac2fc2cf186506b408f3256f039d820e456597de0
10939f5698793d96f80d925866832dfb1838cc8b28818f9ba1ebddb0a4d1f7df
13f69fb9d246edd6b451b2b31124dcf540a2612bb5b5ddf0be757e812cb03525
15c390fc54814643250ccf0ab0530dcf3c0b86e6293b46c3e55fa861c4bd394e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
2bcabd41edd8ffffa32c431c115ad69461e53322e89644d8ca5b4651a31cdc3d
2eb3d72ff66133386810efe6675f74eb17506191241e21f59f497e898b8b0145
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
350346679b9fafee9cba1338e2b81b7d56ad48138e15c264595d9789a0c282f3
35dafcef9dc680a5dc966be72beae1f1ae35706ea566f1d91467a8aae59def19
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3883953ece04ad3f10b29882c2d75b7dfed7c4fc3a2505063b78cb6549038645
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3a585399acea802506b248a0f83926def3bc57198d35a8e48dadd149c556f2b1
3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f
3eeb355a38045f82f663d0241390e2eaef8ad6caf85c84bcfab5115489df7c19
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
46678d8b5a6cf4f2cee900cd6ac720fd245d010a93f0cf6b67730c87e97db927
46e5365ad8d0b582339cfdcdb3c58df70a9b6f042b29545090b5ad192fcfc31f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d18b38d81b22c753c9748ea7247bbe4b80ffb80f524bea9cbfd42870e838d7b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67b2a3e28c0d6e105b04a4806b84c02cede9775d5ba3be5bd57fb80772724952
6b88a8f69240ae4498d78726c961c0e46c6a66a19ec12b40df0007c6ef9cef12
6f013b2b9ff4c019b57ae84bdc4515631ed35579d976cb32756a454e3e595825
75927687fd866d7ce5cdc33eb4f72d3fd3c4a16b2237cee9ac408168e827febb
7bb0b3492c6eaaed0318722da2a2172b0d58bdc3030d4d5fb9c08f488c481f49
8330985d13b8394833669cd9a6bd7666b9bd87e01fc1af30163e53f1140e1c0d
84129e33b6d85b4b4cb4fe5eb9f7214358ff4ea5ecc14bcfc28984cedb7747fe
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8519da8be3216863e54d9b4dd6fb724e1c729979065be5c0f9c3d4f7c835a10d
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
8a52051afa1099dbe0bb5ed6e66e71099a0413099695fda89ee7c5ad944c96ca
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
a35eb9f244f30a48ff663281292bc218a86eea6d0a6ea80ced1021ca6540347b
a45f341401d3246833429fc2f0a54fcea96cb88d2876d04b63443bac493603ae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adbe649b8667355ada38be96acbd5bebb1c3eb4847c45e6c5ebfb19b3e245785
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afea2b94e09a213d82b76e15eafb67e7f7c4f31be2a5129afea4773143a0f53e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6c1931a438cf3506c7c2c8c341e7241d4f523d71d3bafdff60001b8ea780254
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d0fd3d2b3c21684af7ee6b9377318788e92720fbde5051d26e2792baba3d5fa7
d384e7e41b82cb578964bead5c6774f433306485ac5cf75b6c3fa0ededbb5302
d70cd6bf70d7df8161878125a6713ef3319161e0442718e859e987f49faf6569
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea17e7c45034eda2cc5afffd81ad98b80b655bb4566e24e1659488b1b5c17ce1
ea8f1d69dac454ac9eb6603aac85b1fac1af34597c3ec33dacdb1ec8748d57fc
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6771520100c9487bff2e9119cbf0696bc5124bdeb36b44b9ec4d961e0703905
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
ff94c6a4ce3b98851ce25e69f6967e4e4d405fb5c9628690b495ce05a61b3d57

www.sqworl.com Open in urlscan Pro 104.236.103.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

98 Requests

99 %HTTPS

49 %IPv6

29 Domains

46 Subdomains

44 IPs

8 Countries

993 kBTransfer

2588 kBSize

13 Cookies

5 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sqworl.com Open in urlscan Pro
104.236.103.127 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

99 %
HTTPS

49 %
IPv6

29
Domains

46
Subdomains

44
IPs

8
Countries

993 kB
Transfer

2588 kB
Size

13
Cookies

98 HTTP transactions
3 data transactions