freeimagekit.com Open in urlscan Pro
2606:4700:3032::6815:4ca7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freeimagekit.com/
Effective URL:
https://freeimagekit.com/
Submission: On February 26 via api (February 26th 2024, 10:42:01 pm UTC) from US — Scanned from DE

Summary HTTP 69 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 69 HTTP transactions. The main IP is 2606:4700:3032::6815:4ca7, located in United States and belongs to CLOUDFLARENET, US. The main domain is freeimagekit.com.
TLS certificate: Issued by GTS CA 1P5 on January 15th 2024. Valid for: 3 months.

This is the only time freeimagekit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:c57c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3032::6815:4ca7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	3.160.150.115 3.160.150.115	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:d000:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.250.57.95 34.250.57.95	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	13.32.121.95 13.32.121.95	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:215... 2600:9000:2156:3200:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
69	19

1 2606:4700:3037::ac43:c57c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freeimagekit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::6815:4ca7 (United States)

ASN13335 (CLOUDFLARENET, US)

freeimagekit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-115.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:d000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.57.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-57-95.eu-west-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-95.fra60.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:3200:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	449 KB
12	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4457 buttons-config.sharethis.com — Cisco Umbrella Rank: 5023 l.sharethis.com — Cisco Umbrella Rank: 4641 count-server.sharethis.com — Cisco Umbrella Rank: 10998 platform-cdn.sharethis.com — Cisco Umbrella Rank: 9457	56 KB
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665 www.google.com — Cisco Umbrella Rank: 2	69 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	63 KB
5	freeimagekit.com 1 redirects freeimagekit.com	17 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	3 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 306	47 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124	254 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	84 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	30 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2859	7 KB
69	12

	Domain	Requested by
17	pagead2.googlesyndication.com	freeimagekit.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	fundingchoicesmessages.google.com	freeimagekit.com
8	platform-cdn.sharethis.com	freeimagekit.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	freeimagekit.com	1 redirects freeimagekit.com
4	fonts.gstatic.com	fonts.googleapis.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	freeimagekit.com googleads.g.doubleclick.net
2	cdn.jsdelivr.net	freeimagekit.com
1	www.google.com	tpc.googlesyndication.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.googletagmanager.com	freeimagekit.com
1	platform-api.sharethis.com	freeimagekit.com
1	code.jquery.com	freeimagekit.com
1	stackpath.bootstrapcdn.com	freeimagekit.com
69	19

This site contains links to these domains. Also see Links.

Domain
mompdf.com
bgremover.app

Subject Issuer	Validity	Valid
freeimagekit.com GTS CA 1P5	`2024-01-15` - `2024-04-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://freeimagekit.com/
Frame ID: E70FCF4EDEEC0DC2A6360323BF725E70
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html
Frame ID: 2E4DF8DECAD6B97C8698F242EA5C64B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1681196247196095&output=html&adk=1812271804&adf=3025194257&lmt=1708987315&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffreeimagekit.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708987315595&bpp=156&bdt=305&idt=330&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5340112738582&frm=20&pv=2&ga_vid=797909905.1708987316&ga_sid=1708987316&ga_hid=897647164&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081136%2C42531706%2C44798934%2C95323740%2C95325069%2C95323761%2C31080991%2C95324155%2C95324161&oid=2&pvsid=583640963634628&tmod=306880784&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=349
Frame ID: 6E26B22F534F5940123CBC96DE0FDD70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1681196247196095&output=html&h=200&slotname=6992691836&adk=1873920076&adf=2973700990&pi=t.ma~as.6992691836&w=1108&fwrn=4&lmt=1708987315&rafmt=11&format=1108x200&url=https%3A%2F%2Ffreeimagekit.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708987315751&bpp=3&bdt=460&idt=197&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5340112738582&frm=20&pv=1&ga_vid=797909905.1708987316&ga_sid=1708987316&ga_hid=897647164&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=63&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081136%2C42531706%2C44798934%2C95323740%2C95325069%2C95323761%2C31080991%2C95324155%2C95324161&oid=2&pvsid=583640963634628&tmod=306880784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=199
Frame ID: 97943DE85AD7A02122C82E9AC4E3CB93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1681196247196095&output=html&h=255&slotname=9037235390&adk=3991226956&adf=428513989&pi=t.ma~as.9037235390&w=1066&lmt=1708987315&rafmt=11&format=1066x255&url=https%3A%2F%2Ffreeimagekit.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708987315755&bpp=3&bdt=464&idt=199&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1108x200&nras=1&correlator=5340112738582&frm=20&pv=1&ga_vid=797909905.1708987316&ga_sid=1708987316&ga_hid=897647164&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=84&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081136%2C42531706%2C44798934%2C95323740%2C95325069%2C95323761%2C31080991%2C95324155%2C95324161&oid=2&pvsid=583640963634628&tmod=306880784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200
Frame ID: 2C5B20274E0D9A21C4931735114644F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1681196247196095&output=html&h=600&slotname=7924356395&adk=225417638&adf=628990803&pi=t.ma~as.7924356395&w=300&lmt=1708987315&format=300x600&url=https%3A%2F%2Ffreeimagekit.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708987315763&bpp=3&bdt=473&idt=195&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1108x200%2C1066x255&nras=1&correlator=5340112738582&frm=20&pv=1&ga_vid=797909905.1708987316&ga_sid=1708987316&ga_hid=897647164&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1212&ady=310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081136%2C42531706%2C44798934%2C95323740%2C95325069%2C95323761%2C31080991%2C95324155%2C95324161&oid=2&pvsid=583640963634628&tmod=306880784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=196
Frame ID: 816F94DB49B6CBBC7490BC50A0ADC1B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B8A919776C8E63E0F80F1B3A3FDBAE2F
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3960B240A42E8F141710B0FB54C73C40
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js
Frame ID: 5320482F74789FD4F732A5B1112B62B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1F4079053415F8E8FD04AC085CBD36C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F89E5C8704D1F4F08E6742A71456ECD5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Image Kit - Online Photo Compressor

Page URL History Show full URLs

http://freeimagekit.com/ HTTP 301
https://freeimagekit.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

69
Requests

100 %
HTTPS

85 %
IPv6

12
Domains

19
Subdomains

19
IPs

3
Countries

875 kB
Transfer

2651 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://mompdf.com/
Title: PDF Tools

Search URL Search Domain Scan URL

URL: https://bgremover.app/
Title: Img Background Remover

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freeimagekit.com/ HTTP 301
https://freeimagekit.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freeimagekit.com/
Redirect Chain

http://freeimagekit.com/
https://freeimagekit.com/

28 KB
7 KB

1135ms
916ms

Document
text/html

2606:4700:3032::6815:4ca7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4ca7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80d043417504ddefcd0b5f20de94e3a3396ba875ba16eca8b3c362034a2444e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85bbb2bb296442a6-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 22:41:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lY8PcOt5ZLpkFV285vnEl8szL899KQ4mz7WerLVbWu7jN1Ip4eQsCfD4EKZA5Yx15JNFvjaDu%2Bhk9zY8EVKtOYQ5Pxm26i%2BkDSM%2BE0oBmwn%2F59BRTQQvnDIB6b8AQzIPygtENyqwGMghmz%2BGJvcs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 85bbb2b57cb82f18-IAD
Connection: keep-alive
Content-Type: text/html
Date: Mon, 26 Feb 2024 22:41:54 GMT
Location: https://freeimagekit.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rycPBDXiOX3S6Fsg5Km8ONJ4MIfU6UAG0wTOelva%2FyAL2ipqiHaXmja5EshPUjdXyuvpaXE7Wd6fSyPMYFn2YXWwhc%2BqBHGNdqoMs2O44q0bAitY3m%2BPXop6YSvExK0nVQuALgByW5K%2BwSgu55o3"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
25 KB 80ms
33ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freeimagekit.com/
Origin: https://freeimagekit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7671232
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230059-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVelNbZRdVJtNNUb4l6%2B5W41DVhPs%2FHc9l3Nra9PNFWjX%2FbG4HlvFnNgZ3zylTzM%2Bj1A3fqCVpK3KHLbKZS%2BnBztgovRme%2B674QXbbti2ZcJGfe4t5Aqxct9m2n9vRpCpIqn5MZ3Jaz7meP6ScA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85bbb2c0ebdc91ed-FRA

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 89ms
34ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09313719aac77f2212a20217fe0e643375d02d26dc297d8f73a8de312d00429d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 22:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 22:41:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 22:41:55 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 97ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 9309498
cdn-cachedat: 11/18/2022 06:18:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b3a57c6aca414a3b87fe0638b631146d
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85bbb2c10e409142-FRA
cdn-requestpullsuccess: True

GET
H2 200 style-v2.css
freeimagekit.com/resources/ 13 KB
4 KB 446ms
445ms Stylesheet
text/css 2606:4700:3032::6815:4ca7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimagekit.com/resources/style-v2.css

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4ca7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57751728c684938e90023b2acca357775acadaa5d798dfad4d8c07224e5ae6a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 05:31:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65769ea4-3224"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wc4juOiCir%2FfoH1PSur3nMHTIMWiABfq0NjA128QuwaW684nn6euwne8l457zuy93cwtwTrgcQ7UwdvpNVA1%2FL8yJA6L%2Fx1RfKHvU8aQIZu7IEY8GHWjTdaosPN8eI3uGvRLC4cEhutu0D2dJI%2BN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 85bbb2c0f83442a6-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Feb 2024 04:46:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 127ms
74ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1681196247196095

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70265f69e7c9a8b033bba29bc9e840060c5bed709bd4b3c95eb73db6fd2a1f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51389
x-xss-protection: 0
server: cafe
etag: 2611418332366450687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 26 Feb 2024 22:41:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 73ms
22ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: freeimagekit.com
URL: https://freeimagekit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1444934
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230127-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1708987315.355344,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 15, 262080

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
22 KB 34ms
34ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freeimagekit.com/
Origin: https://freeimagekit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9149578
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230044-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBBOLb%2Fq5PleaYWOAA4rREQmgzfuG7C1U9RsuD7dUZBURnivisIlMz5xAmwEjQPON5lK5dnEc0rCFuO8loK57qZvr3UihhxP96Q26kYnEw1hd4XJ1DZjnU0QldeDVrJlln%2B9o6bBk0KI%2BQzNJvY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85bbb2c27c6c91ed-FRA

GET
H2 200 pub-1681196247196095 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 125ms
59ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-1681196247196095?ers=1

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00b7a28fc3aa52678bc95e29e0720f3d5978f1ffe9fc7f575ed5e2d883f5ca06

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3xfJnG0iK75KNeApFkZxQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
content-security-policy: script-src 'report-sample' 'nonce-3xfJnG0iK75KNeApFkZxQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsKoxSXFEKAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBDHPJ_OmgLEi1lnsK4GYqf0GaxBQPw5cwbrbyD2qZ_BGgPEpivPs9oCsRAPx-blX9axCTTM-nqbCQCWgEPR"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 freeimagekit_logo3.png
freeimagekit.com/templates/resources/img/ 4 KB
5 KB 123ms
122ms Image
image/png 2606:4700:3032::6815:4ca7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freeimagekit.com/templates/resources/img/freeimagekit_logo3.png

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4ca7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3af9bd350a42dd37d386ba52139b05852475009dd537723bbc28cc2ac1be456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781402
alt-svc: h3=":443"; ma=86400
content-length: 4377
last-modified: Fri, 03 Jun 2022 19:14:17 GMT
server: cloudflare
etag: "629a5d89-1119"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8ROPkBfI8LLRwYtbJDukIZpwuOv3SrwnB3MSRv97of9AZTdR2lkQ%2FTElhYKaOP716jXdIRlrSUrB0GBHmcxxWJqELSjuvBGBnhrvR8R3VhVRuKb%2B26cr0azqi3u7BEQE0MJyBjLtbftO0vCOUIk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 85bbb2c0f83c42a6-EWR
expires: Sun, 25 Feb 2024 05:53:02 GMT

GET
H3 200 view.js Show response
freeimagekit.com/templates/resources/ 1 KB
1 KB 44ms
44ms Script
application/javascript 2606:4700:3032::6815:4ca7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeimagekit.com/templates/resources/view.js

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4ca7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2560af1c7b40e1032d1f24b5a4a06c6743e23b05ac28ea9f63cf84f217071ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12834
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 May 2022 16:11:35 GMT
server: cloudflare
etag: W/"628bb237-461"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7DLyxDP54OowRxrWxMHbirBowTOEkrgN7f0NZPt%2F3WAtaHRvh8eJLokdSO0%2BqSTg4vACQW8XXBqoG9gT%2F3zslvvVtfAkad5i6932%2FJe3SlD%2FqTBk8%2B9Yu5RNPMscSWOm7YfdfPNO5L27qh5uSBa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 85bbb2c37b59b96e-AMS
expires: Tue, 27 Feb 2024 05:35:39 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 206 KB
46 KB 82ms
27ms Script
text/javascript 3.160.150.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-115.fra60.r.cloudfront.net

Software

Resource Hash

cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:33:55 GMT
content-encoding: gzip
via: 1.1 9ec406dc5379d974fc3d9f41dd497bf0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P7
age: 480
etag: W/"3360d-7zvdaxLS2Lhi3Pty7QrCYymkuqI"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: fuzcsh23LiCnvBub17zgz5AcXxiPyF0myC4qBcnIxu-UQ0PR25ty4w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
84 KB 91ms
38ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VPJJ5S5JPN

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba229e3b42799601a884871252ae9256e5b8f43ebb2737fd5db3eec0865d63b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Feb 2024 22:41:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 408 KB
138 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1681196247196095&plah=freeimagekit.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1681196247196095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdb44a324bfb21135bff9a8660ca788d4e3962718a013ef60acc46cbbd749376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141467
x-xss-protection: 0
server: cafe
etag: 12915021794931915650
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 22:41:55 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 2E4D 9 KB
5 KB 81ms
25ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1681196247196095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 18:30:46 GMT
etag: 3890843268177463596
expires: Mon, 11 Mar 2024 18:30:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 78ms
25ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freeimagekit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 22:30:36 GMT
x-content-type-options: nosniff
age: 346279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 22:30:36 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 95ms
47ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freeimagekit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 23:51:41 GMT
x-content-type-options: nosniff
age: 341414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 23:51:41 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 75ms
27ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freeimagekit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 03:51:59 GMT
x-content-type-options: nosniff
age: 499796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 03:51:59 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 66ms
30ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freeimagekit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:37:36 GMT
x-content-type-options: nosniff
age: 486259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:37:36 GMT

POST
H3 204 AGSKWxXBAQJdVfuQAHmHQyPAk3E_agvgeQ6lh3RZA1g8IOvm8CELxwKOMYsXa7ynBjqehaVeV1nA8wZa_xCgdjtwg_jziPTzq6jC0Qiewk3_mGQv3-PW4620lyiWInExWAJL9mCdHE0u_A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 83ms
35ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBAQJdVfuQAHmHQyPAk3E_agvgeQ6lh3RZA1g8IOvm8CELxwKOMYsXa7ynBjqehaVeV1nA8wZa_xCgdjtwg_jziPTzq6jC0Qiewk3_mGQv3-PW4620lyiWInExWAJL9mCdHE0u_A==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxGHperP9XmGpZeIZE0HXJV-zDbgA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-obJJqq2gsVoNHFENsoEN8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
content-security-policy: script-src 'report-sample' 'nonce-obJJqq2gsVoNHFENsoEN8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi4di8_Ms6NoEDO9rnMwMAR4UVbg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://freeimagekit.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXddpa6k4AX8rVdaQ03kzhIaIwad1hOo5xZdw4wWqNWEfhVuIHqCICDgHxr1KiV6n4QlTmrCxAJeWhouNxUXv6jqU4j55x-G6sPpO_U8rQVnqEAsCzkLmB8_sszV9ci4dB5ZspK5w== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXddpa6k4AX8rVdaQ03kzhIaIwad1hOo5xZdw4wWqNWEfhVuIHqCICDgHxr1KiV6n4QlTmrCxAJeWhouNxUXv6jqU4j55x-G6sPpO_U8rQVnqEAsCzkLmB8_sszV9ci4dB5ZspK5w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4OTg3MzE1LDgwNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mcmVlaW1hZ2VraXQuY29tLyIsbnVsbCxbWzgsInNQT2lmTWNfcGFJIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjExIl0sWzExLCJbXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3125d981791266167031dde6e909989ea3568176e2dca82ee5412d70e21954b1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XGRGn3VbJmXBkAJUHfUtUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XGRGn3VbJmXBkAJUHfUtUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBDHPJ_OmgLEi1lnsK4GYqf0GaxBQPw5cwbrbyD2qZ_BGgPEpivPs9oCsRAPx-blX9axCTQ03etnBgCXHkNa"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5f048a097df6de0013323391.js Show response
buttons-config.sharethis.com/js/ 908 B
1 KB 481ms
406ms Script
text/javascript 2600:9000:2057:d000:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5f048a097df6de0013323391.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:d000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f19677cb25b554b818d42232995ea4584ff87221dc8b12646f19f3dfa74c829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:57 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 28 Jul 2023 04:49:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
etag: "bf6c21064934a44e453a5a63ae313bf4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 908
x-amz-cf-id: Y0EibXBnfwl7q6Xs9RQ8bjas4MiSzqudsujk9mstU3oGscRnYIS69g==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
403 B 191ms
46ms XHR
text/plain 34.250.57.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=freeimagekit.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Ffreeimagekit.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Free%20Image%20Kit%20-%20Online%20Photo%20Compressor&cms=unknown&publisher=5f048a097df6de0013323391&sop=true&version=st_sop.js&lang=en&description=Compress%20your%20JPG%2FJPEG%20to%20100kb%20freely.%20this%20online%20optimizer%20tool%20resize%20the%20image%20and%20reduce%20the%20JPEG%20image%20size%20in%20kb.&ua=&ua_mobile=false&ua_full_version_list=&uuid=16645d40-caf8-4481-bee1-c3339cbea02e

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.57.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-57-95.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 22:41:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://freeimagekit.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 86ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VPJJ5S5JPN&gtm=45je42l0v867790000za220&_p=1708987315767&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=797909905.1708987316&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708987315&sct=1&seg=0&dl=https%3A%2F%2Ffreeimagekit.com%2F&dt=Free%20Image%20Kit%20-%20Online%20Photo%20Compressor&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2621
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VPJJ5S5JPN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 22:41:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freeimagekit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E26 195 KB
52 KB 580ms
580ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1681196247196095&output=html&adk=1812271804&adf=3025194257&lmt=1708987315&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffreeimagekit.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708987315595&bpp=156&bdt=305&idt=330&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5340112738582&frm=20&pv=2&ga_vid=797909905.1708987316&ga_sid=1708987316&ga_hid=897647164&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081136%2C42531706%2C44798934%2C95323740%2C95325069%2C95323761%2C31080991%2C95324155%2C95324161&oid=2&pvsid=583640963634628&tmod=306880784&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=349

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1681196247196095&plah=freeimagekit.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9638b2dc467dfbef3e5e1ec1e2595025745d2c3f7180e48353e79285a6f1aa33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 53622
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 22:41:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9794 580 B
375 B 826ms
826ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1681196247196095&output=html&h=200&slotname=6992691836&adk=1873920076&adf=2973700990&pi=t.ma~as.6992691836&w=1108&fwrn=4&lmt=1708987315&rafmt=11&format=1108x200&url=https%3A%2F%2Ffreeimagekit.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708987315751&bpp=3&bdt=460&idt=197&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5340112738582&frm=20&pv=1&ga_vid=797909905.1708987316&ga_sid=1708987316&ga_hid=897647164&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=63&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081136%2C42531706%2C44798934%2C95323740%2C95325069%2C95323761%2C31080991%2C95324155%2C95324161&oid=2&pvsid=583640963634628&tmod=306880784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=199

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52502014acfa643d217a68f92939b0b8a2b90e1c6b087f89980dbad9beb93419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 22:41:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C5B 862 B
630 B 609ms
609ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1681196247196095&output=html&h=255&slotname=9037235390&adk=3991226956&adf=428513989&pi=t.ma~as.9037235390&w=1066&lmt=1708987315&rafmt=11&format=1066x255&url=https%3A%2F%2Ffreeimagekit.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708987315755&bpp=3&bdt=464&idt=199&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1108x200&nras=1&correlator=5340112738582&frm=20&pv=1&ga_vid=797909905.1708987316&ga_sid=1708987316&ga_hid=897647164&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=84&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081136%2C42531706%2C44798934%2C95323740%2C95325069%2C95323761%2C31080991%2C95324155%2C95324161&oid=2&pvsid=583640963634628&tmod=306880784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce4f4df04db0d0e40430ab85556fcdd18f4854da2828131404ceebbf8327c16b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 22:41:56 GMT
expires: Mon, 26 Feb 2024 22:41:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 816F 862 B
581 B 685ms
685ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1681196247196095&output=html&h=600&slotname=7924356395&adk=225417638&adf=628990803&pi=t.ma~as.7924356395&w=300&lmt=1708987315&format=300x600&url=https%3A%2F%2Ffreeimagekit.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708987315763&bpp=3&bdt=473&idt=195&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1108x200%2C1066x255&nras=1&correlator=5340112738582&frm=20&pv=1&ga_vid=797909905.1708987316&ga_sid=1708987316&ga_hid=897647164&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1212&ady=310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31081136%2C42531706%2C44798934%2C95323740%2C95325069%2C95323761%2C31080991%2C95324155%2C95324161&oid=2&pvsid=583640963634628&tmod=306880784&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=196

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9005eb2979d279c9403055d36b8f5dbbfd58c455dc575f63610155dd08abede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 410
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 22:41:56 GMT
expires: Mon, 26 Feb 2024 22:41:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 214 B
590 B 255ms
189ms Script
text/javascript 13.32.121.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Ffreeimagekit.com%2F

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-95.fra60.r.cloudfront.net

Software

Resource Hash

d71e75d98c3266ecc1e2057e6e5a6f0a5af37217bd1c97e17c5ad82a1cbcfc7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:56 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
etag: 7305f10c2717bdf4968f896ce37d4384
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=900
content-length: 214
apigw-requestid: Tnz2CjrgoAMEJxA=
x-amz-cf-id: 1pFWc_frv93IdO9vogdJC7HjU4Hb9fth_iTN-qrghNtDKSnNCmRMoA==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 368 B
778 B 77ms
21ms Image
image/svg+xml 2600:9000:2156:3200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:40:38 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 15 Sep 2023 16:58:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 79
x-amz-server-side-encryption: AES256
etag: "2deb3d5121d475d195577a70b0a91a0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 368
x-amz-cf-id: e1GGwFr0FU52GkpiTDic0NWCkrpV7aKY8KMJe6z7YFPmNlHoyHcoPg==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
743 B 78ms
22ms Image
image/svg+xml 2600:9000:2156:3200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 01:42:29 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 2062768
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 8JnpLD7IIcMCHxCOgBA8kqw1a8htjjkeiRbY6oIRb-rzAIASS87mTw==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 78ms
22ms Image
image/svg+xml 2600:9000:2156:3200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 01:49:55 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 1975922
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 832
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "afe7fc60ed757db39a88d2950fce69c9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: Bjb27lPFylq4sEx1G4dXpbhh-sbgyAumuAnbDn_XwNzii5S_LzhPZg==

GET
H2 200 telegram.svg
platform-cdn.sharethis.com/img/ 858 B
1 KB 79ms
23ms Image
image/svg+xml 2600:9000:2156:3200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/telegram.svg

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:39:39 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 12 Aug 2022 01:07:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 137
x-amz-server-side-encryption: AES256
etag: "e3f5e90fa57764cd951db1b1bc688edd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 858
x-amz-cf-id: tFfR1Qv_aqMl_F5CE3mARe_KqNk5k78yOEWGpa9ooRujImQjAnOeNA==

GET
H2 200 messenger.svg
platform-cdn.sharethis.com/img/ 372 B
814 B 80ms
24ms Image
image/svg+xml 2600:9000:2156:3200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/messenger.svg

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:24:38 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 1736239
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 372
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "a5aa43fa302867d3e888ac2f69b7b288"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: fdy0c77oGoZ0ijAeoWT3BmkZUmsiEwnaB5Bv33UP3sQvRNZMqvwa1w==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
937 B 79ms
23ms Image
image/svg+xml 2600:9000:2156:3200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sharethis.svg

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:39:22 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 2466155
etag: "deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 514
x-amz-cf-id: qmuf2ocYHNldmkSC5Hc1na0cpcsz2pzDCyT4hM58JVPDGUmAU31FCw==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
989 B 22ms
22ms Image
image/svg+xml 2600:9000:2156:3200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_left.svg

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 07:11:15 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 660642
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 565
x-amz-cf-id: uU07RsYDBt2a6M54dDyUdPLyd5meuqGu2q09tlEav-njvSqARKpdGg==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
989 B 23ms
23ms Image
image/svg+xml 2600:9000:2156:3200:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_right.svg

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:39:22 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 2466155
etag: "9928d025bd5792b718ee0a185f62e67c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 565
x-amz-cf-id: _MMg3p4zUErB6IlqAKrKcZ3_fhDcQCXG94GmM5v-0F1bY2m6rVT85Q==

GET
H3 200 !advert_ Show response
fundingchoicesmessages.google.com/f/AGSKWxVe7ogi9Bcipl_2SM-yFNdm2tZ4pwFWUNqQgvjsqgw6lcJk1pKUSOb1mNi4C7G5gA3ka2xUOIrOCgScQURImlSu0zYDmSW7c_M3BL84fw3KscjlkmcMORtHPWnN73UgaK8sqxnotkqPDr3Gn3BMw2uJ8FH8n... 54 B
110 B 39ms
39ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVe7ogi9Bcipl_2SM-yFNdm2tZ4pwFWUNqQgvjsqgw6lcJk1pKUSOb1mNi4C7G5gA3ka2xUOIrOCgScQURImlSu0zYDmSW7c_M3BL84fw3KscjlkmcMORtHPWnN73UgaK8sqxnotkqPDr3Gn3BMw2uJ8FH8ngPX2rWlCfgOSEwM5uxdjZNyhUqOp-Oj/_/adframe2./adsfinal./ad_footer./ads/ads./!advert_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.sPOifMc_paI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMztErzSpGp4AZHBWvge5wIXfuvJgw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bd65fb7472dff4f42c3155bb2d9ae8049528bc745348a1d4494503407eb418c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GHniwyDUSmvBNCS2nfMaOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-GHniwyDUSmvBNCS2nfMaOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXFEKQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBDHPJ_OmgLEi1lnsK4GYqf0GaxBQPw5cwbrbyD2qZ_BGgPEpivPs9oCsRAPx5blX9axCTQcePqWEQCYUkP7"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8edbb8259081180ed5a97fc33139b386f2a0409def269b31f10b790acec8a05a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51395
x-xss-protection: 0
server: cafe
etag: 1697757740505035318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 26 Feb 2024 22:41:56 GMT

POST
H3 204 AGSKWxXBAQJdVfuQAHmHQyPAk3E_agvgeQ6lh3RZA1g8IOvm8CELxwKOMYsXa7ynBjqehaVeV1nA8wZa_xCgdjtwg_jziPTzq6jC0Qiewk3_mGQv3-PW4620lyiWInExWAJL9mCdHE0u_A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 35ms
34ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBAQJdVfuQAHmHQyPAk3E_agvgeQ6lh3RZA1g8IOvm8CELxwKOMYsXa7ynBjqehaVeV1nA8wZa_xCgdjtwg_jziPTzq6jC0Qiewk3_mGQv3-PW4620lyiWInExWAJL9mCdHE0u_A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-taYpiNrNfCNNWbBKK56Yyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 22:41:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-taYpiNrNfCNNWbBKK56Yyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi4diy_Ms6NoEbT0-9YgQAR8cWNQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://freeimagekit.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXBAQJdVfuQAHmHQyPAk3E_agvgeQ6lh3RZA1g8IOvm8CELxwKOMYsXa7ynBjqehaVeV1nA8wZa_xCgdjtwg_jziPTzq6jC0Qiewk3_mGQv3-PW4620lyiWInExWAJL9mCdHE0u_A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 39ms
39ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBAQJdVfuQAHmHQyPAk3E_agvgeQ6lh3RZA1g8IOvm8CELxwKOMYsXa7ynBjqehaVeV1nA8wZa_xCgdjtwg_jziPTzq6jC0Qiewk3_mGQv3-PW4620lyiWInExWAJL9mCdHE0u_A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C-CBQCkfsCN8Xbdjs0DvXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 22:41:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-C-CBQCkfsCN8Xbdjs0DvXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmII0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi4diy_Ms6NoEHWy79ZwQASpcWOA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://freeimagekit.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 166 KB
56 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e4d40f35ff331eab5061ea866b6e5bccebc1706e7edc5f108da6cf52c8326cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57337
x-xss-protection: 0
server: cafe
etag: 14384158668838990903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 22:41:56 GMT

POST
H3 204 AGSKWxXBAQJdVfuQAHmHQyPAk3E_agvgeQ6lh3RZA1g8IOvm8CELxwKOMYsXa7ynBjqehaVeV1nA8wZa_xCgdjtwg_jziPTzq6jC0Qiewk3_mGQv3-PW4620lyiWInExWAJL9mCdHE0u_A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 35ms
35ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBAQJdVfuQAHmHQyPAk3E_agvgeQ6lh3RZA1g8IOvm8CELxwKOMYsXa7ynBjqehaVeV1nA8wZa_xCgdjtwg_jziPTzq6jC0Qiewk3_mGQv3-PW4620lyiWInExWAJL9mCdHE0u_A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IjUMD_UEk3_tX_2gES7Wcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 22:41:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-IjUMD_UEk3_tX_2gES7Wcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi4diy_Ms6NoEXl66vYAIASR8WBg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://freeimagekit.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXBAQJdVfuQAHmHQyPAk3E_agvgeQ6lh3RZA1g8IOvm8CELxwKOMYsXa7ynBjqehaVeV1nA8wZa_xCgdjtwg_jziPTzq6jC0Qiewk3_mGQv3-PW4620lyiWInExWAJL9mCdHE0u_A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 35ms
35ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXBAQJdVfuQAHmHQyPAk3E_agvgeQ6lh3RZA1g8IOvm8CELxwKOMYsXa7ynBjqehaVeV1nA8wZa_xCgdjtwg_jziPTzq6jC0Qiewk3_mGQv3-PW4620lyiWInExWAJL9mCdHE0u_A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1FtMg67amwgzPw6NPnBcyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 22:41:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1FtMg67amwgzPw6NPnBcyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi4diy_Ms6NoEVS3-vYAIARXsVsw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://freeimagekit.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVj1kHCFvNegzjLW2pv9_xOdCQZB8Xi3O-YEZ0uTjwSloEWV1Y4ue493uhkoZ6hBkCIKhpapoFopH2Vm4NNUFXYQxoC13wF3uQvF4vGorrQfFv_QDMBY4wjn42d9bpcQyX7OGzVmw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVj1kHCFvNegzjLW2pv9_xOdCQZB8Xi3O-YEZ0uTjwSloEWV1Y4ue493uhkoZ6hBkCIKhpapoFopH2Vm4NNUFXYQxoC13wF3uQvF4vGorrQfFv_QDMBY4wjn42d9bpcQyX7OGzVmw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4OTg3MzE2LDYwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZnJlZWltYWdla2l0LmNvbS8iLG51bGwsW1s4LCJzUE9pZk1jX3BhSSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFs3LCIxMSJdLFsxMSwiW10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4db4b959a0a349d1d6b474b95cd610d7b1d71d8168f5d45eebb3b3b4fb771891

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CiLv_PDFroslrTVhZCLqMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-CiLv_PDFroslrTVhZCLqMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBDHPJ_OmgLEi1lnsK4GYqf0GaxBQPw5cwbrbyD2qZ_BGgPEpivPs9oCsRAPx5blX9axCWyY8Gs9EwCOZkPD"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-1681196247196095&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20240221_093528&sat=1708802759865&afm=0&as_count=3&d_count=0&ng_count=0&am_count=0&atf_count=3&mdns=0.464&alldns=0.464&allp=17&pgh=2275&abl=false&rr=n&su=freeimagekit.com&pvc=583640963634628&r=0.1&eid=44759876%2C44759927%2C31081136%2C42531706%2C44798934%2C95323740%2C95325069%2C95323761%2C31080991%2C95324155%2C95324161

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 22:41:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU-D3pZuSuM40PtF4he0XKJkLYCcr4tCX87qLUGv6w6J5iBOAUpJdoPAEBFuEDNZLM2onVQNydkWira8FflKF38seAnnIbn0B_CylD80E9BHXWb5n17w6qx7a0g-30WFW5yrmmWEQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 35ms
35ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-D3pZuSuM40PtF4he0XKJkLYCcr4tCX87qLUGv6w6J5iBOAUpJdoPAEBFuEDNZLM2onVQNydkWira8FflKF38seAnnIbn0B_CylD80E9BHXWb5n17w6qx7a0g-30WFW5yrmmWEQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-t3asO4gxI8OZxfThr1Lk4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 22:41:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-t3asO4gxI8OZxfThr1Lk4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi4diy_Ms6NoELr24dZAIASXgWIw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://freeimagekit.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame B8A9 9 KB
4 KB 23ms
23ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 18:49:49 GMT
etag: 3890843268177463596
expires: Mon, 11 Mar 2024 18:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame B8A9 5 KB
790 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 22:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 20:49:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 22:41:56 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B8A9 205 B
295 B 92ms
32ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:53:15 GMT
x-content-type-options: nosniff
age: 514121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Feb 2025 23:53:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B8A9 604 B
920 B 91ms
31ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 04:03:39 GMT
x-content-type-options: nosniff
age: 499097
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Feb 2025 04:03:39 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame B8A9 15 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61d8691097f35768bf7d91d6cd291fcfb2bb2cb5334ae145faf11e652e0ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 19:28:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6496
x-xss-protection: 0
server: cafe
etag: 2240975554753911238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 19:28:10 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame B8A9 22 KB
9 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 18:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9139
x-xss-protection: 0
server: cafe
etag: 14231659491099539135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 18:32:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3960 14 KB
1 KB 35ms
34ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 22:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 20:52:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 22:41:56 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3960 2 KB
822 B 26ms
26ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 23:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 23:21:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 3960 23 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 10:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 10:39:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3960 3 KB
1 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 10:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 10:39:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3960 20 KB
8 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 23:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 23:21:01 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3960 204 KB
61 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 23:39:55 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 3960 36 KB
15 KB 36ms
25ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 18:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 May 2024 18:18:39 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 119ms
68ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289df7ac05dd59fb1eefd972d637f8ff0926caf581d0a06b152306b1535df968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12452
x-xss-protection: 0

GET
H3 200 44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5320 51 KB
19 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js

Requested by

Host: freeimagekit.com
URL: https://freeimagekit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e383cce85d8b462cc82f895a751071fb52398f7404efe4e18ea5216c46652c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 486244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19803
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Feb 2025 07:37:52 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 110ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 22:41:57 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F40 13 KB
5 KB 30ms
29ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeimagekit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 21:37:18 GMT
expires: Tue, 25 Feb 2025 21:37:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F89E 829 B
1 KB 98ms
35ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

62a60c6af4f6b40464eecb566134273ec12988d66dbd1fc14a29c3e5422a9dfd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_l_2ahPyhUpOQ1L_l0Hiug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freeimagekit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_l_2ahPyhUpOQ1L_l0Hiug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 22:41:57 GMT
expires: Mon, 26 Feb 2024 22:41:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F40 39 KB
15 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 05:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Feb 2025 05:31:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F89E 0
0 57ms
57ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=583640963634628&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1F40 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EJjnVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:41:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=583640963634628&bg=!KSqlKmXNAAZ3BdUuVwU7ADQBe5WfOAU0-yvH8ySdk3r9DaiUB51QviFqRcw0dTGqHPnGdlzZGXKOWAQcS7aHv_sLjLPXAgAAAEVSAAAAAmgBBwoAbih2TVy9AOELUSuQVJxsn_u6FBzTu8HZRL-wAbWPBfQfZTtndVXRRhLAkf0FDGnXwTJFTg9CgFevoW7KnX9aatho8HwLiVb1qz6lAoXPGfmq6yYfKy5Wb82PgyMtgud2S_ymlUD-E81oRdtwmrjfmQMAKcCb1A6Hj_c1Wc-8arjVRTxHw3-HwgxwpaBISpP1K9ccuw6BROybjKyFuXp5CvwAHf-sfFLPQpC1QIIZpFEGrMOV-0HBRkbmd2YLf68w_PF4ExL8VJ4Mc0Dnf-9_mhLWJkMWT2r44AHYWoG08_BqxE1lfhfodcmmmQNqAWrSNXlE4BtWoCM2r2qkah_f_jmry2PkaP7-XGF5j33m8VVcDKm4i0eLo0RcM8cmt1v238dVUW8Y1klsYa3RpcOg1VUE92UV8WfnnSAnn0luccinEHV0szraM6dexm_NLB0Af_7hNemN4-nJWuAyofQBmXndAtGZ4zNCjhc-AWA0k_a43ckjw2ej9N0f_CT6VmSRgmZa4Bs8xuu6aD2boY3bJ8VL1XoUp2eMHS6HUJZV0S2kNpFpKttuK0inJ1wZ3NBSShe5EJ0K3XyFNVrjnB5ukLlf1kpHWVS9Z4pZuCNZSvKuH1EMFLJpw4HLpjKXaRhZwxtWelY8o2CCi2mCiCJYNyi0OLOFhiljEWgwezf_kAwmsfACwUZ3r2YTpMB5luwmvxPntm1_FIchlBLTzl_zCnovWUZkZlOGei8xpaNgR0EzaF6B5l34nFa_hv13ag94j25BJVHakSp2RurTVnVhqV8AYtR43OO58ipaOONJR_DHRqNuwAO6HBZ7sLH1yy6UPm3QL1fz7UaPvI_xbyDdY3kgxddzo2XZzq39A5CH_GNbI_DQge7jib9wfJ414J91tFwnRpakfidWL9Ult6huT0D37FtE_1e3rPS2uOrnh6g0aCC3A4P4yTMXtKBR3IjiKKDfEwd9trjeOU7XJ-mDZESTX0PoNSkoh5Et1qaFRfT1Gkt18FyUU3odhew015d5mccMxMbcm_TYu6g71stROFLJC1FSLI2px4cqB88LYop8qLo1sUx0u0wwNi_BHbtTYPNEGfWQusJMgiFxdY2-FdPvFt_6T4neYCE04krWX3Nvvb61QADNnWcLAIuSbWUqzzDvdskP-unuc3bFwfR5pOJ1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeimagekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.freeimagekit.com/	1970-01-21 04:19:07	Name: _ga_VPJJ5S5JPN Value: GS1.1.1708987315.1.0.1708987315.0.0.0
.freeimagekit.com/	1970-01-21 04:19:07	Name: _ga Value: GA1.1.797909905.1708987316
.doubleclick.net/	1970-01-20 18:43:08	Name: test_cookie Value: CheckForPermission
.freeimagekit.com/	1970-01-21 04:04:43	Name: __gads Value: ID=71ff2697d3fe8eab:T=1708987315:RT=1708987315:S=ALNI_MaM5Hgw8VHNK078h7IgDXQu7ZEdzA
.freeimagekit.com/	1970-01-21 04:04:43	Name: __gpi Value: UID=00000d62fc728d9e:T=1708987315:RT=1708987315:S=ALNI_MbLAlrw2ataWnFryCe7zNNQgTEN-Q
.freeimagekit.com/	1970-01-20 23:02:19	Name: __eoi Value: ID=97ec9089f851b8f1:T=1708987315:RT=1708987315:S=AA-AfjaBJhQPody61U7hCT7F9icq
.freeimagekit.com/	1970-01-21 03:28:43	Name: FCNEC Value: %5B%5B%22AKsRol_U0-gr3wAggCNJztphuYxIXMfibavlJnUR9wfGQn77S9guaF-FEpJQddX7eEdqbulteGdZqO2VzmNg_T1vvHNHYHqV3d4uDIYfZYrNEvIUmZ5G7tspvAkhc1pVwRKtQIjSH5jRNxc5MFbph9ul8Qceq1g25w%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22811%22%5D%5D%5D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://freeimagekit.com/(Line 292) Message: The specified value "Ex: 20" cannot be parsed, or is out of range.
other	warning	URL: https://freeimagekit.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimagekit.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freeimagekit.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
cdn.jsdelivr.net
code.jquery.com
count-server.sharethis.com
fonts.googleapis.com
fonts.gstatic.com
freeimagekit.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
platform-api.sharethis.com
platform-cdn.sharethis.com
region1.google-analytics.com
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.32.121.95
2001:4860:4802:34::36
2600:9000:2057:d000:c:abe:f440:93a1
2600:9000:2156:3200:1d:85c3:6640:93a1
2606:4700:3032::6815:4ca7
2606:4700:3037::ac43:c57c
2606:4700::6810:5514
2606:4700::6812:bcf
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a04:4e42:400::649
3.160.150.115
34.250.57.95
00b7a28fc3aa52678bc95e29e0720f3d5978f1ffe9fc7f575ed5e2d883f5ca06
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
09313719aac77f2212a20217fe0e643375d02d26dc297d8f73a8de312d00429d
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
2560af1c7b40e1032d1f24b5a4a06c6743e23b05ac28ea9f63cf84f217071ba8
289df7ac05dd59fb1eefd972d637f8ff0926caf581d0a06b152306b1535df968
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
3125d981791266167031dde6e909989ea3568176e2dca82ee5412d70e21954b1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4b61d8691097f35768bf7d91d6cd291fcfb2bb2cb5334ae145faf11e652e0ef6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4db4b959a0a349d1d6b474b95cd610d7b1d71d8168f5d45eebb3b3b4fb771891
52502014acfa643d217a68f92939b0b8a2b90e1c6b087f89980dbad9beb93419
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57751728c684938e90023b2acca357775acadaa5d798dfad4d8c07224e5ae6a0
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a60c6af4f6b40464eecb566134273ec12988d66dbd1fc14a29c3e5422a9dfd
70265f69e7c9a8b033bba29bc9e840060c5bed709bd4b3c95eb73db6fd2a1f9b
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f19677cb25b554b818d42232995ea4584ff87221dc8b12646f19f3dfa74c829
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8edbb8259081180ed5a97fc33139b386f2a0409def269b31f10b790acec8a05a
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9638b2dc467dfbef3e5e1ec1e2595025745d2c3f7180e48353e79285a6f1aa33
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9bd65fb7472dff4f42c3155bb2d9ae8049528bc745348a1d4494503407eb418c
9e4d40f35ff331eab5061ea866b6e5bccebc1706e7edc5f108da6cf52c8326cc
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
ba229e3b42799601a884871252ae9256e5b8f43ebb2737fd5db3eec0865d63b0
c80d043417504ddefcd0b5f20de94e3a3396ba875ba16eca8b3c362034a2444e
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce4f4df04db0d0e40430ab85556fcdd18f4854da2828131404ceebbf8327c16b
ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
d71e75d98c3266ecc1e2057e6e5a6f0a5af37217bd1c97e17c5ad82a1cbcfc7c
d9005eb2979d279c9403055d36b8f5dbbfd58c455dc575f63610155dd08abede
e383cce85d8b462cc82f895a751071fb52398f7404efe4e18ea5216c46652c17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
f3af9bd350a42dd37d386ba52139b05852475009dd537723bbc28cc2ac1be456
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fdb44a324bfb21135bff9a8660ca788d4e3962718a013ef60acc46cbbd749376
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

freeimagekit.com Open in urlscan Pro 2606:4700:3032::6815:4ca7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

100 %HTTPS

85 %IPv6

12 Domains

19 Subdomains

19 IPs

3 Countries

875 kBTransfer

2651 kBSize

7 Cookies

2 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

freeimagekit.com Open in urlscan Pro
2606:4700:3032::6815:4ca7 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

100 %
HTTPS

85 %
IPv6

12
Domains

19
Subdomains

19
IPs

3
Countries

875 kB
Transfer

2651 kB
Size

7
Cookies

69 HTTP transactions
0 data transactions