www.wpgxfox28.com Open in urlscan Pro
2606:4700:4400::6812:27f7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wpgxfox28.com/
Submission: On October 26 via api (October 26th 2022, 1:28:30 am UTC) from SG — Scanned from DE

Summary HTTP 250 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 28 domains to perform 250 HTTP transactions. The main IP is 2606:4700:4400::6812:27f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wpgxfox28.com.
TLS certificate: Issued by Cloudflare Inc RSA CA-2 on March 2nd 2022. Valid for: a year.

This is the only time www.wpgxfox28.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:440... 2606:4700:4400::6812:27f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:440... 2606:4700:4400::6812:271c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:440... 2606:4700:4400::6812:2862	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:939e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2606:4700:440... 2606:4700:4400::6812:2776	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	52.160.40.218 52.160.40.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	20.60.81.107 20.60.81.107	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6 9	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	213.254.244.26 213.254.244.26	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
26	2606:4700::68... 2606:4700::6810:d40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
250	41

8 2606:4700:4400::6812:27f7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wpgxfox28.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::6812:271c (United States)

ASN13335 (CLOUDFLARENET, US)

ngw-static.franklyinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:4400::6812:2862 (United States)

ASN13335 (CLOUDFLARENET, US)

ftpcontent.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:939e (United States)

ASN13335 (CLOUDFLARENET, US)

ftpcontent6.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:4400::6812:2776 (United States)

ASN13335 (CLOUDFLARENET, US)

wpgx.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stacker.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prsubmitpresslifestyle.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cntsyncont.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

citysparkstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.26 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700::6810:d40 (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	299 KB
41	worldnow.com ftpcontent.worldnow.com — Cisco Umbrella Rank: 144531 ftpcontent6.worldnow.com wpgx.images.worldnow.com content.worldnow.com — Cisco Umbrella Rank: 162670 stacker.images.worldnow.com prsubmitpresslifestyle.images.worldnow.com cntsyncont.images.worldnow.com	2 MB
34	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	339 KB
26	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 10803	293 KB
15	windows.net citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 28840	1 MB
12	franklyinc.com ngw-static.franklyinc.com — Cisco Umbrella Rank: 158251	1 MB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 363	234 KB
9	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
8	wpgxfox28.com www.wpgxfox28.com	146 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	132 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	213 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 572	2 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 482 tps.doubleverify.com — Cisco Umbrella Rank: 502 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 492292	109 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2668	22 KB
4	gstatic.com fonts.gstatic.com	103 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	130 KB
3	cityspark.com cdn.cityspark.com — Cisco Umbrella Rank: 32977 p.cityspark.com — Cisco Umbrella Rank: 22523	30 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	570 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1137	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 409	365 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	128 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	6 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720	31 KB
1	azureedge.net csp.azureedge.net — Cisco Umbrella Rank: 29972	61 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	29 KB
250	28

	Domain	Requested by
26	c.bannerflow.net	s0.2mdn.net c.bannerflow.net
24	tpc.googlesyndication.com	www.wpgxfox28.com securepubads.g.doubleclick.net cdn.ampproject.org 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com tpc.googlesyndication.com
21	pagead2.googlesyndication.com	3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com www.wpgxfox28.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
16	wpgx.images.worldnow.com	www.wpgxfox28.com wpgx.images.worldnow.com
15	citysparkstorage.blob.core.windows.net	www.wpgxfox28.com
13	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.wpgxfox28.com
12	ngw-static.franklyinc.com	www.wpgxfox28.com ngw-static.franklyinc.com
11	cdn.ampproject.org	securepubads.g.doubleclick.net
10	cntsyncont.images.worldnow.com	www.wpgxfox28.com
9	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	www.wpgxfox28.com	www.wpgxfox28.com ngw-static.franklyinc.com
7	s0.2mdn.net	3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com www.wpgxfox28.com s0.2mdn.net
7	www.google.com	www.wpgxfox28.com 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	googleads4.g.doubleclick.net	www.wpgxfox28.com
6	ftpcontent.worldnow.com	www.wpgxfox28.com content.worldnow.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com www.wpgxfox28.com
5	www.googletagservices.com	content.worldnow.com 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	stacker.images.worldnow.com	www.wpgxfox28.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.wpgxfox28.com
3	content.worldnow.com	wpgx.images.worldnow.com
3	fonts.googleapis.com	ftpcontent.worldnow.com client securepubads.g.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	cdn.doubleverify.com	securepubads.g.doubleclick.net www.wpgxfox28.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	prsubmitpresslifestyle.images.worldnow.com	www.wpgxfox28.com
2	p.cityspark.com	cdn.cityspark.com
2	www.googletagmanager.com	www.wpgxfox28.com
2	cdnjs.cloudflare.com	www.wpgxfox28.com cdn.cityspark.com
2	maxcdn.bootstrapcdn.com	www.wpgxfox28.com
1	tpsc-frc.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	csp.azureedge.net	cdn.cityspark.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	imasdk.googleapis.com	content.worldnow.com
1	cdn.cityspark.com	www.wpgxfox28.com
1	code.jquery.com	www.wpgxfox28.com
1	ftpcontent6.worldnow.com	www.wpgxfox28.com
250	46

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
wpgxfox28.com
portal.cityspark.com
www.grittv.com
publicfiles.fcc.gov
www.aboutads.info
www.franklymedia.com

Subject Issuer	Validity	Valid
www.wpgxfox28.com Cloudflare Inc RSA CA-2	`2022-03-02` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
images.worldnow.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.cityspark.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-08` - `2023-03-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 01	`2022-08-18` - `2023-08-13`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.wpgxfox28.com/
Frame ID: DBE051738190B77C94310D41BBE38025
Requests: 116 HTTP requests in this frame

Frame: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 023DA7BE37996A5B08FCB9F1BCF9133C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Frame ID: 08E37B2427423A53CADA3E71CC8B502B
Requests: 14 HTTP requests in this frame

Frame: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F714B847E416DF88814839371CA39BFA
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Frame ID: 5F19CCBF4C97E4DAE64CD2A88D627143
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXmGRCTqoQCGJa1jNcBMAE&v=APEucNUFpipPvXRJkxxb97W9t1eq30ECsMry-2z1z47BxkEyTh7ppgnT8r-OTVyx5Nhqe1TjCBda2cYKhKUPfqbndJdjQ3TmAs8ZZeJVVcPm4rEZWaCVnkJSsX-G7KnyW62_4AYCmfENBr42Vo26wkSuhSyEqwYVZz00otjacs5eLSqj-ZB93wo
Frame ID: 3EE91B4F4F9945F6936D97F0E8A3CD85
Requests: 5 HTTP requests in this frame

Frame: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 655DAD76C19F1DA8485F56EDCD4EE3A7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNWPlmq-2ylh1A_6AU-BUJQW1Zg7hyjNWlBfYU-KARSZNuwbKhfXu43xv80NgPfkeBmHb22iE9cKmGKgMCgyP7ZCNKhl6RokHnZ-bbvdqSI5ul_rlnRMPO9yUsEuQU5aS7iIWUtwR2OJ00NTmqoau_bK1Qtm_sokPmIoULBvX7Wk_1YbKg0
Frame ID: 390EAA5FD23B7F7E45CF2DFB5B000FEF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8A4D95AD91D62ECB1FEB9CE04AFE3112
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf0sMTUP2w79P4EYY41Rn_dK8mlwlMsRjKYVRNyMa3CMawyfwBmWDCblp6dGxZENASFHKQAEpDxg1j9TbFcEsnIhKiS8xeoEgOyqH5-AMGUsKUqyl8X6pN8dutVN2GFlF6oW19lHlt7wtW85wwq99_a6vfgJWfMEIcO3916LaeLND9T6kbHR2ibqoFNo7eZJkAdi4c8Gd-q6MNW893On7qwR6L6Ricafzo1BfPoOfgq93Bve04HYZSkOJYnrICd01GX7TYDv6yRhv7C494az_ICZOpKZ4NiEaE70kK_rDeUKiQaPr3oNI3-pYGDEtDelNQqHg0PClxHAvbKb_w0QWKxlIEkUAvjGRT38eW-fJVkCCY&sai=AMfl-YRQ1RsL9F8htJxuNt2k9imP0jg1IHDyGBTwiNPDgvG-41diE8GDSTzeP66MIOadUaLzmjOwhfxcJgflXQQNfd3QR-eIeaZP7muQfXzVjrbEusbZWz4LpDBhWSifAb6dI03-&sig=Cg0ArKJSzCwxiDJ0ZLJtEAE&uach_m=[UACH]&adurl=
Frame ID: 92066BB9C9ECC44394138DB74D54BE5D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 349F67E1A138BE7789157E975ABCCE03
Requests: 3 HTTP requests in this frame

Frame: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BFE32255E40ACB364DF55DF1D7257E47
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17933889851304706048/Whereveryouradventuretakesyou-WHRGerman-Deutsch-300x250-638022878363958639-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html
Frame ID: 8DA0F714628010E88C52AE6F28B158B9
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: 8F7045FDBB754AECCF43778D956E1791
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXmGRCTqoQCGJa1jNcBMAE&v=APEucNWdFvQbELQeagSaH66wwTmFO-WgQtTqFuloc4SonoTbJFXJejviE0amKjTionVBVJnROV8WxAtfkqFteW6PQ-6f-ULmccvTAbdQ5D5S56cggeTn7IJb_bGNqCqCwdZgf2AVo3xbvoHrO_oeqExRPdfct6lOFQQ7tanD01396NUFp6jjFRc
Frame ID: 8C2C85003B6D101973C79CC19A33B875
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 221B97AC28DF0E9B8F0F850A660F6358
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6041290610302779392/Whereveryouradventuretakesyou-WHRGerman-Deutsch-728x90-638022878323086302-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html
Frame ID: 980E32A36A0B388465A170B4D544A9E4
Requests: 9 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/5073a668-d8d6-4394-b6ef-8737699ff5c3
Frame ID: EA5664933E0138DECEEE38545129B14C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4976E1DC241FFB4E07FA79047C2DEE36
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FCEC9D4177EC0ED2168883B6CE9D88B
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fwyndham%2F5ca76276e534b182c4576ce4%2Fimages%2F17622ef9-c27e-4315-8b02-92430d4d3ba4.jpg&w=300&h=250&q=85&f=webp&rt=contain
Frame ID: A2608FC5E466AECD6D4FB9A59DCAB5A8
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/misc/libs/gsap/3.5.1/gsap.min.js
Frame ID: 35899D7D493561D5A464DD1468622D2C
Requests: 4 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/b6ab8348-891d-4c31-bc27-389bfefadd5c
Frame ID: 960D08DC79D46A41386A77525F8A0495
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fwyndham%2F5ca76276e534b182c4576ce4%2Fimages%2F31093acf-656b-4ce7-884f-16f38138a4c5.jpg&w=728&h=90&q=85&f=webp&rt=contain
Frame ID: CC1778747B1F5B262F64A0546C2E24FB
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/misc/libs/gsap/3.5.1/gsap.min.js
Frame ID: 77AB578381859BB5F86011304928A14A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - WPGX-Fox28 - WPGX - Fox28Arrow LeftArrow Right

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

250
Requests

96 %
HTTPS

73 %
IPv6

28
Domains

46
Subdomains

41
IPs

5
Countries

6736 kB
Transfer

17154 kB
Size

21
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/FOX28WPGX/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/explore/locations/140037995/fox28-wpgx/

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/JOSEY-SCOTT-THE-ORIGINAL-VOICE-OF-SALIVA/10988671/2022-11-05T18
Title: Sat, Nov 05 @6:30pm SponsoredJosey Scott - The Original Voice of SalivaClub LA Destin, FL48.7 mi

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/NIGHTRAIN-THE-GUNS-N-ROSES-EXPERIENCE/10829564/2022-11-11T20
Title: Fri, Nov 11 @8:00pm SponsoredNIGHTRAIN - The Guns N' Roses ExperienceClub LA Destin, FL48.7 mi

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/DEPARTURE-A-JOURNEY-TRIBUTE/10862683/2022-11-12T20
Title: Sat, Nov 12 @8:00pm SponsoredDeparture: A Journey TributeClub LA Destin, FL48.7 mi

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/WEEKLY-501-DART-TOURNAMENT/9765993/2022-10-26T19
Title: Wed, Oct 26 @7:00pmWeekly 501 Dart TournamentLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/EARLY-EDUCATION-CARE-PARENTS-SOCIAL-PROGRAM/10653042/2022-10-26T09
Title: Wed, Oct 26 @9:00amEarly Education & Care Parent's Social ProgramOakland Terrace Clubhouse

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/ASYLUM-POSTERS-BY-ERIN-WRIGHT/10914059/2022-10-26T10
Title: Wed, Oct 26 @10:00amAsylum - Posters by Erin WrightGulf Coast State College

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/ST-ANDREW-HISTORIC-WALKING-TOURS/11001987/2022-10-26T14
Title: Wed, Oct 26 @2:30pmST. ANDREW HISTORIC WALKING TOURSPANAMA CITY PUBLISHING MUSEUM

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/TROY-UNIVERSITY-VIRTUAL-WORLDWIDE-OPEN-HOUSE/11002233/2022-10-26T00
Title: Wed, Oct 26 @12:00amTroy University Virtual Worldwide Open HouseTroy University

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SUDDUTH-PARK-RIBBON-CUTTING-CEREMONY/11037893/2022-10-26T09
Title: Wed, Oct 26 @9:00amSudduth Park Ribbon Cutting CeremonySudduth Ball Field

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/PAINT-NIGHT-850-AT-SMASHED-WINE-BAR/11048228/2022-10-26T18
Title: Wed, Oct 26 @6:00pmPaint Night 850 at Smashed Wine BarSmashed Wine Bar

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/FREE-CLASS-LINE-DANCING/10954835/2022-10-27T18
Title: Thu, Oct 27 @6:30pmFree Class: Line DancingDaffin Clubhouse

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SENIOR-SIP-PAINT/11037901/2022-10-27T10
Title: Thu, Oct 27 @10:00amSenior Sip & PaintOakland Terrace Clubhouse

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SEXUAL-ASSAULT-AWARENESS/10794434/2022-10-27T12
Title: Thu, Oct 27 @12:30pmSexual Assault AwarenessGulf Coast State College

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/KARAOKE-WITH-DJ-NATALIE/10373268/2022-10-28T21
Title: Fri, Oct 28 @9:00pmKaraoke with DJ NatalieLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/HOUSE-OF-TERROR-3-HALLOWEEN-HAUNT-NIGHT/10908375/2022-10-28T00
Title: Fri, Oct 28 House of Terror 3 - Halloween Haunt NightPanama City Beach, FL

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/FAMILY-MOVIE-NIGHT/10743106/2022-10-28T19
Title: Fri, Oct 28 @7:00pmFamily Movie NightMcKenzie Park

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/BILLY-DEAN/10456920/2022-10-28T18
Title: Fri, Oct 28 @6:00pmBilly DeanPapa Joes

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/HYATT-PLACE-PCB-MARTIN-LANE/10900833/2022-10-28T18
Title: Fri, Oct 28 @6:00pmHyatt Place - PCB - Martin LaneHyatt Place Panama City Beach / Beachfront

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/TODD-HERENDEEN-TRIBUTE-TO-THE-LEGENDS-SHOW/10214922/2022-10-29T17
Title: Sat, Oct 29 @5:30pmTodd Herendeen Tribute to the Legends ShowTodd Herendeen Theatre

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/STICKY-TEA/10032512/2022-10-29T18
Title: Sat, Oct 29 @6:00pmSticky TeaPapa Joes

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SUNDAY-POOL-TOURNAMENT/10203554/2022-10-30T16
Title: Sun, Oct 30 @4:00pmSunday Pool TournamentLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/THAI-TASTE-FOOD-TRUCK/10528767/2022-10-30T13
Title: Sun, Oct 30 @1:00pmThai taste food truckLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/GUIDED-NATURE-HIKE/10700248/2022-11-03T10
Title: Thu, Nov 03 @10:00amGuided Nature HikeCamp Helen State Park

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/
Title: See All Events

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/wpgx
Title: Add Your Event

Search URL Search Domain Scan URL

URL: https://www.grittv.com/

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/f4b156ea-c928-f9a6-ba22-df643d46b5e0/f87646e8-978d-4c35-86b4-bd31e4ee10ca.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WPGX
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.franklymedia.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQqtwbNcDzuUp4XOTgacRQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQqtwbNcDzuUp4XOTgacRQ&google_cver=1&C=1

Request Chain 141

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iNOANsys8oSYl5GipXuwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQqtwbNcDzuUp4XOTgacRQ&google_cver=1

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB5muNsOUh3PnK2HMe2Hf0w&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEB5muNsOUh3PnK2HMe2Hf0w%26google_cver%3D1

Request Chain 143

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5ODY0Mjg3MzE5OTMyODEzMA%3D%3D

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPYRl-NYzBsYXQCqzUcvgIE&google_cver=1

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEAt73t1_4LFysDkdeJlzKkk&google_cver=1

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEByJd8XgGpXfi10JRBmAgzQ&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEByJd8XgGpXfi10JRBmAgzQ&google_cver=1&__user_check__=1&sync_id=7c93a60b-54cd-11ed-bf00-19bfd3920306

Request Chain 195

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=7c939721-54cd-11ed-a342-11372f1a0406 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2M5M2E1YTYtNTRjZC0xMWVkLWJmMDAtMTliZmQzOTIwMzA2

Request Chain 196

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1aZVowSEg1RTJ1SHVXSC4xdHdCT0tmeWhVejN4U2tIOH5B

250 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.wpgxfox28.com/ 1 MB
135 KB 180ms
67ms Document
text/html 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f5e44145f943b844b2310c3a19092ace4c7d916fb62c3e28fd4d794906e2e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 298
cache-control: public, max-age=120
cf-cache-status: HIT
cf-ray: 75ff6a306dea9b21-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 01:28:21 GMT
expires: Wed, 26 Oct 2022 01:30:21 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-response-time: 96ms
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 128ms
49ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 20674530
cdn-cachedat: 02/17/2022 20:27:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f624089c65f12185e79925bc5a7fc42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 441a5c346e6138207e493340368ec0b9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75ff6a3178549177-FRA
cdn-requestpullsuccess: True

GET
H2 200 app-880153a8c78c9ac87b50.css
ngw-static.franklyinc.com/assets/10763/ 306 KB
49 KB 160ms
62ms Stylesheet
text/css 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: ZN09E47KWFHS7CAE
age: 866
etag: W/"e58a5be0290fe66e326bf427d75c83fe"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff6a319be59bc4-FRA
x-amz-id-2: BBd16ZTPKDlr9CtGynWw6kT3bcTFyXqMMuGylaaXNEVjMN5U93KV8CZfV42i05rVeH/uCuGiuq4=
expires: Thu, 26 Oct 2023 01:28:22 GMT

GET
H2 200 custom-global-breaking-template.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 6 KB
2 KB 150ms
48ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/custom-global-breaking-template.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 13:40:44 GMT
server: cloudflare
x-amz-request-id: Z0HPMBW377JP3Z36
age: 14
etag: W/"4b357b45b8d5b6f57aefc58b78723684"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff6a31aa54bb67-FRA
x-amz-id-2: 8X3Zjd64HkuCvu/GkZ7lMRTNhMnBNUZBKNByJl9/Rn4uUQW8W4rRLWf3WKBdxdlQE2Si9usHCTc=
expires: Wed, 26 Oct 2022 01:33:22 GMT

GET
H2 200 logo.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 3 KB
1 KB 253ms
151ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 19:27:28 GMT
server: cloudflare
x-amz-request-id: X3PX4D5ZR7RTVAMJ
etag: W/"498e7c8c50bbb38d5b281f7ad6edd08c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff6a31aa56bb67-FRA
x-amz-id-2: oPyaJxC3In4Mile5EJoskAappRAFgt+ePzjMuqlHpEk56L63Qwr1KexC7IefPQU5RMCD6ID3p/E=
expires: Wed, 26 Oct 2022 01:33:22 GMT

GET
H2 403 Derrick.css
ftpcontent6.worldnow.com/wrde/ 0
0 146ms
44ms Stylesheet
text/html 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 wrde_ngw.css
ftpcontent.worldnow.com/professionalservices/clients/wrde/ 5 KB
2 KB 151ms
49ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/clients/wrde/wrde_ngw.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Jul 2020 14:00:46 GMT
server: cloudflare
x-amz-request-id: 20GX1W25DSAXWHVW
age: 59
etag: W/"8d5d25c637f71dec04c5a416682b6a1a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff6a31aa57bb67-FRA
x-amz-id-2: TMe3azvAi0miq/k9lWxz3bydyMFHsmlQQNz3HOXpMVUAwMUE6pfy3n4yoY3fPCA/QA/MUj0qdTg=
expires: Wed, 26 Oct 2022 01:33:22 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 127ms
40ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e55"
vary: Accept-Encoding
x-hw: 1666747702.dop125.fr8.t,1666747702.cds285.fr8.hn,1666747702.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 128ms
50ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 20682779
cdn-cachedat: 11/05/2021 16:36:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bfa40aed2fbee600eecd4f43bc8c0656
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75ff6a3178579177-FRA
cdn-requestpullsuccess: True

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/ 13 KB
5 KB 123ms
43ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/iframeResizer.contentWindow.min.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 5376351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4430
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-349a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ff6a35685b5b68-FRA
expires: Mon, 16 Oct 2023 01:28:22 GMT

GET
H2 200 WNVideo.js Show response
wpgx.images.worldnow.com/interface/js/ 2 KB
1 KB 159ms
56ms Script
application/javascript 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 607fb035cd784740222458bcb31a47cdc7a2031cd8029d7c827d34ca92cc45c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Jan 2020 11:52:00 GMT
server: cloudflare
age: 1162
x-amz-request-id: WRM32EQHN9TJGQ7M
etag: W/"de080488d59236a814a1bdb6ac4fa03e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ff6a31af50bb65-FRA
x-amz-id-2: EvIPVz3OM+4XPtk0e30xA47g+WshAmQakM1X4A9kGMC4d6p5Px4RGnHt0864aVZvQpX1j/uTqn8=
expires: Wed, 26 Oct 2022 05:28:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 191ms
107ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L9W7PFFC9X

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6e1b6ea43a23f536d217359781937fc558a0fa398203e835688cfd2ba334f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76683
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Oct 2022 01:28:22 GMT

GET
H2 200 19479465_G.png
wpgx.images.worldnow.com/images/ 302 B
715 B 53ms
51ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479465_G.png

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 302
cf-resized: internal=ok/h q=0 n=6 c=1 v=2022.9.7 l=302
last-modified: Tue, 09 Jun 2020 17:04:02 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfudRiID9HZPpqAadNHuqGmA:914cc4da7fcd377c33ea25b5d22256d5"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a359bf1bb65-FRA

GET
H2 200 19479460_G.jpeg
wpgx.images.worldnow.com/images/ 11 KB
11 KB 56ms
54ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479460_G.jpeg

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e49738dac457f1c0b1b906c96da239b5b2361e4318a31b401487ac1dd89077

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 11269
cf-resized: internal=ok/h q=0 n=6 c=0+19 v=2022.10.3 l=11269
last-modified: Tue, 09 Jun 2020 17:58:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf7tgFhPuSNiUXYpyHvrpWpw:e94adaf046579cda47b24541deb31cbe"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a35abf3bb65-FRA

GET
H2 200 19479467_G.png
wpgx.images.worldnow.com/images/ 6 KB
6 KB 61ms
59ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479467_G.png

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7584acdcb0fd7e3be17c0558206be07649635809195eb398eb82d656521deb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5742
cf-resized: internal=ok/h q=0 n=15 c=0+8 v=2022.10.3 l=5742
last-modified: Tue, 09 Jun 2020 17:12:34 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfWVhWyVmVBPe5A455fSQTtQ:ede722c2a1893f8f3917828a7cbcd94a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a35abf4bb65-FRA

GET
H2 200 email-decode.min.js Show response
www.wpgxfox28.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 40ms
39ms Script
application/javascript 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Oct 2022 15:26:52 GMT
server: cloudflare
etag: W/"634ec5bc-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 75ff6a321f669b21-FRA
expires: Fri, 28 Oct 2022 01:28:22 GMT

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 155ms
40ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB9) /
Resource Hash: 948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
content-md5: DgH26NwpVpUJ7mY3mCxUbA==
age: 523040
x-cache: HIT
content-length: 919
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 14:25:32 GMT
server: ECAcc (frc/4CB9)
etag: "0x8D7F2927FD84964+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 89709640-201e-0011-2b18-e462b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14

GET
H2 200 app-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 4 MB
1 MB 54ms
54ms Script
application/javascript 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
x-amz-request-id: ZN0AH9V148ARM60W
age: 906
etag: W/"44626e575a5558bfc9f91d067b4272e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff6a325de19bc4-FRA
x-amz-id-2: 5mutprJ2apWxIYPMsIGthMOYzmU1UdRFI3uP4JARhrx6Vb3bDD4msNvwtY00wWhgTCKVFjCh2l4=
expires: Thu, 26 Oct 2023 01:28:22 GMT

GET
H2 200 ccpa.js Show response
ftpcontent.worldnow.com/professionalservices/globalcss/ 1 KB
734 B 173ms
172ms Script
application/javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/ccpa.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 18:52:15 GMT
server: cloudflare
x-amz-request-id: PFJ12YAB8NXH35ZW
etag: W/"0ee412381eea4aba59e8a80ef1b33cb2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 75ff6a329b81bb67-FRA
x-amz-id-2: ZMtp9NFhhwEDUjV2q5UaVt5KVc5gu+nB6JqC1JIbQulmSiw2s6Jh0ddInLuRfqwmA7H1gqYW1Dg=
expires: Wed, 26 Oct 2022 01:33:22 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 134ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ftpcontent.worldnow.com
URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ftpcontent.worldnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 01:14:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 01:28:22 GMT

GET
H2 200 off-platform.min.css
content.worldnow.com/global/css/_pub/ 89 KB
27 KB 148ms
49ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/css/_pub/off-platform.min.css?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM02
server: cloudflare
age: 44411
etag: "0297a4baad2d81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a342bbc9b5d-FRA
content-length: 27881
expires: Wed, 26 Oct 2022 05:28:22 GMT

GET
H2 200 wpgx.config.js Show response
content.worldnow.com/global/js/_pub/ 12 KB
4 KB 197ms
97ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/wpgx.config.js?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 16:12:54 GMT
wn: IISCOM01
server: cloudflare
age: 44411
etag: W/"0c7fc894caad71:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ff6a342bbd9b5d-FRA
expires: Wed, 26 Oct 2022 05:28:22 GMT

GET
H2 200 wnaffiliateconfig.js Show response
wpgx.images.worldnow.com/interface/js/ 39 KB
7 KB 55ms
54ms Script
application/x-javascript 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wpgx.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 784cf734171b1a5c9adb298caeeaf3a4f254e6811a9ee3d52489604e4c8e9222

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 14:36:50 GMT
server: cloudflare
age: 1162
x-amz-request-id: R45SHDFPFSE5APQ8
etag: W/"f9ddd498d435ef391a37dc11d1773590"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ff6a338962bb65-FRA
x-amz-id-2: 1gx+PcEOezSpX+vuwi37lbZFjUyMM9lSRb+KqIvzMAaqVLozlZRopa7931JClmGJrUmXXGMZi5c=
expires: Wed, 26 Oct 2022 05:28:22 GMT

GET
H2 200 off-platform.min.js Show response
content.worldnow.com/global/js/_pub/ 2 MB
472 KB 157ms
58ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM01
server: cloudflare
age: 44411
etag: W/"0297a4baad2d81:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ff6a342bbe9b5d-FRA
expires: Wed, 26 Oct 2022 05:28:22 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 380 KB
127 KB 143ms
59ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129663
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:28:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
53 KB 79ms
50ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50f69414a831e41a952e27a9caae5d6fff93aa91f79fa1cc727fb44c12c393d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53809
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:11:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 01:28:22 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 2iO5YNY.woff2
ngw-static.franklyinc.com/assets/10763/ 75 KB
76 KB 125ms
48ms Font
font/woff2 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/2iO5YNY.woff2
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
cf-cache-status: HIT
x-amz-request-id: 3GXW8ZQ0HCX2HK2S
age: 1854
content-length: 77160
x-amz-id-2: +jVrh9aSLCHmom4KfWNG34zPkvqUfJO6MQpyNb2jId5yBsKNS98v4gk70EuB0w2IMklCfjwYK+M=
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff6a362ee85c98-FRA
expires: Thu, 26 Oct 2023 01:28:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 122ms
37ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 418733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 130ms
46ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 389609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:14:53 GMT

GET
H2 200 3A8MZF4.png
ngw-static.franklyinc.com/assets/10763/ 145 B
355 B 52ms
51ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3A8MZF4.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
cf-cache-status: HIT
x-amz-request-id: 8XZ5YTHRWXKNDSE2
age: 3415
content-length: 145
x-amz-id-2: 76fZ+/j8Agn6OrH87i8JpEb9oinv4f+5qr4frKr7Hk4qZnJUscdNuhi76OuAk47bN9z/4Mc1ff8=
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
etag: "3a5fb08143e931aded1e59fa39c3d8ca"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff6a35bf9d9bc4-FRA
expires: Thu, 26 Oct 2023 01:28:22 GMT

GET
H2 200 3sX1XaI.png
ngw-static.franklyinc.com/assets/10763/ 302 B
471 B 52ms
52ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3sX1XaI.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
cf-cache-status: HIT
x-amz-request-id: R4JDPCZXWVXDBH2J
age: 3415
content-length: 302
x-amz-id-2: fNVydcV3/QiFaSlRIOFLbeuH5UJk70jw/0hixrIXrwv7wj1h2GJd//44h/KA/TCcKlXlBcqD5gU=
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
etag: "21eed4c20a1e748a1637cf53696520c2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff6a35bfa09bc4-FRA
expires: Thu, 26 Oct 2023 01:28:22 GMT

GET
H2 200 4-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 145 B
318 B 53ms
52ms Script
application/javascript 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/4-a708c222c663fd6ca8a3.js
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 50QH734K8WNYMG2S
age: 1957
etag: W/"c0729cee8a75fb948963d73ab873a79b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff6a3689e39bc4-FRA
x-amz-id-2: 594sZ4csYZJPlSdspYN5J1jTUuLMsSqP4U4OSxLnkzYqy7Yxxc8wxRRlR4+RqZ2/tUk+FuFoFTY=
expires: Thu, 26 Oct 2023 01:28:22 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 131ms
45ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4864f6c9223feede324f8751a108b287884d9d4b114af8ab7ecf6f823afcbec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27325
x-xss-protection: 0
server: sffe
etag: "1374 / 102 of 1000 / last-modified: 1666735775"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Oct 2022 01:28:22 GMT

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 47 KB
14 KB 589ms
196ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9921&callback=jsonp1666748535559
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f906f2a90975f9fe4abb542dd9fd4d698c6ff656c66de9626b28d07c44ab0ecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:28:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 01:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 748
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 03:15:54 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 128ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L9W7PFFC9X&gtm=2oeao0&_p=470374839&cid=1269501530.1666747703&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666747702&sct=1&seg=0&dl=https%3A%2F%2Fwww.wpgxfox28.com%2F&dt=WPGX%20-%20Fox28&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L9W7PFFC9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/routes[0].body[1].cols[1].components[0],/ 56 KB
7 KB 1322ms
1322ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/routes[0].body[1].cols[1].components[0],/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05eb9a8ca785b646383a080703947451c7cbcaa2364fcb711cd1acfc3838a9ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-length: 6618
x-xss-protection: 1; mode=block
x-response-time: 1153ms
server: cloudflare
etag: W/"e177-oSrn1onSrWRI/AQWqrIsCz038Q0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff6a386d909b21-FRA
expires: Wed, 26 Oct 2022 01:31:24 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/ 854 B
661 B 58ms
58ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734c0ba074ffcf4bd3e7d10f27abf07bd4ed00b8c9d2c245cf1420df1dbfbad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 299
x-dns-prefetch-control: off
content-length: 465
x-xss-protection: 1; mode=block
x-response-time: 88ms
server: cloudflare
etag: W/"356-pnfte0XxREDP0KJs1SUXDyg/NFM"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff6a387da79b21-FRA
expires: Wed, 26 Oct 2022 01:31:23 GMT

GET
H2 200 19469665_G.jpg
wpgx.images.worldnow.com/images/ 10 KB
10 KB 53ms
50ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19469665_G.jpg?auto=webp&disable=upscale&dpr=2&height=70&fit=bounds

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

180f707c73f1687a2da87466d7497c011fceaec6bca87a884eb9077e1b63465f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 10057
cf-resized: internal=ok/h q=0 n=17 c=2+34 v=2022.10.4 l=10057
last-modified: Fri, 05 Jun 2020 14:05:01 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfQZeLdB42AVWBONlySX7VpQ:ac14a8ca3f744097b2c95d8b4513b4d4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a38cfcdbb65-FRA

GET
H2 200 19479410_G.png
wpgx.images.worldnow.com/images/ 452 KB
453 KB 54ms
52ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479410_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

865d512b0631d33b932cc8a563cb738bcddab918ef1d66057bbbab948e7e33fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 463273
cf-resized: internal=ok/h q=0 n=21 c=161 v=2022.5.3 l=463273
last-modified: Tue, 09 Jun 2020 16:42:17 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf2B3sDozGfvrPwxk9ZvyS0w:7abf5cdf363221b3d278ec7ee87b4195"
vary: Accept, Accept-Encoding
warning: cf-images 299 "Format 'auto' ignored"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a38cfcebb65-FRA

GET
H2 200 23544118_G.jpg
stacker.images.worldnow.com/images/ 5 KB
5 KB 94ms
82ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23544118_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666638602000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 4757
cf-resized: internal=ok/h q=0 n=13 c=3+14 v=2022.10.4 l=4757
last-modified: Mon, 24 Oct 2022 23:10:03 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf0cukACYdowFpMf7eFJKr2w:cbdc4aa9bf6c123a6f765b53e3b21bf4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a38dfe9bb65-FRA

GET
H2 200 23535717_G.png
stacker.images.worldnow.com/images/ 16 KB
16 KB 96ms
83ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23535717_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666366693000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16557
cf-resized: internal=ok/h q=0 n=70 c=36+48 v=2022.10.4 l=16557
last-modified: Fri, 21 Oct 2022 19:38:14 GMT
cf-bgj: imgq:93,h2pri
server: cloudflare
etag: "cfSrOfD8OJYofZplFf9qNJog:93fa08b38e1552714c8aceab6fb55489"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a38dfe8bb65-FRA

GET
H2 200 23521831_G.png
prsubmitpresslifestyle.images.worldnow.com/images/ 5 KB
6 KB 94ms
83ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prsubmitpresslifestyle.images.worldnow.com/images/23521831_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666184022000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a975ed5a70fb131883fd1ec66ed577c5e07b8e2cd14bdc540d4abc7ab879019e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5526
cf-resized: internal=ok/h q=0 n=12 c=11+34 v=2022.10.4 l=5526
last-modified: Wed, 19 Oct 2022 16:53:43 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfon1frnZmrn7l6OAn0CT9bA:168ac186cdf747f0126f0f3cb5ab5c5a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a38dfe6bb65-FRA

GET
H2 200 23544648_G.png
cntsyncont.images.worldnow.com/images/ 17 KB
17 KB 93ms
81ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23544648_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666665299000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 17435
cf-resized: internal=ok/h q=0 n=9 c=6+23 v=2022.10.4 l=17435
last-modified: Tue, 25 Oct 2022 06:35:01 GMT
cf-bgj: imgq:95,h2pri
server: cloudflare
etag: "cfmlSA0QMXQQ-5qNtfkg2BPw:c6d3858b98ebb0ee4ac9425ba2679d78"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a38dfeabb65-FRA

GET
H2 200 23536586_G.jpg
cntsyncont.images.worldnow.com/images/ 5 KB
5 KB 92ms
80ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536586_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398869000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5303
cf-resized: internal=ok/h q=0 n=7 c=5+9 v=2022.10.4 l=5303
last-modified: Sat, 22 Oct 2022 04:34:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf2LFFhWyHgJ5snIxwnE3UbA:7ac48e8abecaa038cf18299156ee229f"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a38dfedbb65-FRA

GET
H2 200 23523184_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
6 KB 93ms
81ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23523184_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666222385000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5835
cf-resized: internal=ok/h q=0 n=7 c=9+17 v=2022.10.4 l=5835
last-modified: Thu, 20 Oct 2022 03:33:06 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ9BPHPHgNrAsWnWX4LWOng:b2c2c149e547d11af91a460af1bf2d50"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a38dfecbb65-FRA

GET
H2 200 19479532_G.jpg
wpgx.images.worldnow.com/images/ 10 KB
10 KB 52ms
51ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479532_G.jpg?auto=webp&disable=upscale&width=300

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 10183
cf-resized: internal=ok/h q=0 n=5 c=21 v=2022.9.7 l=10183
last-modified: Tue, 09 Jun 2020 17:31:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cflewqR2tbqOQFqX-MrlzVdA:e9d429ee90f3d05de4962461e425af56"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a38cfcfbb65-FRA

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 47 KB
14 KB 469ms
196ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9921&callback=jsonp1666747728208
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2f85cca2535f9e30486b6d13f9a6ba587466a9c639d872dd80413b5c5bab1fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:28:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 videojs.ima.1.5.1-3.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 85 KB
17 KB 158ms
158ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/videojs.ima.1.5.1-3.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: B8APE2P4J3GN3W6V
etag: W/"8adaa86214cf79d9c87e21aed1384592"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ff6a38da41bb67-FRA
x-amz-id-2: yURPP3yVglnQA+aS1JkzPnf+TMgzFonMqG7JNB88BJtfcaMfjTQ5iZOQZfuYePSksdLk/EIv5b4=
expires: Wed, 26 Oct 2022 01:33:23 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 854 B
534 B 75ms
74ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32401

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734c0ba074ffcf4bd3e7d10f27abf07bd4ed00b8c9d2c245cf1420df1dbfbad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 299
x-dns-prefetch-control: off
content-length: 465
x-xss-protection: 1; mode=block
x-response-time: 31ms
server: cloudflare
etag: W/"356-pnfte0XxREDP0KJs1SUXDyg/NFM"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff6a38edfb9b21-FRA
expires: Wed, 26 Oct 2022 01:31:23 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 855 B
567 B 71ms
70ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32403

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bc3f3a80e8e41ab016933c5070ef6e94dadc39d0f41abb1e2c0899f3cd93fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 299
x-dns-prefetch-control: off
content-length: 463
x-xss-protection: 1; mode=block
x-response-time: 458ms
server: cloudflare
etag: W/"357-592B3qu4f4LrXER2LWfaA76QP7Q"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff6a38edff9b21-FRA
expires: Wed, 26 Oct 2022 01:31:23 GMT

GET
H2 200 pubads_impl_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 125ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130516
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Oct 2023 14:36:00 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
718 B 132ms
48ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wpgxfox28.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d276300072ba9ba3c91c2af4c51b1035dd957da6f6545a94eaf713b67996b47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:28:23 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Oct 2022 01:43:39 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 149ms
49ms XHR
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-82494642-223&cid=1269501530.1666747703&jid=242945601&gjid=1261511916&_gid=1030010075.1666747703&_u=aChAgUAjAAAAAEACM~&z=1969966175

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 01:28:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 37ms
37ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=470374839&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wpgxfox28.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20-%20WPGX-Fox28%20-%20WPGX%20-%20Fox28&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUAjAAAAAAACM~&jid=242945601&gjid=1261511916&cid=1269501530.1666747703&tid=UA-82494642-223&_gid=1030010075.1666747703&gtm=2wgao0WV2QLD&cg1=Homepage&cg2=null&cg3=null&cg4=wpgx&cd1=Lockwood%20Broadcast%20Group&cd2=GTM-WV2QLD&cd3=59&cd4=&cd5=&cd7=1666747702850&cd8=1666747702850.r7tc5f4&cd9=0&cd10=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&cd11=1417&cd12=wpgx&cd13=150&cd22=Homepage&cd32=ResponsiveWeb&z=1870287742

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 21:04:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15813
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 27_mostlycloudy_night.png
ngw-static.franklyinc.com/assets/static/ 2 KB
3 KB 55ms
55ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/static/27_mostlycloudy_night.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646f822b200d3945414f6d39a6218348f33974446ae17193bfaf2c8e1fd8bb4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
cf-cache-status: HIT
x-amz-request-id: FF888945TZKXGH5X
age: 2123
content-length: 2470
x-amz-id-2: deCDKtnRQjOyHhi62REHNPSTm1XI5b6Zeg/GMJhif5w4lnaYxRVdFZ9eQbq6alcsGGJynhMD06o=
last-modified: Tue, 03 Mar 2020 16:10:12 GMT
server: cloudflare
etag: "c7510f3ec8473a041c7d6030355ac287"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a396e439bc4-FRA
expires: Wed, 26 Oct 2022 05:28:23 GMT

GET
H2 200 can-autoplay.3.0.0-1.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 8 KB
2 KB 147ms
147ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/can-autoplay.3.0.0-1.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: B8AM9CYMRAH9Y9DD
etag: W/"cee92fb89ab4f849569bd1354aeb4618"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ff6a39eb75bb67-FRA
x-amz-id-2: eca6aPQw7rl4nGiE2lh2Pmy+6eNnuCoUXMZmOvj3lME9nVr7De4z5SUsNTHJ/45EZ+xoCt2xGD0=
expires: Wed, 26 Oct 2022 01:33:23 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 130ms
46ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 146ms
46ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 753 B
433 B 1661ms
1585ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2034772372501708&correlator=3668207426471476&eid=31068458%2C31070528&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Cweather&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=88x30&ifi=1&adks=3685865167&sfv=1-0-38&prev_scp=wnsz%3D124&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747703456&lmt=1666747703&dlt=1666747701877&idt=1542&adxs=1065&adys=44&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=88x0&msz=88x0&fws=512&ohw=0&ga_vid=1269501530.1666747703&ga_sid=1666747703&ga_hid=470374839&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f87a793d858b61ef142b90102d40ceb8268ca3c50cc1c4d9f7b93a135c97b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 1454ms
1378ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2034772372501708&correlator=3668207426471476&eid=31068458%2C31070528&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90&ifi=2&adks=3379187505&sfv=1-0-38&prev_scp=wnsz%3D41&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747703462&lmt=1666747703&dlt=1666747701877&idt=1542&adxs=84&adys=176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=1432x0&msz=1432x0&fws=0&ohw=0&ga_vid=1269501530.1666747703&ga_sid=1666747703&ga_hid=470374839&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ddabeb976913897ca54d1d652b79a4cfb338271bdc878f983a34c186b53304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8213
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 74 KB
35 KB 986ms
911ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2034772372501708&correlator=3668207426471476&eid=31068458%2C31070528&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=3&adks=3909097108&sfv=1-0-38&prev_scp=wnsz%3D246&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747703465&lmt=1666747703&dlt=1666747701877&idt=1542&adxs=84&adys=876&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=1072x20&msz=1072x0&fws=0&ohw=0&ga_vid=1269501530.1666747703&ga_sid=1666747703&ga_hid=470374839&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89b38a38aee6bf48518eca26a560a3a1000771e9ce179de042a14a89d7bbdd59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35461
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 189 KB
63 KB 464ms
388ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2034772372501708&correlator=3668207426471476&eid=31068458%2C31070528&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=4&adks=1302924173&sfv=1-0-38&prev_scp=wnsz%3D43&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747703467&lmt=1666747703&dlt=1666747701877&idt=1542&adxs=1164&adys=330&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=352x0&msz=352x0&fws=0&ohw=0&ga_vid=1269501530.1666747703&ga_sid=1666747703&ga_hid=470374839&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fb3d0760ea5f33c6a28d618ec802eaf11d3c6b298e284ba7403af714c7dd93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64240
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
12 KB 785ms
710ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2034772372501708&correlator=3668207426471476&eid=31068458%2C31070528&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600%7C300x250&ifi=5&adks=578825613&sfv=1-0-38&prev_scp=wnsz%3D52&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747703472&lmt=1666747703&dlt=1666747701877&idt=1542&adxs=1164&adys=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=352x0&msz=352x0&fws=0&ohw=0&ga_vid=1269501530.1666747703&ga_sid=1666747703&ga_hid=470374839&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32c7bc6c64cc35226f8795cce64608dde0e4f89dfbfd66d8cdbbc1fa89eee9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12359
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
13 KB 1266ms
1191ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2034772372501708&correlator=3668207426471476&eid=31068458%2C31070528&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=6&adks=2761786973&sfv=1-0-38&prev_scp=wnsz%3D346&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747703476&lmt=1666747703&dlt=1666747701877&idt=1542&adxs=84&adys=2176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=1072x0&msz=1072x0&fws=0&ohw=0&ga_vid=1269501530.1666747703&ga_sid=1666747703&ga_hid=470374839&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

138428f0385e5f3f6483788b618f6f915b622f5a2b1b17689cbdce674d9b9238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13102
x-xss-protection: 0
google-lineitem-id: 6084843041
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138401092306
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 023D 6 KB
4 KB 155ms
45ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:28:23 GMT
expires: Thu, 26 Oct 2023 01:28:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 one.js Show response
csp.azureedge.net/cdn/OneCol/ 138 KB
61 KB 146ms
39ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 22:43:11 GMT
server: Microsoft-IIS/10.0
etag: "1d8a39c948c0162"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 61870

GET
H2 200 19733943_G.jpg
wpgx.images.worldnow.com/images/ 7 KB
8 KB 59ms
57ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19733943_G.jpg?auto=webp&disable=upscale&width=180

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d99171489f4050fea6a4c2440c9d0337f8ae8b2bedb7116587687621d85d7261

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7429
cf-resized: internal=ok/h q=0 n=8 c=0+7 v=2022.10.4 l=7429
last-modified: Fri, 17 Jul 2020 13:21:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfmYfVqSzcBOhU94WJ1kJq2Q:c686b109d4ccfcc5ff29e506b8c7be00"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a3b0bc8bb65-FRA

GET
H2 200 23538527_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 58ms
56ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23538527_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666492378000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7925
cf-resized: internal=ok/r q=0 n=49 c=4+16 v=2022.10.4 l=7925
last-modified: Sun, 23 Oct 2022 06:32:59 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ_UGDutcYHj9sD2OctrBFQ:3735f9c74f0aa70c7cc6eecd73299060"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a3b0bc9bb65-FRA

GET
H2 200 23536579_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 59ms
58ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536579_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398803000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8261
cf-resized: internal=ok/h q=0 n=7 c=17+16 v=2022.10.4 l=8261
last-modified: Sat, 22 Oct 2022 04:33:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf1ABno7LG6Qr_JeP26kPOFw:7a1752c7bd1d57fe09ae93db6b958529"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a3b0bcabb65-FRA

GET
H2 200 23522285_G.png
stacker.images.worldnow.com/images/ 16 KB
17 KB 56ms
54ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23522285_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666195627000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16690
cf-resized: internal=ok/h q=0 n=27 c=7+42 v=2022.10.4 l=16690
last-modified: Wed, 19 Oct 2022 20:07:09 GMT
cf-bgj: imgq:92,h2pri
server: cloudflare
etag: "cfqnnKfSXPbaZ3ZNp7zJULGA:10c7a9722e59986b3c276aaf52070a55"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a3b0bcbbb65-FRA

GET
H2 200 23538179_G.png
prsubmitpresslifestyle.images.worldnow.com/images/ 3 KB
3 KB 63ms
61ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prsubmitpresslifestyle.images.worldnow.com/images/23538179_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666483844000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbbfef54b7356d5976be2578760874b170b4fcbed606288da533c60e173e2e2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2982
cf-resized: internal=ok/h q=0 n=5 c=0+5 v=2022.10.4 l=2982
last-modified: Sun, 23 Oct 2022 04:10:45 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf4R9LQ5AS8QKZciMw8KCd5g:debdd5a5a82a34479fa2e0bc61fa293a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a3b0bcdbb65-FRA

GET
H2 200 23542395_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
7 KB 57ms
56ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23542395_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666607710000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6643
cf-resized: internal=ok/h q=0 n=14 c=8+33 v=2022.10.4 l=6643
last-modified: Mon, 24 Oct 2022 14:35:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfEknHVv2yFvHvZ81xMXuaHg:81c46f16217054073f3a98e771975693"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a3b0bcebb65-FRA

GET
H2 200 23499493_G.jpg
cntsyncont.images.worldnow.com/images/ 9 KB
9 KB 53ms
52ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23499493_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665797531000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9362
cf-resized: internal=ok/h q=1 n=12 c=8+14 v=2022.10.4 l=9362
last-modified: Sat, 15 Oct 2022 05:32:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfprW84uaruG_N6C6EyJ11_A:cdaf8cf9639796b81112c0342c38b503"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a3b0bd0bb65-FRA

GET
H2 200 23498073_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 53ms
52ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23498073_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665747135000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7340
cf-resized: internal=ok/h q=0 n=32 c=17+22 v=2022.10.4 l=7340
last-modified: Fri, 14 Oct 2022 15:32:17 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfSoNXPw48_6-id_E4wAAVAg:1e1f8085f5e6f7827db91f1eaa0453f2"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a3b0bd1bb65-FRA

GET
H2 200 23485935_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 56ms
55ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23485935_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665624698000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8024
cf-resized: internal=ok/r q=0 n=17 c=19+22 v=2022.10.3 l=8024
last-modified: Thu, 13 Oct 2022 05:31:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfkJbhmwlGYa8rFfywoAQS3A:d4a1bf597d0d1fc965c42753151f335c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a3b0bd3bb65-FRA

GET
H3 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 2 KB
938 B 84ms
43ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1721497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ff6a3bfe33bbd1-FRA
expires: Mon, 16 Oct 2023 01:28:23 GMT

GET
H2 200 23477333_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 50ms
49ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23477333_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665509457000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6885
cf-resized: internal=ok/h q=0 n=31 c=9+13 v=2022.10.3 l=6885
last-modified: Tue, 11 Oct 2022 21:30:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfsBOyQENXpj7YsNb7nr2T6Q:055cf492e00f3b5a5ef8e21cee83618d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a3bdd64bb65-FRA

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 124ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 01:16:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 01:28:23 GMT

GET
H/1.1 200
OK 5AZPjXSH6UyWjNutGcgQhg.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 223 KB
223 KB 814ms
206ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/5AZPjXSH6UyWjNutGcgQhg.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9ddf568f70123e07d50cb4bb2fd5f687c105e6cb814a8914cfbdfd736ab73f12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:23 GMT
Last-Modified: Sat, 08 Oct 2022 20:08:41 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: bqZ62cqYakeDMvgOH+fGqA==
ETag: 0x8DAA968E55EA2AD
Content-Type: application/octet-stream
x-ms-request-id: a8adddc3-c01e-0056-6fda-e8cc5e000000
x-ms-version: 2009-09-19
Content-Length: 228281

GET
H/1.1 200
OK Hotn_cDH4E22YaA4Rj5Yfw.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 312 KB
312 KB 827ms
219ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/Hotn_cDH4E22YaA4Rj5Yfw.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9269e1d00da11f333cedf8d2a21a22c6475e377ae0bb2f03d99b94a2e1cded2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:23 GMT
Last-Modified: Mon, 05 Sep 2022 22:27:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: uMduQJ8tYHVhkT9z6oo62A==
ETag: 0x8DA8F8DD6BA05C5
Content-Type: application/octet-stream
x-ms-request-id: defa64ac-f01e-0072-39da-e83afe000000
x-ms-version: 2009-09-19
Content-Length: 319428

GET
H/1.1 200
OK 073a29d5-8362-43ec-99db-4e3f1dbdfcfb.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 35 KB
36 KB 813ms
204ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/073a29d5-8362-43ec-99db-4e3f1dbdfcfb.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5f138d62a5d56b269b25d58da8041bd70b9765cdd99e9c2bbb6f705b2e7790f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:23 GMT
Last-Modified: Tue, 06 Nov 2018 02:30:44 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 84JTfhWHhcsCmgXfxpOFMA==
ETag: 0x8D6438FDAA95A59
Content-Type: application/octet-stream
x-ms-request-id: eb971d4d-701e-000e-4fda-e81401000000
x-ms-version: 2009-09-19
Content-Length: 36192

GET
H/1.1 200
OK d184b3a3-2a3e-49fd-af9d-6db083e5f410.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 65 KB
65 KB 978ms
190ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/d184b3a3-2a3e-49fd-af9d-6db083e5f410.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4156f57c3080b420ebef3ed8d5919f91359e998ee9a1aeadce9aa5f3f53a5d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Sun, 22 Mar 2015 07:11:54 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ymM9dXB/2ls4uWGdleukDw==
ETag: 0x8D232869C670564
Content-Type: image/png
x-ms-request-id: 3670439c-201e-005e-31da-e8d651000000
x-ms-version: 2009-09-19
Content-Length: 66309

GET
H/1.1 200
OK 1efa76c5-14c5-401b-95ee-47289b0c66b6.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 26 KB
27 KB 1244ms
272ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1efa76c5-14c5-401b-95ee-47289b0c66b6.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: aa07d80aec8be3bb2ab5e5872b20e5cb3d480c890e05546c57d2d48042977d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Tue, 09 Dec 2014 04:15:39 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: atyYYxf/sQyR2QVl65rvUg==
ETag: 0x8D1E17DEC7DC56F
Content-Type: image/png
x-ms-request-id: 28713aa7-901e-0006-55da-e80e0e000000
x-ms-version: 2009-09-19
Content-Length: 27011

GET
H/1.1 200
OK ef6bb37e-4ae8-4cf5-a1c6-0c22f722a472.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 30 KB
31 KB 1167ms
191ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ef6bb37e-4ae8-4cf5-a1c6-0c22f722a472.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7c31a7b0990af81a279b26ca80b9c39f73e1ade39f7fd9117950b1d558e52e2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Fri, 03 Apr 2015 05:38:58 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: rtZXUYNiaxrCEFeBW1DXWw==
ETag: 0x8D23BE79DFFD983
Content-Type: image/png
x-ms-request-id: 34c52041-101e-006a-5cda-e8e599000000
x-ms-version: 2009-09-19
Content-Length: 31188

GET
H/1.1 200
OK 03a52b11-7bc8-4e56-8e11-db9f8b53297a.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 19 KB
19 KB 776ms
190ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/03a52b11-7bc8-4e56-8e11-db9f8b53297a.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c2c16cae7de7a79ac3a5404b76dabb5ba25708562ce7767a6113f08d17c70f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Tue, 23 Oct 2018 05:43:35 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: EJR7a59P0jco4ERkSEgdEw==
ETag: 0x8D638AA79B3BF4A
Content-Type: application/octet-stream
x-ms-request-id: 3670434d-201e-005e-67da-e8d651000000
x-ms-version: 2009-09-19
Content-Length: 19350

GET
H/1.1 200
OK bY236gUZxkmixor8zhKIug.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 30 KB
31 KB 781ms
190ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/bY236gUZxkmixor8zhKIug.medium.jpg
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0adda642d06c3b2804a96604c9edef761749138422b773baddb31afbe7ce4d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Tue, 11 Oct 2022 19:05:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: kpESG9ebQVObO2u0Y7MUmw==
ETag: 0x8DAABBB95B3E256
Content-Type: application/octet-stream
x-ms-request-id: 34c51fc5-101e-006a-6bda-e8e599000000
x-ms-version: 2009-09-19
Content-Length: 31089

GET
H/1.1 200
OK 1Yja2ooc4UOhjTq7uHSEJw.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 50 KB
51 KB 776ms
191ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1Yja2ooc4UOhjTq7uHSEJw.medium.jpg
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 48918968dd9a4892fb71a9f6fd0d25826f727dd379406cf755174e30cd13d81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Sun, 23 Oct 2022 14:34:55 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 88U7r0K6ACnM72rQGiax3g==
ETag: 0x8DAB503C0E94A08
Content-Type: application/octet-stream
x-ms-request-id: 28713a14-901e-0006-4ada-e80e0e000000
x-ms-version: 2009-09-19
Content-Length: 51568

GET
H/1.1 200
OK NA8dTSpbhEOJ1JkszAKXnw.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 44 KB
45 KB 198ms
193ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/NA8dTSpbhEOJ1JkszAKXnw.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d860e91242b6b2dbc46a04b545ddbcc4a53a01d7343dcb9d011bf8853a441a7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Thu, 22 Sep 2022 07:21:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: uJsFjNZRq5/pUE4wNsKSfw==
ETag: 0x8DA9C6B12B39EC1
Content-Type: application/octet-stream
x-ms-request-id: eb971e7c-701e-000e-6bda-e81401000000
x-ms-version: 2009-09-19
Content-Length: 45522

GET
H/1.1 200
OK ih1GJz8UgUi0jufwdOZG8g.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 30 KB
31 KB 191ms
191ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ih1GJz8UgUi0jufwdOZG8g.medium.jpg
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 195ed5974f767542dd0cf8aa95bd476000c8a9d93134084f9f36006f5691fde7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Sat, 18 Jun 2022 15:19:58 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: mieyrJe51qqCsbXqDLCsDA==
ETag: 0x8DA513E01ABADA1
Content-Type: application/octet-stream
x-ms-request-id: 36704436-201e-005e-45da-e8d651000000
x-ms-version: 2009-09-19
Content-Length: 31184

GET
H/1.1 200
OK wYd4pZ24ckiuTH1H7sS7_g.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 122 KB
122 KB 193ms
193ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/wYd4pZ24ckiuTH1H7sS7_g.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cdbfc79eb2d21f053b4ddf353cc46aecb68a876785c2cc63326bd204e9f6c982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Thu, 22 Sep 2022 07:21:34 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: raOKVWyqJDiNcoJmQg/Hzg==
ETag: 0x8DA9C6B14B4C92C
Content-Type: application/octet-stream
x-ms-request-id: 34c52090-101e-006a-24da-e8e599000000
x-ms-version: 2009-09-19
Content-Length: 124652

GET
H/1.1 200
OK 2pnBOQJvBEe2oB55pRCyRA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 40 KB
41 KB 193ms
193ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/2pnBOQJvBEe2oB55pRCyRA.medium.jpg
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 199e5795b09dda994fd37e7c1c711a4385628fceb25dfbaebc19d0d587e80040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Wed, 20 Apr 2022 09:16:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: XhZAjb7ZUf6bKcguKdbK7Q==
ETag: 0x8DA22AE730EED66
Content-Type: application/octet-stream
x-ms-request-id: eb971f0b-701e-000e-72da-e81401000000
x-ms-version: 2009-09-19
Content-Length: 41447

GET
H/1.1 200
OK 7567e009-f61f-4e1c-8c34-242486fea66f.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 41 KB
41 KB 191ms
191ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/7567e009-f61f-4e1c-8c34-242486fea66f.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 98818d35d4c98fa17afc5b59d080fefa902ea8c8ca10601591eca13b65f6c2d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Thu, 06 Sep 2018 10:40:29 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: To0fuhJLweIrSpXMhl/zoQ==
ETag: 0x8D613E52A15A6F8
Content-Type: image/png
x-ms-request-id: 28713b22-901e-0006-48da-e80e0e000000
x-ms-version: 2009-09-19
Content-Length: 41756

GET
H/1.1 200
OK a3723c61-266e-4cf4-9883-4fa777a6455d.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 32 KB
32 KB 191ms
190ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/a3723c61-266e-4cf4-9883-4fa777a6455d.medium.PNG
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6a644bae263fe0b6f0db2237db0dd4341f43b107e3ea4b99d1f0b1f615267cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:28:24 GMT
Last-Modified: Sat, 01 Dec 2018 06:53:40 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ZdupdJtvRt7oZncVZtHUYQ==
ETag: 0x8D65759BA579F00
Content-Type: image/png
x-ms-request-id: 367044a6-201e-005e-2dda-e8d651000000
x-ms-version: 2009-09-19
Content-Length: 32468

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 124ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 123ms
47ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 394ms
394ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2034772372501708&correlator=4131533200588784&eid=31068458%2C31070528&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cnat-external%2Ceviesays%2Cfrankly%2Cwpgx&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=7&adks=589688313&sfv=1-0-38&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747703748&lmt=1666747703&dlt=1666747701877&idt=1542&adxs=1190&adys=823&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=1269501530.1666747703&ga_sid=1666747703&ga_hid=470374839&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24d021dba6eb9dd539de12069c42238c96535a681f9d7fc62fec5e0a10c893f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8161
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 113ms
38ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 110269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:50:34 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210071758000/ Frame 08E3 221 KB
61 KB 166ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 10:05:17 GMT
age: 141787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61557
x-xss-protection: 0
server: sffe
etag: "6f919b986f193e5c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 10:05:17 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 08E3 14 KB
5 KB 230ms
102ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 116342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "79c6a9d24c248711"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 08E3 94 KB
28 KB 244ms
116ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 116342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28805
x-xss-protection: 0
server: sffe
etag: "61ef65d2d2d03d2c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 08E3 72 KB
16 KB 256ms
128ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8d155725fe88d694620d079e6e05f63984d946ce379b51e4479b484e3081059

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 10:26:23 GMT
age: 140521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16673
x-xss-protection: 0
server: sffe
etag: "ff7b504924452205"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 10:26:23 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 08E3 5 KB
2 KB 234ms
106ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 22:59:37 GMT
age: 8927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "cd31ad97eaf70e3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Oct 2023 22:59:37 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 08E3 40 KB
13 KB 237ms
109ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 116342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "81bd7ae64421add4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
DATA 200
OK truncated
/ Frame 08E3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 122300354c22712f0200bdf16f73af2490bf28e23bce0b82521160c8373fd262

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 08E3 2 KB
3 KB 127ms
40ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 56911
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 26 Oct 2022 09:39:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 08E3 295 B
399 B 127ms
41ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:39:44 GMT
x-content-type-options: nosniff
server: cafe
age: 56920
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 26 Oct 2022 09:39:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 08E3 0
0 134ms
48ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaREjK93hKQwE_a9nLmqFLHM_S4nxSnrMJI3Rmc1hXG0uwkr8wzcJW5jzyMmeWpmc-rRA87M8x_iEO7Beyo04qaYFMHGMw
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 08E3 0
0 87ms
87ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CR5ekN41YY6-gJc6s9u8Pr7WIoAqe0K3_bM-wkeCvENHzzMX0LxABILqI-yVglbqtgrQHoAGDhaq0KMgBCakCteyflY-3sD7gAgCoAwHIAwiqBPcBT9BSoh0ZEXF-NQfWgheDTCHsEIcZ786otqePi-NgVgjCXEWsQEXieqE7bXDRP53EvnL3RT3w84vyqOy4BztySHYqks4yyOVzbM89Ci3Hu-IfgwMrGnTp37okq70UdHR62jCaerRFEEUTSSKpjoISyXlVoFtDozRQ_OpkJcGW-mIYbDvZUy7YFeY__5S7q2wW1bocR3-awqnif0J-HA9lPnCLkk6IuaJxvVnyyAmbHsSxOWtGtd_kYdZBvbnwuVNYWBnA2_G6Wjv-stXmbS6a1YwRn6KnY3jXX-bwGNRxh3C9DmPiMO_pRv3VDUOaC6qLEuXfPWtmuMAEvoe-vZ4E4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4O9-pMDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQkqMg0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAzgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTYwNDIzNzM5NTEyMzc1MDIYr_oW&sigh=fXul0wdrW-8&uach_m=[UACH]&template_id=419
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 08E3 43 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05005b26212e41e691f2d58ec6123c168a8e7806d52644c9b24df26a38a12ecf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 container.html Show response
3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F714 6 KB
3 KB 114ms
38ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:28:23 GMT
expires: Thu, 26 Oct 2023 01:28:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210071758000/ Frame 5F19 221 KB
60 KB 116ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 10:05:17 GMT
age: 141787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61557
x-xss-protection: 0
server: sffe
etag: "6f919b986f193e5c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 10:05:17 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 5F19 14 KB
5 KB 177ms
99ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 116342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "79c6a9d24c248711"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 5F19 94 KB
28 KB 181ms
103ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 116342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28805
x-xss-protection: 0
server: sffe
etag: "61ef65d2d2d03d2c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 5F19 5 KB
2 KB 175ms
98ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 22:59:37 GMT
age: 8927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "cd31ad97eaf70e3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Oct 2023 22:59:37 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 5F19 40 KB
13 KB 168ms
91ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 116342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "81bd7ae64421add4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5F19 8 KB
895 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:55:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 01:28:24 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5F19 2 KB
2 KB 126ms
45ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 56911
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 26 Oct 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5F19 295 B
319 B 124ms
43ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:39:44 GMT
x-content-type-options: nosniff
server: cafe
age: 56920
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 26 Oct 2022 09:39:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5F19 0
0 130ms
49ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtEaIlOD30fU3kRGDyCWfYv_Rc1R_aqApCWjsqqoAqsJUIzj3jyKUITDFaDHNDoiuntkLr8GpprvL2hsJuM4JGDyIB6w
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5F19 0
0 90ms
90ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuO0aN41YY43nNuG5lQeqnInABIPWmoxtvIvKkZAO97e-z4gKEAEguoj7JWCVuq2CtAegAeaN08ECyAEJqQK17J-Vj7ewPuACAKgDAcgDCqoE-QFP0BZzlnuoXTZKl3mYoQQhdlPbLwbJEmVRo4NXNDwDyTne0IjsvYYiF10Kzwuu8lIJx83WbqaOPkbkMDrLf2zr0862HgpFER4Lv7_IOcfIdcimVp3gz9Zt-OYDeJuAKs22iq6mloAfImFFPgtzs_DtMUg8lr-fKOlkPwp1WqIE7Sj32PtKEd-WPsZqeOgYJDfb8kii-00IkXd3wZ0EJXR2FKN_QzPK_L2gNwgz5cuAsbYZAOYW_0D___GO2Osnx8eVfSN4UL07yrwHZFMUbFABuNu9Ub3VvcpyUUdQVrbtN-3quOwPO7SdqPnp6Zf_Qco391w5h6Oq34_ABPDMse_vA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeC8qy-AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOXwL9IIEgiI4YAQEAEYHTIDqoIBOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM4AKA8gLAdgTDIgUBNAVAYAXAbIXHgocCAASFHB1Yi02MDQyMzczOTUxMjM3NTAyGK_6Fg&sigh=ResrIvwkQhY&uach_m=[UACH]&template_id=5000
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 08E3 2 KB
2 KB 134ms
62ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 56911
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 26 Oct 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 08E3 295 B
319 B 133ms
62ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:39:44 GMT
x-content-type-options: nosniff
server: cafe
age: 56920
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 26 Oct 2022 09:39:44 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12262642031620606190/ Frame 5F19 16 KB
16 KB 118ms
47ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12262642031620606190/downsize_200k_v1?w=400&h=209

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a6f9ba1d825fcb7d2c094b4af70e130befe3928107f7843a99ed637616f5a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:25:01 GMT
x-content-type-options: nosniff
age: 75803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16742
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 11:24:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 04:25:01 GMT

GET
DATA 200
OK truncated
/ Frame 5F19 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5F19 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5F19 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbd1f06ab933d73d6dd182a9b80fcd0962ee2878eaa5a3340b1684c07e7449ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3EE9 624 B
838 B 138ms
48ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXmGRCTqoQCGJa1jNcBMAE&v=APEucNUFpipPvXRJkxxb97W9t1eq30ECsMry-2z1z47BxkEyTh7ppgnT8r-OTVyx5Nhqe1TjCBda2cYKhKUPfqbndJdjQ3TmAs8ZZeJVVcPm4rEZWaCVnkJSsX-G7KnyW62_4AYCmfENBr42Vo26wkSuhSyEqwYVZz00otjacs5eLSqj-ZB93wo

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:28:24 GMT
expires: Wed, 26 Oct 2022 01:28:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F714 80 KB
34 KB 201ms
112ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2ALGSIFnu1XPF8_z4igBqybfHd5XS8_0_M_165hBgS-dL-A6NzKPR_zT6jkfJ6Z7UFqpB47a059HE9RSE-G1EhMZZwQ&cry=1&dbm_d=AKAmf-CFEtqS0BRidZN3cZnNkHbKLLKZELye4UHzr50fplTm90gAon15KaYxAv-UH8pq0kG0nB2pzQof-XGycIXQfOfxGbxtI-lVnARN7sbMbdHVNNye7agKGr0yWl-t-JrAKu5N01e1mOdP1mwZTmtVnKLzUT9Zabny1fTU2VZQ2YqLMq91gtSolu6fVUvkTZJwbuM9mtTgqfbAlhGaX9gC63zGYZPhhSp9-I8kHO6v8CEzEvdyLbjqk6E-LHAHtljxzOagCc-QwNNXOYnoVLHcZDFBRuMJZRUwtl796Y7FBXgUOli8o_U7YFr1paES9hlyEwCIGq-HFxddoBMZqbXqTh2Viem8723ahl6XYLd6gBuutEtfZ2_V2zF6_8XzpyWVLYvUXQtqgpH4dwWo-4rETnmVqTIsOfXmnbMVXgd160le-Z5Wk_vKobYdqdrMY7IEIVx3y-e9b07QfqcJYgnuP9AKstCcs-9nwb3VyA4sxMWjEQiGmVMswk8XJYl6pBluhmT4JuCY3zA6WSH5wQm1PphYmo6C7ZcTy5tY_Xt74uWs6Wc06wx3XEmoun_FXevq5NnDibo1H5A8TJSV8ygcbIgd7aqUbRAm7P6qTFkLMjYuyBWwRii-VWJ2c3cS7qmgriaRnHnKETfFMMSGbjPbz0dkPrUw7qWh0vrdmahL6FucBZ1CoNxZZmc3050NIpwrQw_NoSjEC4SITt5dZtDsMBtZp7FLNPSQZ9QTOpoiu3ENSfy22s0s4TTgyaURQ6xK_-Py9blQJFkYav9Thcsw6IZK-yv8A14zQajaJQQiW0Ox23Mk3lAGVic5tMltz-kSIn_rVDTvPChO4fgppapcbLJazuYzM9KZiZSXkq7hwxkfFQh9ygarJdqv90r6I3WXrxgZaxHeA-ennF_i41EUIRsEjl8OQP14oaR7Kry_9O-aAdlBmInAImQJCMGSnuDV1NEuIUCR05TI52M56BqiMBGT1_jh3RTOYk_Zw2_4JeGvt9-WN4YV3D89kObcrwJCo_4DhesN3mtDbvxem40oVAHIp6BRemTfCF-FcATSPNEqWlNU8jucNc8zmdqia_P_E1wBPNTWtBW4AlBnkOl1r9pmswPJ-_7rNLe1yGokFoogXRyNV0ZiR5unDvhG0iCLbXailqfPgeXFnb4aH_1N3zlN41hMWQqWzZWiWvYFpvYWsBzT4-GEsgBzlMKmDst8ORg10pe7dkzySrdraohm3v8K8hsd27Kzd7THfpZea2n-rNRMEoQwILaHf9ymOuxBEA7ETBokljqeKVbVQhRHa7LRmnSl0u7W_r6On8Do90aP4fse-YVarmHv2cklgM-jch0uOHMm6Bs328_xKf79UBbPi4COER8YYRsdo-AjRKnqpJ2dBS-bhuDEcmcvad8iNQDKw87G6WSGD40yR70FYjKcU-joye4gn45BSEaHl8QD42AeZamXxwK5fLQ2YzawWN6w_F0gXU71HoT5fCrQR1YldQNg6Q-TIsKHKl3-JYjQ3_U0-2GXNBh2GPzKWITcDKVpaRyhUh_jJe0-V79In-CFucfNkXYcVi4H-eyRxReJcSOhp_o8xHMpV7RmHopN5-CYCsaiduyFm728w1SxEvd6yxn5ouwkyzqoVzR-aBIUaokl6wl6OzoMWsp1dClDQ0sAvhHNBRiJLo3AuXuor5lDgwN9aZ2piFRovwzh7IhVwwZnWMMtyqTqF1NEVxRC5UEMw7CO7-0hgSNH2h5vg0PTzEO0fXi_zCtiQH0VXPCl3fWSFuk50aifaIcGUK4gVpX_Ea9eh7F-PJK0pbkTCY9aoDKZrQtUJitNakgaFg9_NTwHT9hB-NCyASUnJSPzN7tfrxqO8NxzB24WO-YoNDehv5CHA2OZ99MObsO3GwZZNF27gAaMTf-F2ot5JTO7JfUsLFYRMMAeTf6zMv7H4eAza3OOjjbyMUNz9IZElBnsXcxXnUClPSENiaj0UQ6JSJkPmThbv5n8lX9_XYxNbEQKUuc8qCT_w0B_MVXoGvRd7QR2XzNfs5-UKLJgVUMXaM3Ssro4C5-Xf3q611LX6TvZ1rjoMevyuLuEz7KEc04YdaaBbJb4HQBhyaXZWsxnvNSYI4bX7Ji9vHIpSp7-yLZLnLRP7O0AulXJg8XQF4h68KH9U5xMymkGXWD5QY1Nd3dblyWXqJs9WuH_FT7LTy9WDTsym85TH7G-KQONUVnfwJoF-H3PRmoBbxudueONGMC00rRAVnbDj5HdqRTYe4B2aheiiFVDtrAkRV0xqtBrKpeLr6zTLe-ueE2yezBIyBz-nUp0WLqFrhqiFn57A3mlv1iZymidfn0QMFuEX8sBRguBuLv37gaj6-_61CCm3l1whJ0exyPXWmpTRTXPXV5KQSP9rT6CYguB4wADvL5qIvSrpVOr2Jm8Kp9eTXMr83E4Ey3vrm3DSaUiIbZ5rfQVq19Ey93_sWpbgPzoVTXubIKou-a53ZLiO8bVwvp9_Y-xMH2XHVP6yGihl_hj5kRyhkAGpsY3c2B6U6AMvlStoonyutN__-lSgSQ4RQ8s46Ky90o2lu1Zi1RzHBEt36OFwYBOCgvhRtJtLXKuOSaPJ7KXh0gpVatZ3W7VQ97iSmN13CnTCRByApR7bj96_baEBy468J7-1SzjSqewWspWjayfncK3ke_Oe2hOwnrSqwEaJDEoYrEubMpMC7_IzBtHS94eHT3bGoul3qH9GT6nc5ATqx7unVcerh1k70YwJVD2tiaQMiWIVHLOeXyVGYx63ckL8yUbrn8bWK-t8LeLD64Vi85InLYmmyi5xQFmRJ0UyIgeWGYx8NoFVcx3mLZoVNkq1FTSQu9hgEixPKz7U-uXVl5AUs_O9oZp_IY-8FbjRPzfuIxBZAlVvKz1-MdfpkRta6Vg3kwSOVb1WLDIZCXiEtV9LmA8M5u5RI1cwzl6hm-QWc_2o5iiC2ygw6szV7VV7Ppkhg7kLEjKrQ4bkZgv22LD7LMGGuvg-Uq186Ihm00b3JDMMwgWRcA6Axu-U0VcmfWdiyvlqYtYKJQLNoLtuJmx8ZgOQLesFN9t7-XE2pJClmGNFOdkJLjf1W1DiPUaY-PRxmCUIaw1DQiiwaqBJkXgqFLVoMIf2ziPnHGE4_xfVHy2uYbHxWy7e8og2wn9-F6bITYVkM5BO6ihLRc6hllWK7EmNtKMRyxPq8S80URk4zJUC2aGm9ZFl84ItLVTPBo1xYp8s2p2P3b_fmJ5KCXCtl_2FvHbxbdz7vo-O17rIdiucsnc9WjO2dy7mSpXCtjE7EiQXvbWbWZIGUnLJK4&cid=CAASJ-Ro7keFjN6b2vjuINRHv_yhHg4s5bFYA6ujobgWYEyh-lzC2AphLA&rfl=1%2Chttps%253A%252F%252Fwww.wpgxfox28.com%252F%240

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789873a67a7546a54d84da02ff5d90b953a958287a07aa34bb501d0ac0c0545f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F714 42 B
494 B 163ms
72ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DeWRAUAbEH9qwypqH-vqeDxfCNXlNtx5JavEwpcq9dTh6Hl1CTjQbi0WpPZOpa_5XNr5SI2KKPjvAt2Pe38lLsvjejvSRMnUYPQ5bNgi5AsKjiffM

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame F714 3 KB
1 KB 89ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 20:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 20:16:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame F714 17 KB
7 KB 89ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:21:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F714 0
0 100ms
48ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSiQQZ0Rm5JXw6FbOKOSuwLIR3IlejID5VFeiHOcAGFL-XwXzdVcNuIoCOgdB5L8HutEOCc8CTUzMUAyvi4lPcyMaI0Fw
Requested by: Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F714 152 KB
46 KB 140ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:28:24 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5F19 28 KB
28 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 578620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 08:44:44 GMT

GET
H2 200 1HxTVSN.png
ngw-static.franklyinc.com/assets/10763/ 262 B
475 B 55ms
54ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/1HxTVSN.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
cf-cache-status: HIT
x-amz-request-id: 5H3C42FJ7B67KJ6S
age: 3416
content-length: 262
x-amz-id-2: RAu3cGvazSuqPlERVlGJsvxzzGQXHsGCEyRrSn0nvvqjle0mhNzILekE+LFodM2ETRLVdptTkkw=
last-modified: Tue, 05 Apr 2022 19:24:06 GMT
server: cloudflare
etag: "b3275baf43d3a9e28ba8e1856b5b342e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff6a40dee39bc4-FRA
expires: Thu, 26 Oct 2023 01:28:24 GMT

GET
H2 200 qX7G0Ix.png
ngw-static.franklyinc.com/assets/10763/ 267 B
438 B 48ms
47ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/qX7G0Ix.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
cf-cache-status: HIT
x-amz-request-id: 5H3F5YE4ZMKDFYJX
age: 3416
content-length: 267
x-amz-id-2: EizK6kXcnV0q4QzB8LAh2R/VU+zlvtWe2LMX3A/bnJ3jwHMopQJFz6g42NqrGGwDD8zA8VNSpiY=
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
etag: "7c93283255679646ceb48b0a09e528ce"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff6a40dee59bc4-FRA
expires: Thu, 26 Oct 2023 01:28:24 GMT

GET
H2 200 ENmisP2.png
ngw-static.franklyinc.com/assets/10763/ 262 B
480 B 48ms
47ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/ENmisP2.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
cf-cache-status: HIT
x-amz-request-id: 6BV8WJ991H96G6SW
age: 3416
content-length: 262
x-amz-id-2: EBvmYWtNVJCP+964cdFEFK6cjWfab2wPlceuhSgCrIn8QSy4gD8Uz3fGP3VkB7BtPt4ygL8c7Fo=
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
etag: "2181a1a027aad6f2c0a77442ffe37662"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff6a40dee69bc4-FRA
expires: Thu, 26 Oct 2023 01:28:24 GMT

GET
H2 200 2LRxrU9.png
ngw-static.franklyinc.com/assets/10763/ 267 B
493 B 49ms
48ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/2LRxrU9.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
cf-cache-status: HIT
x-amz-request-id: YFGYRDPJ8ZZ5CWH5
age: 3416
content-length: 267
x-amz-id-2: N822lvVeWfP5ByD+BZvmDjh0/m1lXWTB00WZxUqXqxPZ0zB2NqgRXQtZVUxjvauQ5C9wM9ldge8=
last-modified: Tue, 05 Apr 2022 19:24:07 GMT
server: cloudflare
etag: "3539134c74c2fa207b851387b14bf8db"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff6a40dee89bc4-FRA
expires: Thu, 26 Oct 2023 01:28:24 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3EE9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQqtwbNcDzuUp4XOTgacRQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQqtwbNcDzuUp4XOTgacRQ&google_cver=1&C=1

43 B
766 B

70ms
38ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQqtwbNcDzuUp4XOTgacRQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXmGRCTqoQCGJa1jNcBMAE&v=APEucNUFpipPvXRJkxxb97W9t1eq30ECsMry-2z1z47BxkEyTh7ppgnT8r-OTVyx5Nhqe1TjCBda2cYKhKUPfqbndJdjQ3TmAs8ZZeJVVcPm4rEZWaCVnkJSsX-G7KnyW62_4AYCmfENBr42Vo26wkSuhSyEqwYVZz00otjacs5eLSqj-ZB93wo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:28:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:28:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESECQqtwbNcDzuUp4XOTgacRQ&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3EE9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iNOANsys8oSYl5GipXuwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQqtwbNcDzuUp4XOTgacRQ&google_cver=1

43 B
766 B

39ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQqtwbNcDzuUp4XOTgacRQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXmGRCTqoQCGJa1jNcBMAE&v=APEucNUFpipPvXRJkxxb97W9t1eq30ECsMry-2z1z47BxkEyTh7ppgnT8r-OTVyx5Nhqe1TjCBda2cYKhKUPfqbndJdjQ3TmAs8ZZeJVVcPm4rEZWaCVnkJSsX-G7KnyW62_4AYCmfENBr42Vo26wkSuhSyEqwYVZz00otjacs5eLSqj-ZB93wo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:28:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQqtwbNcDzuUp4XOTgacRQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 3EE9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB5muNsOUh3PnK2HMe2Hf0w&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEB5muNsOUh3PnK2HMe2Hf0w%26google_cver%3D1

43 B
1 KB

69ms
37ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEB5muNsOUh3PnK2HMe2Hf0w%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXmGRCTqoQCGJa1jNcBMAE&v=APEucNUFpipPvXRJkxxb97W9t1eq30ECsMry-2z1z47BxkEyTh7ppgnT8r-OTVyx5Nhqe1TjCBda2cYKhKUPfqbndJdjQ3TmAs8ZZeJVVcPm4rEZWaCVnkJSsX-G7KnyW62_4AYCmfENBr42Vo26wkSuhSyEqwYVZz00otjacs5eLSqj-ZB93wo

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:28:24 GMT
AN-X-Request-Uuid: 609fe429-fbac-4528-8890-4dc7e40aa7b1
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:28:24 GMT
AN-X-Request-Uuid: 6e5aa0d0-90e2-4a5c-9ab2-ab5d45b8e1ae
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEB5muNsOUh3PnK2HMe2Hf0w%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3EE9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5ODY0Mjg3MzE5OTMyODEzMA%3D%3D

170 B
188 B

86ms
57ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5ODY0Mjg3MzE5OTMyODEzMA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:28:24 GMT
AN-X-Request-Uuid: 4b472903-4ffc-4b0c-87a0-7563211354ff
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5ODY0Mjg3MzE5OTMyODEzMA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 655D 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:28:23 GMT
expires: Thu, 26 Oct 2023 01:28:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 390E 640 B
318 B 127ms
51ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNWPlmq-2ylh1A_6AU-BUJQW1Zg7hyjNWlBfYU-KARSZNuwbKhfXu43xv80NgPfkeBmHb22iE9cKmGKgMCgyP7ZCNKhl6RokHnZ-bbvdqSI5ul_rlnRMPO9yUsEuQU5aS7iIWUtwR2OJ00NTmqoau_bK1Qtm_sokPmIoULBvX7Wk_1YbKg0

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:28:24 GMT
expires: Wed, 26 Oct 2022 01:28:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 655D 23 KB
9 KB 124ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 17:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 17:55:58 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 655D 6 KB
3 KB 135ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:59:26 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 655D 0
622 B 194ms
83ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsscIh84lTfDloQDNWylqqROwJidcaV_T0XAI79ATOlAW0TWXExNxSP0t8N4D98AlGEsAAkJKxqMTrN7vl1DDtgk9WaF1Xq9IX8h_r98YlndKS-kDuxioVtkAxBXE7kBwxzNj26PWEFphIvDLGAP9AlX0v1cpKoUAqcA1s2b1PNOCS6YfbWtxLk8jyXYFb67nhclsnXv7mt-OQ6Chw2RvkGk_7mBZQAwZ9i0jmoXUHiT93Kn-PHLJVmhfxDmhs3dKzj5tvVqO_wc7C-XjAggov4QGlwBG-54MV4NlxqtC2ZjcL8o8116uM4etYW7apLaQO0uJZMskkVRNYZVstspFm85r_FULYOs2metATDcB58o1sl0Jx8FVzMC04Uic9pwK-lB1NgtmC4ZExsj3Lz1Mn80wKc8vezd6lCXkqOCtfMxZwpShdKTMDdRCfpCNL0lOky3gKrwqPuKe_hGr6ryaluRAAc6ZepFYfS12YQYb3rIUF88oHy8XiiGsJWMJN-IUMATjAa0YTGInOTXWWIaBaZg8LBdWa3SQhYmcA2s1soE0oeJ0eyFyFvV3MuXkzWx1tn-OIhzVmw3qIMMSLF8bDAW2irUeQZeZ2z-SkHnpiJplVolpQiHupP42epop3tlZtmWH6ZB_mMh6Ofn5p8SVqIU_016PmoF3p5Bm5eZzKeqYD_T00bs1CqdPTlKKifBpzQv3HPC_5Prq9r8P-wItz9GMhErOwjh_g8sWDIsYmURh4Az3B7KGdERemZHHDFPELsakwKtgj4abp-CWDtMDqm9zU0zsxJlkAOB9yZSvrYGFX3GttusH0YwYkcS1ZJGdcxNkQx-ty2DI1FovxHRgZpd_GaN1VDH0D5DDyMz_tHoVb71bQ8uTBcVUrVob5hHsCVtdh7N2XqIiRlB7JmRVtEW5eYLcl9S5d-TBe-3hIr1IdGcr6jYFK_MEoOZ2G5SVzLUqNzMup24yckxEVlM8rOrtNfeBfE6WmG479Ay6toBZi4HoRmoaK1aPaohmQPYUqynMLlkYHcvRaRIRjRNra07vwI0Ltf24FzALQ3JekOBDf-ZwvzK-V7iC621LZnb78pQlwMSqsn2rhtukY_wWFLjek2Qi1K1b1S0cGIrltzAZ00WtNTrrQdBP5WAHiSmReb7Sah1nbj1IkY_cEkpoq13rWboQF0akKWIT-3BTCrQuHJOL0JQvQ6SJCLHEK4fa97Mk-hchdWmiD0vvOKJud0z37LCh4Z3xwy_OU19em9uOn-uEePsG6a9rUOAmyDcn3FE2Tdjsw&sai=AMfl-YT5IkiMzw5APj7s5bmqQjO8KrrQIZXP0PVXMsgMcm_uHzV7pPhH_l1eP0P5foPcph4tvVhFs_WSdopcsufs6gEzrbh32Md-AUaTmGo9sfjdV8i3aakmUd-SEj8kspOCPgFsuY5wiM85u7yaKZ9bjqzdUd2PogiZd6rEU5VEvicUfgo2pYg5gv_8y22Y1wJ6Iv_nkMFSFuIFGQIxATrcSB9W3QbLa1YswWUlx9aZP5rdN2dcZta_8TdsYE8s73QUbVLnbZdD7Sg89wpqk87huTKZhHJQJsL36J8f_yR4LKc7cev91V0WfyxMK3NLd9bl7Ok6ERaQ6dMH6V-WhU1rAknSH03cCGgjgvQrkIs0t3_2EwLa7Xt_R5ByksqNhMAKS7cAQN7OeD4KWacKYseirTrri_Ga&sig=Cg0ArKJSzBglPmQsEJH2EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20221020.65275&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 01:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 655D 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:50:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 655D 42 B
63 B 145ms
73ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CsovLRIkAbaUSP_ydnu4FDNkrfNcGO9inqB0BGupfNjj1mJOkqE9alkycCkplVXUF5iPpAHxh9xyW0cQsZ3rGHOgMEYJu_Ksm1DmG-ik_esgSFkLI

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 655D 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 20:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 20:16:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 655D 17 KB
7 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:21:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 655D 0
0 50ms
49ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4x1d3gbU1m5dF8Zdy4IhzVl4y5d0bGXA2ad7SPaDC4Uq0XLCHiGYiSunxC7_q58g_-4cvNydL-1phAwIahzY65dPfFg
Requested by: Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 655D 152 KB
46 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:28:24 GMT

GET
H2 200 10339273490624487321
s0.2mdn.net/simgad/ Frame 655D 40 KB
40 KB 150ms
37ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10339273490624487321

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1aa5c86352e48d6415ab98b5bfc01024bd68462615cc0793d90aba2e07533ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:59:02 GMT
x-content-type-options: nosniff
age: 59362
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40685
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 12:38:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 08:59:02 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F714 106 KB
38 KB 147ms
37ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
Origin: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 10:24:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame F714 8 KB
3 KB 126ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2ALGSIFnu1XPF8_z4igBqybfHd5XS8_0_M_165hBgS-dL-A6NzKPR_zT6jkfJ6Z7UFqpB47a059HE9RSE-G1EhMZZwQ&cry=1&dbm_d=AKAmf-CFEtqS0BRidZN3cZnNkHbKLLKZELye4UHzr50fplTm90gAon15KaYxAv-UH8pq0kG0nB2pzQof-XGycIXQfOfxGbxtI-lVnARN7sbMbdHVNNye7agKGr0yWl-t-JrAKu5N01e1mOdP1mwZTmtVnKLzUT9Zabny1fTU2VZQ2YqLMq91gtSolu6fVUvkTZJwbuM9mtTgqfbAlhGaX9gC63zGYZPhhSp9-I8kHO6v8CEzEvdyLbjqk6E-LHAHtljxzOagCc-QwNNXOYnoVLHcZDFBRuMJZRUwtl796Y7FBXgUOli8o_U7YFr1paES9hlyEwCIGq-HFxddoBMZqbXqTh2Viem8723ahl6XYLd6gBuutEtfZ2_V2zF6_8XzpyWVLYvUXQtqgpH4dwWo-4rETnmVqTIsOfXmnbMVXgd160le-Z5Wk_vKobYdqdrMY7IEIVx3y-e9b07QfqcJYgnuP9AKstCcs-9nwb3VyA4sxMWjEQiGmVMswk8XJYl6pBluhmT4JuCY3zA6WSH5wQm1PphYmo6C7ZcTy5tY_Xt74uWs6Wc06wx3XEmoun_FXevq5NnDibo1H5A8TJSV8ygcbIgd7aqUbRAm7P6qTFkLMjYuyBWwRii-VWJ2c3cS7qmgriaRnHnKETfFMMSGbjPbz0dkPrUw7qWh0vrdmahL6FucBZ1CoNxZZmc3050NIpwrQw_NoSjEC4SITt5dZtDsMBtZp7FLNPSQZ9QTOpoiu3ENSfy22s0s4TTgyaURQ6xK_-Py9blQJFkYav9Thcsw6IZK-yv8A14zQajaJQQiW0Ox23Mk3lAGVic5tMltz-kSIn_rVDTvPChO4fgppapcbLJazuYzM9KZiZSXkq7hwxkfFQh9ygarJdqv90r6I3WXrxgZaxHeA-ennF_i41EUIRsEjl8OQP14oaR7Kry_9O-aAdlBmInAImQJCMGSnuDV1NEuIUCR05TI52M56BqiMBGT1_jh3RTOYk_Zw2_4JeGvt9-WN4YV3D89kObcrwJCo_4DhesN3mtDbvxem40oVAHIp6BRemTfCF-FcATSPNEqWlNU8jucNc8zmdqia_P_E1wBPNTWtBW4AlBnkOl1r9pmswPJ-_7rNLe1yGokFoogXRyNV0ZiR5unDvhG0iCLbXailqfPgeXFnb4aH_1N3zlN41hMWQqWzZWiWvYFpvYWsBzT4-GEsgBzlMKmDst8ORg10pe7dkzySrdraohm3v8K8hsd27Kzd7THfpZea2n-rNRMEoQwILaHf9ymOuxBEA7ETBokljqeKVbVQhRHa7LRmnSl0u7W_r6On8Do90aP4fse-YVarmHv2cklgM-jch0uOHMm6Bs328_xKf79UBbPi4COER8YYRsdo-AjRKnqpJ2dBS-bhuDEcmcvad8iNQDKw87G6WSGD40yR70FYjKcU-joye4gn45BSEaHl8QD42AeZamXxwK5fLQ2YzawWN6w_F0gXU71HoT5fCrQR1YldQNg6Q-TIsKHKl3-JYjQ3_U0-2GXNBh2GPzKWITcDKVpaRyhUh_jJe0-V79In-CFucfNkXYcVi4H-eyRxReJcSOhp_o8xHMpV7RmHopN5-CYCsaiduyFm728w1SxEvd6yxn5ouwkyzqoVzR-aBIUaokl6wl6OzoMWsp1dClDQ0sAvhHNBRiJLo3AuXuor5lDgwN9aZ2piFRovwzh7IhVwwZnWMMtyqTqF1NEVxRC5UEMw7CO7-0hgSNH2h5vg0PTzEO0fXi_zCtiQH0VXPCl3fWSFuk50aifaIcGUK4gVpX_Ea9eh7F-PJK0pbkTCY9aoDKZrQtUJitNakgaFg9_NTwHT9hB-NCyASUnJSPzN7tfrxqO8NxzB24WO-YoNDehv5CHA2OZ99MObsO3GwZZNF27gAaMTf-F2ot5JTO7JfUsLFYRMMAeTf6zMv7H4eAza3OOjjbyMUNz9IZElBnsXcxXnUClPSENiaj0UQ6JSJkPmThbv5n8lX9_XYxNbEQKUuc8qCT_w0B_MVXoGvRd7QR2XzNfs5-UKLJgVUMXaM3Ssro4C5-Xf3q611LX6TvZ1rjoMevyuLuEz7KEc04YdaaBbJb4HQBhyaXZWsxnvNSYI4bX7Ji9vHIpSp7-yLZLnLRP7O0AulXJg8XQF4h68KH9U5xMymkGXWD5QY1Nd3dblyWXqJs9WuH_FT7LTy9WDTsym85TH7G-KQONUVnfwJoF-H3PRmoBbxudueONGMC00rRAVnbDj5HdqRTYe4B2aheiiFVDtrAkRV0xqtBrKpeLr6zTLe-ueE2yezBIyBz-nUp0WLqFrhqiFn57A3mlv1iZymidfn0QMFuEX8sBRguBuLv37gaj6-_61CCm3l1whJ0exyPXWmpTRTXPXV5KQSP9rT6CYguB4wADvL5qIvSrpVOr2Jm8Kp9eTXMr83E4Ey3vrm3DSaUiIbZ5rfQVq19Ey93_sWpbgPzoVTXubIKou-a53ZLiO8bVwvp9_Y-xMH2XHVP6yGihl_hj5kRyhkAGpsY3c2B6U6AMvlStoonyutN__-lSgSQ4RQ8s46Ky90o2lu1Zi1RzHBEt36OFwYBOCgvhRtJtLXKuOSaPJ7KXh0gpVatZ3W7VQ97iSmN13CnTCRByApR7bj96_baEBy468J7-1SzjSqewWspWjayfncK3ke_Oe2hOwnrSqwEaJDEoYrEubMpMC7_IzBtHS94eHT3bGoul3qH9GT6nc5ATqx7unVcerh1k70YwJVD2tiaQMiWIVHLOeXyVGYx63ckL8yUbrn8bWK-t8LeLD64Vi85InLYmmyi5xQFmRJ0UyIgeWGYx8NoFVcx3mLZoVNkq1FTSQu9hgEixPKz7U-uXVl5AUs_O9oZp_IY-8FbjRPzfuIxBZAlVvKz1-MdfpkRta6Vg3kwSOVb1WLDIZCXiEtV9LmA8M5u5RI1cwzl6hm-QWc_2o5iiC2ygw6szV7VV7Ppkhg7kLEjKrQ4bkZgv22LD7LMGGuvg-Uq186Ihm00b3JDMMwgWRcA6Axu-U0VcmfWdiyvlqYtYKJQLNoLtuJmx8ZgOQLesFN9t7-XE2pJClmGNFOdkJLjf1W1DiPUaY-PRxmCUIaw1DQiiwaqBJkXgqFLVoMIf2ziPnHGE4_xfVHy2uYbHxWy7e8og2wn9-F6bITYVkM5BO6ihLRc6hllWK7EmNtKMRyxPq8S80URk4zJUC2aGm9ZFl84ItLVTPBo1xYp8s2p2P3b_fmJ5KCXCtl_2FvHbxbdz7vo-O17rIdiucsnc9WjO2dy7mSpXCtjE7EiQXvbWbWZIGUnLJK4&cid=CAASJ-Ro7keFjN6b2vjuINRHv_yhHg4s5bFYA6ujobgWYEyh-lzC2AphLA&rfl=1%2Chttps%253A%252F%252Fwww.wpgxfox28.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:55:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame F714 30 KB
11 KB 104ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:40 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8A4D 22 KB
8 KB 39ms
37ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 236751
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 07:42:33 GMT
expires: Mon, 23 Oct 2023 07:42:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A4D 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 10:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 10:36:14 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 390E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPYRl-NYzBsYXQCqzUcvgIE&google_cver=1

43 B
61 B

90ms
49ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPYRl-NYzBsYXQCqzUcvgIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNWPlmq-2ylh1A_6AU-BUJQW1Zg7hyjNWlBfYU-KARSZNuwbKhfXu43xv80NgPfkeBmHb22iE9cKmGKgMCgyP7ZCNKhl6RokHnZ-bbvdqSI5ul_rlnRMPO9yUsEuQU5aS7iIWUtwR2OJ00NTmqoau_bK1Qtm_sokPmIoULBvX7Wk_1YbKg0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:24 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPYRl-NYzBsYXQCqzUcvgIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 390E 43 B
304 B 132ms
46ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNWPlmq-2ylh1A_6AU-BUJQW1Zg7hyjNWlBfYU-KARSZNuwbKhfXu43xv80NgPfkeBmHb22iE9cKmGKgMCgyP7ZCNKhl6RokHnZ-bbvdqSI5ul_rlnRMPO9yUsEuQU5aS7iIWUtwR2OJ00NTmqoau_bK1Qtm_sokPmIoULBvX7Wk_1YbKg0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 390E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEAt73t1_4LFysDkdeJlzKkk&google_cver=1

23 B
172 B

67ms
67ms

Image
image/gif

2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEAt73t1_4LFysDkdeJlzKkk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNWPlmq-2ylh1A_6AU-BUJQW1Zg7hyjNWlBfYU-KARSZNuwbKhfXu43xv80NgPfkeBmHb22iE9cKmGKgMCgyP7ZCNKhl6RokHnZ-bbvdqSI5ul_rlnRMPO9yUsEuQU5aS7iIWUtwR2OJ00NTmqoau_bK1Qtm_sokPmIoULBvX7Wk_1YbKg0
Protocol: H2
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Wed, 26 Oct 2022 01:28:24 GMT
pragma: no-cache
date: Wed, 26 Oct 2022 01:28:24 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEAt73t1_4LFysDkdeJlzKkk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 390E 23 B
172 B 199ms
71ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNWPlmq-2ylh1A_6AU-BUJQW1Zg7hyjNWlBfYU-KARSZNuwbKhfXu43xv80NgPfkeBmHb22iE9cKmGKgMCgyP7ZCNKhl6RokHnZ-bbvdqSI5ul_rlnRMPO9yUsEuQU5aS7iIWUtwR2OJ00NTmqoau_bK1Qtm_sokPmIoULBvX7Wk_1YbKg0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Wed, 26 Oct 2022 01:28:24 GMT
pragma: no-cache
date: Wed, 26 Oct 2022 01:28:24 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F714 41 KB
15 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:50:32 GMT

GET
DATA 200
OK truncated
/ Frame F714 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43e6c9037363a59716a82c7ca28495fbeb7692b6fd97854774ad491dbe4f62b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9206 0
0 78ms
75ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf0sMTUP2w79P4EYY41Rn_dK8mlwlMsRjKYVRNyMa3CMawyfwBmWDCblp6dGxZENASFHKQAEpDxg1j9TbFcEsnIhKiS8xeoEgOyqH5-AMGUsKUqyl8X6pN8dutVN2GFlF6oW19lHlt7wtW85wwq99_a6vfgJWfMEIcO3916LaeLND9T6kbHR2ibqoFNo7eZJkAdi4c8Gd-q6MNW893On7qwR6L6Ricafzo1BfPoOfgq93Bve04HYZSkOJYnrICd01GX7TYDv6yRhv7C494az_ICZOpKZ4NiEaE70kK_rDeUKiQaPr3oNI3-pYGDEtDelNQqHg0PClxHAvbKb_w0QWKxlIEkUAvjGRT38eW-fJVkCCY&sai=AMfl-YRQ1RsL9F8htJxuNt2k9imP0jg1IHDyGBTwiNPDgvG-41diE8GDSTzeP66MIOadUaLzmjOwhfxcJgflXQQNfd3QR-eIeaZP7muQfXzVjrbEusbZWz4LpDBhWSifAb6dI03-&sig=Cg0ArKJSzCwxiDJ0ZLJtEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 9206 3 KB
1 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 20:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 20:16:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9206 152 KB
46 KB 49ms
45ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:28:24 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 9206 8 KB
4 KB 178ms
37ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138401092306&splc=/43459271/loc-desktop/wpgx/web/homepage&adu=21957163323&unit=728x90&btreg=6084843041138401092306&btadsrv=6084843041138401092306&ctx=19955922&cmp=DV451308
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:28:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 14:24:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80e87b37ebe6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 14941923498515493524
tpc.googlesyndication.com/simgad/ Frame 9206 37 KB
37 KB 43ms
41ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14941923498515493524

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e2a7741be63f59de3c7649731a377fe6b2f4dafa1750a924811dd45f73a54d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:22:51 GMT
x-content-type-options: nosniff
age: 392733
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38310
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:54:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Oct 2023 12:22:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9206 0
0 53ms
51ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwlhmHGJTXJ5R7w3Ga6xMFQauu4FavHpR7rkMn6Fbm5dAj0g-ED9WCO7ZrjMxwpB4D2X9pfpX0PlQpw35k4HLTw-BVcA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 655D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b95c677f19a0451051a4c1f580f1d8fbba9f2cde9c706d252fe9cea9f5c28319

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9206 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c231ba82cf5db2d23f5a2be10573b98d2148444380e387e7ca13674ffce5c91

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 655D 0
26 B 152ms
75ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F714 0
0 160ms
84ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrdlRjpUL1a9r29NsJEsUIURcw69wu98-hAn9jpJCC-5bi3oe2hCi1ZftUVCF2EROkMchDWZBk-Cck0LSJVpstTuR-YDbneneW1szSidTMWAjtngFX8_-wQ1y9Wfwz6cSg1YW8paie14-eEb4wnUo8bfb3JAEph43-aXzrz1hCj_i0Yz9WcUAzBDbANT2uj6JRjszxOTzvoCgqHhsHsqQBvRkotc5NFye6c2XXjRnKatEdzd31tOfBIElUF3cFDF0Xs1iPzpjopPvueXuApPY0VbhRblABo_wBQr87km8w_Gj2dr8EMMkeVb0uruKUT_StDkvGdwilBmDkBSerLKXOujLLIvfFKdPBdgTcGBgVwTChrHD5w0U7bAQlyp2D06y-k7BOjLB7XFxoi0M92ITtetLpURYvLW2W3ESmBvzlgg64LAQ3U_NBps6sHGgKHuLyaFU3OF_YZ3E4dR9Pz5WQPYgLJxPtom3kCnnZ15nRHMysaPVUDlDFvcHK2u2ezzbFnxw_Oryf51iDUXhMT7byqLhBVSJob6reRf8Ea6lDh-C28hWdNXWgUxGyuzWa53GN2cOqePO7x-YnYY1dfLaFvKUSEymvLFycqLnfWnBES8D2BT_vQAX2dPLJFX1OnY_itKEBPvt5GSX0OhNSGPJ0H7rhLuf9R8Ld4tf3P-88GwJ-nbCH6hRTaXNdMWeTp_ZfVKa5EMt0RQc4UH42fAjWVo-yb9QxIsjbPhXXehyPOGmOo3P7iwHeeON6e1qkLhGkiuz8-h6yWslxKxmA6UDP7DiJZTljzFU1NPQNlFC-AErglugVWmTbRG9XsAbuh4OY_-ddMB_dEXe8p5x6wHWSFOhlCUB6MZpNHydS-Zc8J6iatSvDvIwz7gwsT7Xs0o6KPiqQg8lcg7BLwPV-CyaPgCmK0rJARsq4H_91XEPMd5VBsLE0VSHYOrhDSwM62VfnK4ir3yvhQmRG05Y5jobU_cgqaNJiQLTviKGyj3TAobm04N5-KjUO6zYUGahj3yLK1qyV3rVLhqTdJ48OxcAWWKwJIdDMitPfbG5CDOs08jGdcjDkLd8H9YYtrO1W-fCPJz8o0auoJi7T0OblHtVGgThRLGG4xA25UVgraxzH-_3I85ajDUvAW19QPob_7p64T7EqyTysfe_PRX-dcWCEtsjEZ0PC-kDElhBeW2dzSqpPF4bhvU5QF-acEzrt8PbFmM-LJpP0-5QK8dKHeCcUXUeJBD72zw1uefjITLPkRvJggvJSDVmO4vFUoPjujLi4Thk&sai=AMfl-YRNHtTgLtVVfnhpdr0R8HbQuOHc_fXSibWvsUr2ZOp5fWw9B4ol0c8CsHbklSqnJ5ij0ZHupeP84xjxB64Kje_CDBuwfdU9L1aXaL2SS3AYJXczaD3SyizuEuZD5Ixe4o8P3FfK8gh4YTfo-O7kJHOz8KkFr64Ut7fhcj5CtGy5Cv2HPtIjovk5zN1wQxgIvTJun29fFS76TRp4va-jpBgH4C2XETVbivz4&sig=Cg0ArKJSzEEFnQY8mzg6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=245&cbvp=1&cisv=r20221020.66151&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&ftch=1&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 01:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:28:24 GMT

GET
H3 200 11373311131601781821
s0.2mdn.net/simgad/ Frame F714 14 KB
14 KB 115ms
38ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11373311131601781821

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df3068434ac581e45c5c916c93166ed2d95a488e7d66e06707239a37ad6f26f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:10:45 GMT
x-content-type-options: nosniff
age: 37059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14278
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 09:44:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 15:10:45 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 349F 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 236751
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 07:42:33 GMT
expires: Mon, 23 Oct 2023 07:42:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9206 0
0 149ms
73ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBbc_M2Dr7npqT1OZllBvL6VYOU_5eLL4vqKerrMDde0hi1C3eO2JcyQGxqL8NKojq59_WBnjP8_11UG1AswGqPqfJIRMw4vJHUszEPj_wNa_yP3RpIN7HkJB9J7EDe2XdygztFF8SVFYyGK9lIiQChqe_93OkszzWxKniJ0npI35wsQgn14_j9H8glOToHCgdRflUKJzw9eRmpKxQZHm-EXGm6BJYRT3unU0lfqTMJ0MczFcUL5FGYYojmSzLX_SJVU6y1mmPp8XAE0kPvEEsRZVg_KvLFQuIGmJ_qMfkSs66kFGFV-aKYGPsisnWog2jL7EhWzy8SdVR_QVBb0ZKcc2W99-o&sai=AMfl-YSxLqfFP-TIJL8ERTJvY3-AMf8NgIeyzcSzIl8mAD6qxM3hhWFTbqrm8FJDCnSWSKrDjqahHbmNwh-a9haTrJ0yiBdVsfMxpX_Nhp4cWDzfrMp7VDPTUWgMFrYgPhm_ZS7D&sig=Cg0ArKJSzLyG4P_SmqCiEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:28:24 GMT

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 349F 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 10:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 10:36:14 GMT

GET
H3 200 container.html Show response
3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BFE3 6 KB
3 KB 38ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:28:23 GMT
expires: Thu, 26 Oct 2023 01:28:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F714 0
0 78ms
78ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrdlRjpUL1a9r29NsJEsUIURcw69wu98-hAn9jpJCC-5bi3oe2hCi1ZftUVCF2EROkMchDWZBk-Cck0LSJVpstTuR-YDbneneW1szSidTMWAjtngFX8_-wQ1y9Wfwz6cSg1YW8paie14-eEb4wnUo8bfb3JAEph43-aXzrz1hCj_i0Yz9WcUAzBDbANT2uj6JRjszxOTzvoCgqHhsHsqQBvRkotc5NFye6c2XXjRnKatEdzd31tOfBIElUF3cFDF0Xs1iPzpjopPvueXuApPY0VbhRblABo_wBQr87km8w_Gj2dr8EMMkeVb0uruKUT_StDkvGdwilBmDkBSerLKXOujLLIvfFKdPBdgTcGBgVwTChrHD5w0U7bAQlyp2D06y-k7BOjLB7XFxoi0M92ITtetLpURYvLW2W3ESmBvzlgg64LAQ3U_NBps6sHGgKHuLyaFU3OF_YZ3E4dR9Pz5WQPYgLJxPtom3kCnnZ15nRHMysaPVUDlDFvcHK2u2ezzbFnxw_Oryf51iDUXhMT7byqLhBVSJob6reRf8Ea6lDh-C28hWdNXWgUxGyuzWa53GN2cOqePO7x-YnYY1dfLaFvKUSEymvLFycqLnfWnBES8D2BT_vQAX2dPLJFX1OnY_itKEBPvt5GSX0OhNSGPJ0H7rhLuf9R8Ld4tf3P-88GwJ-nbCH6hRTaXNdMWeTp_ZfVKa5EMt0RQc4UH42fAjWVo-yb9QxIsjbPhXXehyPOGmOo3P7iwHeeON6e1qkLhGkiuz8-h6yWslxKxmA6UDP7DiJZTljzFU1NPQNlFC-AErglugVWmTbRG9XsAbuh4OY_-ddMB_dEXe8p5x6wHWSFOhlCUB6MZpNHydS-Zc8J6iatSvDvIwz7gwsT7Xs0o6KPiqQg8lcg7BLwPV-CyaPgCmK0rJARsq4H_91XEPMd5VBsLE0VSHYOrhDSwM62VfnK4ir3yvhQmRG05Y5jobU_cgqaNJiQLTviKGyj3TAobm04N5-KjUO6zYUGahj3yLK1qyV3rVLhqTdJ48OxcAWWKwJIdDMitPfbG5CDOs08jGdcjDkLd8H9YYtrO1W-fCPJz8o0auoJi7T0OblHtVGgThRLGG4xA25UVgraxzH-_3I85ajDUvAW19QPob_7p64T7EqyTysfe_PRX-dcWCEtsjEZ0PC-kDElhBeW2dzSqpPF4bhvU5QF-acEzrt8PbFmM-LJpP0-5QK8dKHeCcUXUeJBD72zw1uefjITLPkRvJggvJSDVmO4vFUoPjujLi4Thk&sai=AMfl-YRNHtTgLtVVfnhpdr0R8HbQuOHc_fXSibWvsUr2ZOp5fWw9B4ol0c8CsHbklSqnJ5ij0ZHupeP84xjxB64Kje_CDBuwfdU9L1aXaL2SS3AYJXczaD3SyizuEuZD5Ixe4o8P3FfK8gh4YTfo-O7kJHOz8KkFr64Ut7fhcj5CtGy5Cv2HPtIjovk5zN1wQxgIvTJun29fFS76TRp4va-jpBgH4C2XETVbivz4&sig=Cg0ArKJSzEEFnQY8mzg6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=387&vt=11&dtpt=142&dett=3&cstd=387&cisv=r20221020.66151&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&ftch=1&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:28:25 GMT

GET
H3 200 Whereveryouradventuretakesyou-WHRGerman-Deutsch-300x250-638022878363958639-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html Show response
s0.2mdn.net/sadbundle/17933889851304706048/ Frame 8DA0 4 KB
1 KB 39ms
38ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17933889851304706048/Whereveryouradventuretakesyou-WHRGerman-Deutsch-300x250-638022878363958639-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a899e5cc1f47a105acb478a44a08cd5553fa49af2991ef1d7019dc09c6ffbdcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1426
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 15:10:46 GMT
expires: Wed, 25 Oct 2023 15:10:46 GMT
last-modified: Tue, 25 Oct 2022 09:44:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements3130.js Show response
cdn.doubleverify.com/ Frame 8F70 545 KB
105 KB 42ms
42ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3130.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:28:25 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 11:48:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e9d655d5e6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106973

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8C2C 466 B
303 B 53ms
52ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXmGRCTqoQCGJa1jNcBMAE&v=APEucNWdFvQbELQeagSaH66wwTmFO-WgQtTqFuloc4SonoTbJFXJejviE0amKjTionVBVJnROV8WxAtfkqFteW6PQ-6f-ULmccvTAbdQ5D5S56cggeTn7IJb_bGNqCqCwdZgf2AVo3xbvoHrO_oeqExRPdfct6lOFQQ7tanD01396NUFp6jjFRc

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:28:25 GMT
expires: Wed, 26 Oct 2022 01:28:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BFE3 80 KB
34 KB 87ms
84ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxThYwlP3IEy-VZMJWFEMONjtaEpucEOUEWhnlXFmiNmpoYMnUg37r3YEIbdn3-enJGEJnd38XXdkYy3pKv4oK0NA4-w&cry=1&dbm_d=AKAmf-AhjE1FyfEycJ4ZLNYYST0vZHv1LD5jtWxdoqQtP6s9WQBm7WErdthTYSshGGbtA6O1aZN_M3Vi1cbLYNDyVOqvQP0uk8LwftWBx-z7TELqg8Zv-9V-5iA_xu3icthPkMdd3fDpwcd42l1j7z5LhCIbh3T4RF7bthXJMO6lG9nlhOAoWfHLSGNTCt1PZTwo7jTMHMEaLh78Eijf7d7n1RaBktkEjTH7RzCWPuoS0ZcuLdyBc2DUdBzj6OQieIeECh14_T7mmB6c3j5VSOW391xH9POXzOUvNPGlmBJqzOyFaIOaYnKvUD-p5_VnceU4StUgAmOC1JT1GfezqIiSHhXNtOCVtLOj-p73NWz8rszS-CBEALggB7WsEyRCO7lXRtNv8eLccWrl2-IY9nrpzylzOb7_GpC1dMnskLC8uJSb4m4KHNMJy5tKvs1cD3tH92L1t4a8o3jNH7SaIivsILEzFPvv8TvYlxMzMFedmib66eZwvJtQoFtxSBUFJCIVSw1RaKAcsATmkjWpmo0b8cdsaQfcVMwnW7u5XVs7ND6-L_U9yENjKZmfHYkyENnBV0WmKiU-Gu7i9uBA47OsrULC3N1AMMouBOV592eQm7sUC4zar_Ap1MW17jmB9E9LLukCkJmfHkSHtC4Rwg84XKeSq3dYtWgGp2ipfiFMz5bPzRHLNdDMqgPlc8rE7kTAjTcE7QujMW5IYHWOG1Hv3Sb8IdZMxl4KbRP-B-J75P9sw758_vg58HNJjJG_t3hDpehfA0Zkm75ARUGutFw7f9lwxXWy-BLb7qEw2Z8JoiRyY-VWuOY79VD1mXhMwYblzQELECiey-tWvJGSJqGlu4rhZ7yeO22d6TTmSzT8sXdIZhJEg-Y_4jNP7lT6zyizR7N9OA5qtpXDC6wJw9WE98ytNrXRzaVI5RuDoE1iywDRu-FFGtRGhC7F6yGwT6NJcHs81WnufLHEbH8Dy_8tPVjT_cr56w1qXlMjJcBl0mJm1M51RF5u61_2AGyukNzDBuiOVnRN2nP69lqEdgoyv1Y2pUoCbifnPdtGmSfnoFcV3zieCxPluFZOAcwk2dPRb710wF9JIzMS_xsk-JcarvyuX-GudKZHW9KxJVB7ZLS9c-6S_MDaH6HcZx9UbrfebA7XSLBAuTnO1WY1xJo96bhGyuhksMNLWaDQQ4xE2ze4MeU34OQbw-7YFHlRlOo_WznC3iR3_ebWEyxD1Dvb8DIB5VBFBqVQauOm-UjQtFIl3v_uLl_xE9Oi1dhRPGkuWypUFMc4qDD1i6cgL22ZraB7UtbMqbc8-bQCulezcQqBfhzEAQvU-Eaf_ii3yEUnoqU_KD-QFVFthKAdUrhmCHEGZjc_sm3HGI3gN5LDbbRLvte9bEbT6XeLspjb4ljud1DEu9QXNZznhmO394-ZvEuRa4O2gx-9Gya9D5Ks-DZq-W2lwqFLY7W949f85knPmlDqPP5qYJUMtJFkXMv2N6Dvbt7pdHxGTGnHZU29w-99f9xQWPKabb6jAJhGaGdUIrzRjYfPrHbuc76OZP9yC4WKlmepRg9508tJ6BbPjJHJYk7Tmmjt_8BbwiPu9AOj9p7Zzqcjv_Vqyp6vYCohTJF7bzh_YrPd8ORPcomY-nnGEe7i_lvErleS4FLiyMYwHVx7DVf_m106MwaxrjvXpuQL7XkwSKafl7YxkCG6aRDZE9zFG7_lej_fkzT73YXAG2CL3A5cIS4X2XXDl07GOYNcj0BYU4oN-bjPBqB71ZST2zcMAziKtUMjj1JI-8Inah0FLICtXfreY35euDUvy7WgaWlg9V__gV4PHYV7uRLNUpCf4UhIvLt4drRDHNJGmdCjlEMu5dzoh7RzyWOY4NSRpiunwnjKQ0rIheG8p8hlcORY5tnHpXCSvbSG1G68ETQ2nXLevzM4hoRqENOLgqHaYxycOpEKl_HMvRJeJMWfX6y11q9foWHgc-ZbxPcH0tCAgtNO6PoNbqNiGiqN_0oLHA4Id2xUbqQF8g1KT_MMeZLgp1pb50KoC4flcQe6ijE-MVZSANy8V_LgZz4oM6h2ux4p062J_5SGXS68xLkrYeJ6O6kQngudGBiqYCO7AfnRsfgR03eJj75fnh2fskf1jcl6XvuqdMeM9-R3G0zCubuAj9OC-kUjyzegGPQDbfpQnpSvfudioK5URhtfb2d89OTNV7ICpnyi2tA3Xr0BPhYCd9WhGTRyRYELsZb5heawH6GvvUQveYTDnulIYCrujLk_0sPFMCscO6Z1Un0z18DZ6MiTnWRIGNcsC0YhYfc5OzpfPEmhRBKXZwkiEcpiX2-M27F4l6JGsBNvhZIxT6T8N_j64A3qqy3Il7ZsVqzswk_WZL5rpi0p6LivKZ0njXGu7fmPyZKd9Q8oUBads3y1IwgmphPpPl-588NqpxfUlUlRPi-AmfDrOvT8WnbdzDnrHPzSWG9ip8jUtY322w8bGIEZ2KA4bKP5dOcJSECcRsV2NT4I4ASZgjehjCA2OK4jMNDCsDEBKkuEW1Ws62RYUz3E2_3n15BS04r6pRnZMSS-9rrVH-gEF_9_cymnWf-nG-8GVgprVLB50XBb9hGupjjETP4I7yCp7eM5AOoNJXMtcLIBqjFjZG3oCY7UtA4oW7gXyp7ifjBtZmtnfL438PBJB86RqfYcdEEhZzBe9WRlK2fQqm2HSDqQOkrt5YIyKqCNZLGZUWvYYCziCJFnT6aP3ZXuw-ZBnha_xnSRE54ywTipP9qFTy3b-Oea82TFGX0FAKyREG-ewWf4JJNeE8Hn87GR7KAxfrL4llRO0LkjK0l57LIbRLLDc_rouOv81cQis-Uod552qH2hQxh6cHx_yLWKNKkbEe7gOmiQbSn7gVDL6KyTNA9pY4C-pHaGu6A3K4xus5sqYiyVMRS9paOtFLtWObQYqnBE1mJnl_R1NGtueUgVViT1s4SWkjlkmPxNCL0Zhc9wx8DYU_NwV_oRY67TKkRhCZ4d3goAlEh6nUxlkFGOvcbmKZ-CiGl02tS728Wz3leo2DnCT6At9luBb1V2h9VUTrxUNw86X4DPdhorgqaZUN1o6eiOBoW7pP--hE0wKCt-UJ8I8onDccIuSdiGf0_8dIjqwRkFYz06ksnuQ9hLCyhb4r6_9ArAItNRU5dHGqD1PeStabs5UTX2UjAytle3wLVo4ySjpPaj-8Gs9U50giFmtYLvmDv_N4eHEvXpabYl8GKsIDNfNmSpgE_bkg5LvOsj1EH5Oy_Lux4kytfd67Z92iWFU0YzOMZmCy_IwxVo0PsJVspURpeZZDbmqHtAQRXwAMf2dbgxVzS3K6lSpz_FbwQHcJzx9i8a88aJnZxQIeW3imngW43vXwNiK_J0rme7u4gGMAax&cid=CAASJ-Ro-ek8DFtDfLRsMJR99aw9A3RfX2EjAngyiFf_QMvOwKLYXP3nBg&rfl=1%2Chttps%253A%252F%252Fwww.wpgxfox28.com%252F%240

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11a3b89578189234c9cce5465f44c976ceb10d89445f10361206be80a5dcbbc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFE3 42 B
63 B 75ms
72ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DK8A_PekvEzf4Ju8pJQ2kBBZNN-9JBOdrNYBbO2gvBCpDGhhgplu5lxSgpQl_28V4N64HjU4s8s24Fdt64CVOjNOnpwh6Hvfh9lWeKocAbld7Y-so

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame BFE3 3 KB
1 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 20:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 20:16:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame BFE3 17 KB
7 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:21:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BFE3 0
0 49ms
47ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrM676Nvv4Cy46KvMEtiQYR9tVXIA1wbyzjVybabEw13UnT-Jc7Wb9wZ_VaBiIAhtDPWj459FrcaKwQXoXpDv4Dw6ECQ
Requested by: Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFE3 152 KB
46 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:28:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A4D 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2DmwOI1YY_2HDbW89u8P-cixkAgAAAAAOAHgBAI&bg=!4OOl46fNAAaaxvStusY7ACkAdvg8WhnIyzCj4Z2Yr_E_Kcce2IzmG3bgjIG4YVaPsWZudOjpGf3zTwIAAADHUgAAAANoAQcKADpvN012TDoDCak868KZrDvcq3kBmKO4drv2avVJ6ujGMMBQjQ7VgduQaNMD90DQNImCLrEi43k_z4-qmQLnQ_Gd7E2lbI48hICGmhSEDtfHC73ngqxsDr24dee9A_WSRlVmI-OLZp5pF2c2BCLZZEzej2zMEr06rgkx65TburRJ9M-fBpTZfDhf24JMcPExlQN0zVkTTQ7909yxeE4PDxQL4iGNaAQhuXXsX06x1RXB_pAGj_D5IBSO0WqkVRAjnxVcYrHv1WQJN_x4zErovpZZEUwlB3UJjW58qkoHfeW1NKr8tsg8stG9fluO4c2wPFZocl55Ush4XsrHPZ0cvqMpb6Kb_P3jHLjICpYp4sXly1OsLasqy6rt-o6yK9lsgPw4kZWOJUwKcvSG4bJpq8NhW6POjIQU6W5jptykRQ2qd7AljPZXCG9GdMCBb4MYBI9zQAyHsv0iFP_k9c7_kJWcSTG83aJQXn7OToy5y4IHldkX07iLrgcfWdRR44xBZGwL0xAu4_0vwd-OBXJLDl_pO6PWKVeOYTNvfjHeEgV6IADZK12uVQ2dWFUqIZcIqFTa6661P6FIxxLYkvvVkTck2uXY0cwmLIYY-qlp2aJDK-tU8NEnydzUP_ItX7SD5KJyEPHtTw9-2FzbG007grxbM5NZgRD1wsHnDL_F0d45__ceNu_8USVYD3_dnRS4RAd8IH4AoJbf1l0m3sjLKsftqmBUsxz6YkeTWGDyIqT9qRPqnDCz8IQuGUE0ZduwRaj17c42D_AqaoMepzYHV0Uf_8Uwxn5YzwT6eqc5r0F5Q06n-0IJnwP-iEkM8rn44mw5JEEDcYddfRZrxb_69rD3HHii-_SQrqDUWoqieRg1Z8AXQMHE5ZkIQSY_HYCInc5n84p-qPQB6DfS2HkFHAvDURPCZJz8LjsgP999r4fbTeoiOnFbvlhtrsK_L6IdVhDqV2CVfn5HNtT6up6vgigTUbJD1MG8WJ_BzjVq4-RNpok_74dbR-tv0b8HY1uC5a5-bSNv9i92jF6IRC10FmJeK-UTZqkYhdleWwJCGelKDjsapmI

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 8F70 694 B
681 B 259ms
50ms Script
text/javascript 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=108&ttfrms=27&brid=3&brver=106.0.5249.119&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DHA8I7%40Iag%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DHA8I7%40Iag%5D4%40%3ETar9EEADTbpTauTauHHH%5DHA8I7%40Iag%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=10&ddur=179&uid=1666747705123253&jsCallback=dvCallback_1666747705123979&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.wpgxfox28.com%2F&fwc=0&fcl=461&flt=31&fec=1129&fcifrms=7&brh=2&sdf=2&dvp_epl=154&noc=4&nav_pltfrm=Win32&ctx=19955922&cmp=DV451308&btreg=6084843041138401092306&btadsrv=6084843041138401092306&adsrv=104&unit=728x90&seltag=1&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138401092306&splc=/43459271/loc-desktop/wpgx/web/homepage&adu=21957163323&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=22961045001.92097&dvp_tukv=159668058.91653097&dvp_uuid=413150854.81236756&dvp_tuid=924253145321
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: d763b8b9af61e7b395e36132461f3cfdbeaf7d83940df5f59a657f21dfe28fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:28:25 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 10/25/2022 01:28:25

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 8C2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEByJd8XgGpXfi10JRBmAgzQ&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEByJd8XgGpXfi10JRBmAgzQ&google_cver=1&__user_check__=1&sync_id=7c93a60b-54cd-11ed-bf00-19bfd3920306

43 B
548 B

44ms
43ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEByJd8XgGpXfi10JRBmAgzQ&google_cver=1&__user_check__=1&sync_id=7c93a60b-54cd-11ed-bf00-19bfd3920306
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXmGRCTqoQCGJa1jNcBMAE&v=APEucNWdFvQbELQeagSaH66wwTmFO-WgQtTqFuloc4SonoTbJFXJejviE0amKjTionVBVJnROV8WxAtfkqFteW6PQ-6f-ULmccvTAbdQ5D5S56cggeTn7IJb_bGNqCqCwdZgf2AVo3xbvoHrO_oeqExRPdfct6lOFQQ7tanD01396NUFp6jjFRc
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:28:25 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 51
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 26 Oct 2022 01:28:25 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7025&uid=CAESEByJd8XgGpXfi10JRBmAgzQ&google_cver=1&__user_check__=1&sync_id=7c93a60b-54cd-11ed-bf00-19bfd3920306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 52
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C2C
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2M5M2E1YTYtNTRjZC0xMWVkLWJmMDAtMTliZmQzOTIwMzA2

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2M5M2E1YTYtNTRjZC0xMWVkLWJmMDAtMTliZmQzOTIwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXmGRCTqoQCGJa1jNcBMAE&v=APEucNWdFvQbELQeagSaH66wwTmFO-WgQtTqFuloc4SonoTbJFXJejviE0amKjTionVBVJnROV8WxAtfkqFteW6PQ-6f-ULmccvTAbdQ5D5S56cggeTn7IJb_bGNqCqCwdZgf2AVo3xbvoHrO_oeqExRPdfct6lOFQQ7tanD01396NUFp6jjFRc

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 26 Oct 2022 01:28:25 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2M5M2E1YTYtNTRjZC0xMWVkLWJmMDAtMTliZmQzOTIwMzA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 65
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C2C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1aZVowSEg1RTJ1SHVXSC4xdHdCT0tmeWhVejN4U2tIOH5B

170 B
188 B

50ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1aZVowSEg1RTJ1SHVXSC4xdHdCT0tmeWhVejN4U2tIOH5B

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1aZVowSEg1RTJ1SHVXSC4xdHdCT0tmeWhVejN4U2tIOH5B
date: Wed, 26 Oct 2022 01:28:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 6357afa5f52d7b5d4dd9fec2 Show response
c.bannerflow.net/a/ Frame 8DA0 66 KB
23 KB 158ms
72ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/6357afa5f52d7b5d4dd9fec2?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu24kR0vfbX2j1aqMxdZ0BtccsYJLBuvJUajQ2yRL9wQS6Oi68irJGD2Ualuto7mMYHB_Co0rf__kSxEj2CgFx96bFm98a3KhZfEvDYEvZqYkKJWo1vKB-axDY-E-L0Whakd3LYv5_-3HbAndTkb2FKFjI8aPVMAA19k_TZfHwNv9yXzOyRukUyKw0eQyYyun8S9Aen3J8CvB-gUvc6Ah8_stjX7zH2PeH_q54MGZscLfphmWqIUR8ihCuUZqBOL67QouzAe6qW_TJKtKFEptkG5QuFpA3TY61F_Jtev6btoNltn_cPZ2iH-KpOO8at0rBll3-SSLC2Y46PMBwgT9pjBs1hT16FWxW9F6c-8SCoMcaHCSdzZVBwvdXUcN26iy2PVWNZf8eZME20tvnfLgpGLNnH714QgjkF9mFad7jbTk40MuhN5qQ7zux144HVuZme7WF7gH7rwLpXhH6aaELGSae81173YlgggQsKTtjQ6OnDbBhjWNh-1ykJHLqWCODoyckDb0N8Cbm8Gc1GEwTbm5aS6_rzOALLCFN9vVQmpwMA1UBFF4Fx1aboYkqAqKWcw2zc4scbB1_TRfTIS1hzZvMGzYEOijMSjqzBTpgzE855RSCwCdzT8FdvP0cKnNORk5sKONml9szp_ToeQSryoOgzLTSLrdEy9esX4UpQennxYeZA2NWUGJvAWEaKL-NPQjPnlj1g3Ew5mEyx4_2v62GKxW_C4eWTHp-FKqGxib60_mfPLVyu-32KOZR05NuWaGHAJkD2pgxWiSDp5pxceSaY3edxGk35F9gSYNIy8BFrfcOhx3oMSt8I9OYwi3OU0XAKPuzIO6DpVaBz3P5bXbXshAgj3OjOu7vbFNzVy8-iGvKvOoCFmotr2J49Qpusm0uxcUyniNYwf1rISlA0N2C85oQXsdBYgcbzSzMKaPhiyszGqitCmOKpR5Tynz5rNKaJXa6WTPhFeh0sWA4lEKHmfAbmUsa2NIFxCKRwr5qNDslMrn61Jrv5NvZssDBVTTUtzvG3d8p7kje42TbyYl_oVNydjS81eE3cBDI4nRDt1MnRe6csezRyQ67SFQFgdZNt2lALmFMKbOjDCZk6htv1APm3RztU1vW0van-8Tijtxwy_8vqKjmgNBFaOHnigkg09O5BfW3gGHPOMfOue9cWTH3nn22CESbqlCdmRidoIqKF4c8C5zJCmd8yvlr-Er0nWsKX8TS_nXERdX7ohXa-BL1vYAyTsXblR08hRbLsArQxNCv3Rz0%26sai%3DAMfl-YTu1gfRpveNWPFCsrxmSk67O8mUFpfFy94UnGMUtGoQzPONv8alfTZMRGoJeBhOcQv9r1XM9zjd8v9H09vddO9i0plPjNd4mjNNcE8GDCGFgTh2e7c5dFnG9hxNGFUq_pLmWEMDNBOjoMoDIAyRUxXMOOf-H3wteNVNJov_aJ0iBB1kjS2GLKQ-z4J0Wyuhea2rMF07lqc93qik3kDmfOQjgBtnqy3u_A6TZbwNHT3YVo4%26sig%3DCg0ArKJSzBOkrvLlfQeEEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D6653327%26adurl%3Dhttps%253A%252F%252Fwww.wyndhamhotels.com%252Fde-de%253Fcid%253DDP%253A1ichz21masfns8n%2526dclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17933889851304706048/Whereveryouradventuretakesyou-WHRGerman-Deutsch-300x250-638022878363958639-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e560a0b23dc990ed9eff45afb20ffc3f6d072b3f2762fe6b122c1f2546759c97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75ff6a45fae76927-FRA
content-type: application/javascript

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame BFE3 106 KB
37 KB 114ms
37ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
Origin: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 10:24:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame BFE3 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxThYwlP3IEy-VZMJWFEMONjtaEpucEOUEWhnlXFmiNmpoYMnUg37r3YEIbdn3-enJGEJnd38XXdkYy3pKv4oK0NA4-w&cry=1&dbm_d=AKAmf-AhjE1FyfEycJ4ZLNYYST0vZHv1LD5jtWxdoqQtP6s9WQBm7WErdthTYSshGGbtA6O1aZN_M3Vi1cbLYNDyVOqvQP0uk8LwftWBx-z7TELqg8Zv-9V-5iA_xu3icthPkMdd3fDpwcd42l1j7z5LhCIbh3T4RF7bthXJMO6lG9nlhOAoWfHLSGNTCt1PZTwo7jTMHMEaLh78Eijf7d7n1RaBktkEjTH7RzCWPuoS0ZcuLdyBc2DUdBzj6OQieIeECh14_T7mmB6c3j5VSOW391xH9POXzOUvNPGlmBJqzOyFaIOaYnKvUD-p5_VnceU4StUgAmOC1JT1GfezqIiSHhXNtOCVtLOj-p73NWz8rszS-CBEALggB7WsEyRCO7lXRtNv8eLccWrl2-IY9nrpzylzOb7_GpC1dMnskLC8uJSb4m4KHNMJy5tKvs1cD3tH92L1t4a8o3jNH7SaIivsILEzFPvv8TvYlxMzMFedmib66eZwvJtQoFtxSBUFJCIVSw1RaKAcsATmkjWpmo0b8cdsaQfcVMwnW7u5XVs7ND6-L_U9yENjKZmfHYkyENnBV0WmKiU-Gu7i9uBA47OsrULC3N1AMMouBOV592eQm7sUC4zar_Ap1MW17jmB9E9LLukCkJmfHkSHtC4Rwg84XKeSq3dYtWgGp2ipfiFMz5bPzRHLNdDMqgPlc8rE7kTAjTcE7QujMW5IYHWOG1Hv3Sb8IdZMxl4KbRP-B-J75P9sw758_vg58HNJjJG_t3hDpehfA0Zkm75ARUGutFw7f9lwxXWy-BLb7qEw2Z8JoiRyY-VWuOY79VD1mXhMwYblzQELECiey-tWvJGSJqGlu4rhZ7yeO22d6TTmSzT8sXdIZhJEg-Y_4jNP7lT6zyizR7N9OA5qtpXDC6wJw9WE98ytNrXRzaVI5RuDoE1iywDRu-FFGtRGhC7F6yGwT6NJcHs81WnufLHEbH8Dy_8tPVjT_cr56w1qXlMjJcBl0mJm1M51RF5u61_2AGyukNzDBuiOVnRN2nP69lqEdgoyv1Y2pUoCbifnPdtGmSfnoFcV3zieCxPluFZOAcwk2dPRb710wF9JIzMS_xsk-JcarvyuX-GudKZHW9KxJVB7ZLS9c-6S_MDaH6HcZx9UbrfebA7XSLBAuTnO1WY1xJo96bhGyuhksMNLWaDQQ4xE2ze4MeU34OQbw-7YFHlRlOo_WznC3iR3_ebWEyxD1Dvb8DIB5VBFBqVQauOm-UjQtFIl3v_uLl_xE9Oi1dhRPGkuWypUFMc4qDD1i6cgL22ZraB7UtbMqbc8-bQCulezcQqBfhzEAQvU-Eaf_ii3yEUnoqU_KD-QFVFthKAdUrhmCHEGZjc_sm3HGI3gN5LDbbRLvte9bEbT6XeLspjb4ljud1DEu9QXNZznhmO394-ZvEuRa4O2gx-9Gya9D5Ks-DZq-W2lwqFLY7W949f85knPmlDqPP5qYJUMtJFkXMv2N6Dvbt7pdHxGTGnHZU29w-99f9xQWPKabb6jAJhGaGdUIrzRjYfPrHbuc76OZP9yC4WKlmepRg9508tJ6BbPjJHJYk7Tmmjt_8BbwiPu9AOj9p7Zzqcjv_Vqyp6vYCohTJF7bzh_YrPd8ORPcomY-nnGEe7i_lvErleS4FLiyMYwHVx7DVf_m106MwaxrjvXpuQL7XkwSKafl7YxkCG6aRDZE9zFG7_lej_fkzT73YXAG2CL3A5cIS4X2XXDl07GOYNcj0BYU4oN-bjPBqB71ZST2zcMAziKtUMjj1JI-8Inah0FLICtXfreY35euDUvy7WgaWlg9V__gV4PHYV7uRLNUpCf4UhIvLt4drRDHNJGmdCjlEMu5dzoh7RzyWOY4NSRpiunwnjKQ0rIheG8p8hlcORY5tnHpXCSvbSG1G68ETQ2nXLevzM4hoRqENOLgqHaYxycOpEKl_HMvRJeJMWfX6y11q9foWHgc-ZbxPcH0tCAgtNO6PoNbqNiGiqN_0oLHA4Id2xUbqQF8g1KT_MMeZLgp1pb50KoC4flcQe6ijE-MVZSANy8V_LgZz4oM6h2ux4p062J_5SGXS68xLkrYeJ6O6kQngudGBiqYCO7AfnRsfgR03eJj75fnh2fskf1jcl6XvuqdMeM9-R3G0zCubuAj9OC-kUjyzegGPQDbfpQnpSvfudioK5URhtfb2d89OTNV7ICpnyi2tA3Xr0BPhYCd9WhGTRyRYELsZb5heawH6GvvUQveYTDnulIYCrujLk_0sPFMCscO6Z1Un0z18DZ6MiTnWRIGNcsC0YhYfc5OzpfPEmhRBKXZwkiEcpiX2-M27F4l6JGsBNvhZIxT6T8N_j64A3qqy3Il7ZsVqzswk_WZL5rpi0p6LivKZ0njXGu7fmPyZKd9Q8oUBads3y1IwgmphPpPl-588NqpxfUlUlRPi-AmfDrOvT8WnbdzDnrHPzSWG9ip8jUtY322w8bGIEZ2KA4bKP5dOcJSECcRsV2NT4I4ASZgjehjCA2OK4jMNDCsDEBKkuEW1Ws62RYUz3E2_3n15BS04r6pRnZMSS-9rrVH-gEF_9_cymnWf-nG-8GVgprVLB50XBb9hGupjjETP4I7yCp7eM5AOoNJXMtcLIBqjFjZG3oCY7UtA4oW7gXyp7ifjBtZmtnfL438PBJB86RqfYcdEEhZzBe9WRlK2fQqm2HSDqQOkrt5YIyKqCNZLGZUWvYYCziCJFnT6aP3ZXuw-ZBnha_xnSRE54ywTipP9qFTy3b-Oea82TFGX0FAKyREG-ewWf4JJNeE8Hn87GR7KAxfrL4llRO0LkjK0l57LIbRLLDc_rouOv81cQis-Uod552qH2hQxh6cHx_yLWKNKkbEe7gOmiQbSn7gVDL6KyTNA9pY4C-pHaGu6A3K4xus5sqYiyVMRS9paOtFLtWObQYqnBE1mJnl_R1NGtueUgVViT1s4SWkjlkmPxNCL0Zhc9wx8DYU_NwV_oRY67TKkRhCZ4d3goAlEh6nUxlkFGOvcbmKZ-CiGl02tS728Wz3leo2DnCT6At9luBb1V2h9VUTrxUNw86X4DPdhorgqaZUN1o6eiOBoW7pP--hE0wKCt-UJ8I8onDccIuSdiGf0_8dIjqwRkFYz06ksnuQ9hLCyhb4r6_9ArAItNRU5dHGqD1PeStabs5UTX2UjAytle3wLVo4ySjpPaj-8Gs9U50giFmtYLvmDv_N4eHEvXpabYl8GKsIDNfNmSpgE_bkg5LvOsj1EH5Oy_Lux4kytfd67Z92iWFU0YzOMZmCy_IwxVo0PsJVspURpeZZDbmqHtAQRXwAMf2dbgxVzS3K6lSpz_FbwQHcJzx9i8a88aJnZxQIeW3imngW43vXwNiK_J0rme7u4gGMAax&cid=CAASJ-Ro-ek8DFtDfLRsMJR99aw9A3RfX2EjAngyiFf_QMvOwKLYXP3nBg&rfl=1%2Chttps%253A%252F%252Fwww.wpgxfox28.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:55:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame BFE3 30 KB
11 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 349F 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2GTZOI1YY8DKHLfkx_AP0PmgoAsAAAAAOAHgBAI&bg=!zs2lzYnNAAaaxvStusY7ACkAdvg8WrTIp4d9oTpbD3JE0jzF7GSxIJthcRi2bksgkDsuSFspm3jjKgIAAADXUgAAAANoAQeZAwgYTwBES7RtWJgLTimfurZfuFXLJCCJqVJBDsLEHRrzCU3RjheMQ5vdR_QL6L6TeCacnRKcGty1Qq3_5Hollb9jSPXLujV10sxe68QnBNkcgmZDCGUGqpuxBXO06SykjcdTXav3fQWjuMYTzGqdAhdL0YTUoTloghBAN0LJNqh2HbQfJ2Z0h95mt5RkjZpEPdCFHok_GSQxEA3vMofRxwp_sBOUSuJgfyVxLSHnaFIDfa_OFRqYIimR8E9oYOJzcYlYCN9Eb0SdY5rZcj7KWjGfpcYY9Bk-KGQgiCcgse_7MyKrgVYJzR--TZ731JXdQdv4Ejm-x-SiTd7Lpgvs9sdtVnhoITcXFw8nX_PiYKyZsvEwAbCKIywITkzNkOnS85CzlkXl_D74f0UYE9bj1N3bEXo_ZnClapcuJaye-i6Oc329fW46aWLlQx4YLXukJlLh46YziWhlo-ECwA0y0-_AM7nQ7Mu8MlUMP1Fu2sSiNOk5Wfe3J_89ubGlj8Z_GCom9fPz8QZWJoOOxSOjTU_optfV2IzFla4965KTPKxMSWwcCL8yP1L4qvloiIzy6YtxN9CpVgwcG30P3_NwqMf66-Ry80tHiUK09swv6tWXb2S4vDdS05z-Tu63hEbCCw0iCvJckuDNzLq8x39v-ZyjuV4fHoY6clzlizRGO7gXdeAnMEDbtU4gJEcWJgvkuQf5cHKBQq_c0pVmHZp04A6FOCgxm1b55hhXusX52zq4yK6m9Moeu3XuzEy8JhqSrpHPzfewYUT70Cv5GawuGX-jNm0yosSxXYD46BzW22QShHcE4vhnqrunQDteU1XD-sYakzSjFKcR3tz1-t2ptfS17BCVp5DHx1k_ofrJgLUsdjTRoipwtJyhioT-OMvBEgy136uybuott2BAgm6Ic7kauGj840N1E5p9iB2EBVBxj97l6kAmpjbccDjn2HdWRmSfty-IIV_HlBhbHkttOQo8VYeY9Q5-GceNy8LYTcx3bbO7BnhTi9nmJHIX_Sj87D25jIK1d_gvCg

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BFE3 41 KB
15 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:50:32 GMT

GET
DATA 200
OK truncated
/ Frame BFE3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cc35ddb51674d592a93ebc7d1fa2e888c180d74852af90fe676190e165a6abf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 221B 22 KB
8 KB 40ms
38ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 236752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 07:42:33 GMT
expires: Mon, 23 Oct 2023 07:42:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 221B 36 KB
16 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 10:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 10:36:14 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BFE3 0
27 B 83ms
83ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEXzPlwPY07osIiBa0wxXuymAy3Ccvsyk7r1WEC9ArZ4kNVQMzV-tyDs8-C7rH1gxXmm5rwpynz9JjkxEB6IdXd96ZoZoSevQs3BUSZd5GKh1Kb1fUR_NY64MIRlcIPKAnea-BKAkVc5-5kQWX5CCNMxTvhTxGECl_YXBiFMkRKiPK9m73tWQ8_McUm6wB4JrpezhwVDeCMGhFGWX6O2ANcl4SMuBVdOUUSXfYdtxkEnpEAJqCpYDrvcBL1uIM1yG7fCnRfky-bXTwsf3tfVUT8_o8z2rDo95R6cxsK-uwdjMcV1zJ9Af4kR5yvKKRFG9mYY6YBuisSkTUIZfGNma8zuuREtH5uStqRliXia_19YN0TkMc3hcFIS8QnAJ0QuCRR5Qmp4RpD1ZsETJPM1bQyJnyegNXi-b_6yNxnvn6_IX4a2ifq3HjpJFb0ClhXKrtn1NsnjqxacHVAHDqyOVAvbzWr3MsaIYTWSEIUvBj2jzq9izf4h67Mb01yHtnOVE24PRum5lPXZNybejHer3ypwS13oxEWX1tWHRWuiizVOwSy0ZXQYNlZ1XY4IxYYgraNhO_LYpBUp7VHKfqcpDR62oRiBIfxmmL1bneAiD-xg6tKxCDmTlNafFimHwv4OrzVN1OF59cCEO3Bvtq4efp-2Zia3i5CWUawBpeFMxaXdM_EPyxvhUPb1m8Eon038AGZ4a8sPS51737npvp0krxkUNReGvgEW2uOwwQyGi4zWG9pjsYE0sv_h4Aifn3W-YvQA4AKcKzs4SSj-mT0_H81I5Pr28Da287SbnT5BI9YErhc8B92uoNLbanDNuhoIelg3fU4F6-xYtTdcFs9Al3E_sXTYyt-nFQU9X4ch3H1CZdBXXBOULPQ4-wgwKRh6JOfOH7dtDtkNCItbRkukLrI5dolsAYFoMPNBx0WvHHGvqHmtalpKU62BJPX5AYPJTMSySD3jnGbeChQsmvi_lwl4hQscugbQ_uv_wWEpMrNZZENtDZx6INidOh-IW8_Mw6ZmjutLxOlHSHPuxEmok6EgSYwc9funf7IiwDJa8OLpviiC9hECG7jW-lyEdFh7nkUexK5_uO3SdDbeHMon0RekdBlDbM9-KdMt16tWXcMcsKFdrofrhHkVbmuemHFnrrBIGA5FJqxLbt7LcThbcBhk30dZjn1o5Rwm8bmVaJmHc_Wd_KpH6TxzjU_rWHLjqq1HPJw3PhwPx7IwS8zcMFhyAm21TTvESvfi8n3F8Xlpps&sai=AMfl-YQiWMdyLntg6NYRt9dbUde4Yysn8Om7qAQ0YCIYL94ZmJLEaIqUfhox9U2zoGX32p1rQ1_Tl3iFwVMDHS9s8-PMi3K1-n6Hn3-Ex_Rg0PpWiMSOd_NN2LVvdMBYC7RRxJzQZvE63Pv4TZOe639c7vw9r83nYoPfgpcBqQJH6JlemFcMKCj9bzht22O82SWfmWCtxQrRw7rRug-jS2KuyBjUALRMKxCvC6Xj&sig=Cg0ArKJSzHS__23wh7hiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=152&cbvp=1&cisv=r20221020.27359&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 01:28:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 11187735342441117114
s0.2mdn.net/simgad/ Frame BFE3 434 B
461 B 37ms
37ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11187735342441117114

Requested by

Host: 3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
URL: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

070b6f7dc9b17c9ca102ce12102402b76f1022803dff1cbf977be872f82a3981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:10:50 GMT
x-content-type-options: nosniff
age: 37055
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 434
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 09:44:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 15:10:50 GMT

GET
H2 200 widget.5e7c39891aa8163ae299.js Show response
c.bannerflow.net/scripts/ Frame 8DA0 20 KB
8 KB 44ms
44ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.5e7c39891aa8163ae299.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6357afa5f52d7b5d4dd9fec2?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu24kR0vfbX2j1aqMxdZ0BtccsYJLBuvJUajQ2yRL9wQS6Oi68irJGD2Ualuto7mMYHB_Co0rf__kSxEj2CgFx96bFm98a3KhZfEvDYEvZqYkKJWo1vKB-axDY-E-L0Whakd3LYv5_-3HbAndTkb2FKFjI8aPVMAA19k_TZfHwNv9yXzOyRukUyKw0eQyYyun8S9Aen3J8CvB-gUvc6Ah8_stjX7zH2PeH_q54MGZscLfphmWqIUR8ihCuUZqBOL67QouzAe6qW_TJKtKFEptkG5QuFpA3TY61F_Jtev6btoNltn_cPZ2iH-KpOO8at0rBll3-SSLC2Y46PMBwgT9pjBs1hT16FWxW9F6c-8SCoMcaHCSdzZVBwvdXUcN26iy2PVWNZf8eZME20tvnfLgpGLNnH714QgjkF9mFad7jbTk40MuhN5qQ7zux144HVuZme7WF7gH7rwLpXhH6aaELGSae81173YlgggQsKTtjQ6OnDbBhjWNh-1ykJHLqWCODoyckDb0N8Cbm8Gc1GEwTbm5aS6_rzOALLCFN9vVQmpwMA1UBFF4Fx1aboYkqAqKWcw2zc4scbB1_TRfTIS1hzZvMGzYEOijMSjqzBTpgzE855RSCwCdzT8FdvP0cKnNORk5sKONml9szp_ToeQSryoOgzLTSLrdEy9esX4UpQennxYeZA2NWUGJvAWEaKL-NPQjPnlj1g3Ew5mEyx4_2v62GKxW_C4eWTHp-FKqGxib60_mfPLVyu-32KOZR05NuWaGHAJkD2pgxWiSDp5pxceSaY3edxGk35F9gSYNIy8BFrfcOhx3oMSt8I9OYwi3OU0XAKPuzIO6DpVaBz3P5bXbXshAgj3OjOu7vbFNzVy8-iGvKvOoCFmotr2J49Qpusm0uxcUyniNYwf1rISlA0N2C85oQXsdBYgcbzSzMKaPhiyszGqitCmOKpR5Tynz5rNKaJXa6WTPhFeh0sWA4lEKHmfAbmUsa2NIFxCKRwr5qNDslMrn61Jrv5NvZssDBVTTUtzvG3d8p7kje42TbyYl_oVNydjS81eE3cBDI4nRDt1MnRe6csezRyQ67SFQFgdZNt2lALmFMKbOjDCZk6htv1APm3RztU1vW0van-8Tijtxwy_8vqKjmgNBFaOHnigkg09O5BfW3gGHPOMfOue9cWTH3nn22CESbqlCdmRidoIqKF4c8C5zJCmd8yvlr-Er0nWsKX8TS_nXERdX7ohXa-BL1vYAyTsXblR08hRbLsArQxNCv3Rz0%26sai%3DAMfl-YTu1gfRpveNWPFCsrxmSk67O8mUFpfFy94UnGMUtGoQzPONv8alfTZMRGoJeBhOcQv9r1XM9zjd8v9H09vddO9i0plPjNd4mjNNcE8GDCGFgTh2e7c5dFnG9hxNGFUq_pLmWEMDNBOjoMoDIAyRUxXMOOf-H3wteNVNJov_aJ0iBB1kjS2GLKQ-z4J0Wyuhea2rMF07lqc93qik3kDmfOQjgBtnqy3u_A6TZbwNHT3YVo4%26sig%3DCg0ArKJSzBOkrvLlfQeEEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D6653327%26adurl%3Dhttps%253A%252F%252Fwww.wyndhamhotels.com%252Fde-de%253Fcid%253DDP%253A1ichz21masfns8n%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d598cb92aa54d28e5d648b5ea6e9abbdec81fe68a0001a654f5761762c64e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 2/pq2QbtVJeZ8S7i1zxKTA==
age: 132638
cf-polished: origSize=20298
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 12 Oct 2022 16:49:10 GMT
server: cloudflare
etag: W/"0x8DAAC71AFF92661"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 66c3935c-201e-0091-5ca5-e78894000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 75ff6a467b566927-FRA

GET
H2 200 document.92a62da42c.js Show response
c.bannerflow.net/accounts/wyndham/5ca76276e534b182c4576ce4/published/3263998/3626919/ Frame 8DA0 39 KB
11 KB 47ms
47ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/wyndham/5ca76276e534b182c4576ce4/published/3263998/3626919/document.92a62da42c.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6357afa5f52d7b5d4dd9fec2?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu24kR0vfbX2j1aqMxdZ0BtccsYJLBuvJUajQ2yRL9wQS6Oi68irJGD2Ualuto7mMYHB_Co0rf__kSxEj2CgFx96bFm98a3KhZfEvDYEvZqYkKJWo1vKB-axDY-E-L0Whakd3LYv5_-3HbAndTkb2FKFjI8aPVMAA19k_TZfHwNv9yXzOyRukUyKw0eQyYyun8S9Aen3J8CvB-gUvc6Ah8_stjX7zH2PeH_q54MGZscLfphmWqIUR8ihCuUZqBOL67QouzAe6qW_TJKtKFEptkG5QuFpA3TY61F_Jtev6btoNltn_cPZ2iH-KpOO8at0rBll3-SSLC2Y46PMBwgT9pjBs1hT16FWxW9F6c-8SCoMcaHCSdzZVBwvdXUcN26iy2PVWNZf8eZME20tvnfLgpGLNnH714QgjkF9mFad7jbTk40MuhN5qQ7zux144HVuZme7WF7gH7rwLpXhH6aaELGSae81173YlgggQsKTtjQ6OnDbBhjWNh-1ykJHLqWCODoyckDb0N8Cbm8Gc1GEwTbm5aS6_rzOALLCFN9vVQmpwMA1UBFF4Fx1aboYkqAqKWcw2zc4scbB1_TRfTIS1hzZvMGzYEOijMSjqzBTpgzE855RSCwCdzT8FdvP0cKnNORk5sKONml9szp_ToeQSryoOgzLTSLrdEy9esX4UpQennxYeZA2NWUGJvAWEaKL-NPQjPnlj1g3Ew5mEyx4_2v62GKxW_C4eWTHp-FKqGxib60_mfPLVyu-32KOZR05NuWaGHAJkD2pgxWiSDp5pxceSaY3edxGk35F9gSYNIy8BFrfcOhx3oMSt8I9OYwi3OU0XAKPuzIO6DpVaBz3P5bXbXshAgj3OjOu7vbFNzVy8-iGvKvOoCFmotr2J49Qpusm0uxcUyniNYwf1rISlA0N2C85oQXsdBYgcbzSzMKaPhiyszGqitCmOKpR5Tynz5rNKaJXa6WTPhFeh0sWA4lEKHmfAbmUsa2NIFxCKRwr5qNDslMrn61Jrv5NvZssDBVTTUtzvG3d8p7kje42TbyYl_oVNydjS81eE3cBDI4nRDt1MnRe6csezRyQ67SFQFgdZNt2lALmFMKbOjDCZk6htv1APm3RztU1vW0van-8Tijtxwy_8vqKjmgNBFaOHnigkg09O5BfW3gGHPOMfOue9cWTH3nn22CESbqlCdmRidoIqKF4c8C5zJCmd8yvlr-Er0nWsKX8TS_nXERdX7ohXa-BL1vYAyTsXblR08hRbLsArQxNCv3Rz0%26sai%3DAMfl-YTu1gfRpveNWPFCsrxmSk67O8mUFpfFy94UnGMUtGoQzPONv8alfTZMRGoJeBhOcQv9r1XM9zjd8v9H09vddO9i0plPjNd4mjNNcE8GDCGFgTh2e7c5dFnG9hxNGFUq_pLmWEMDNBOjoMoDIAyRUxXMOOf-H3wteNVNJov_aJ0iBB1kjS2GLKQ-z4J0Wyuhea2rMF07lqc93qik3kDmfOQjgBtnqy3u_A6TZbwNHT3YVo4%26sig%3DCg0ArKJSzBOkrvLlfQeEEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D6653327%26adurl%3Dhttps%253A%252F%252Fwww.wyndhamhotels.com%252Fde-de%253Fcid%253DDP%253A1ichz21masfns8n%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d508be1fb171ffb37b228b3c1db7619abff73786c9e2099b5113c86e7e03f236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: kqYtpCw3kjtUwCV5oZlVzg==
age: 39889
cf-polished: origSize=42697
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 25 Oct 2022 09:43:14 GMT
server: cloudflare
etag: W/"0x8DAB66D569B4DFA"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 367512ca-101e-007e-6f7d-e87d61000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 75ff6a467b576927-FRA

GET
H2 200 animated-creative.7d3532d5d831411823fd.js Show response
c.bannerflow.net/scripts/ Frame 8DA0 145 KB
50 KB 49ms
49ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.7d3532d5d831411823fd.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6357afa5f52d7b5d4dd9fec2?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu24kR0vfbX2j1aqMxdZ0BtccsYJLBuvJUajQ2yRL9wQS6Oi68irJGD2Ualuto7mMYHB_Co0rf__kSxEj2CgFx96bFm98a3KhZfEvDYEvZqYkKJWo1vKB-axDY-E-L0Whakd3LYv5_-3HbAndTkb2FKFjI8aPVMAA19k_TZfHwNv9yXzOyRukUyKw0eQyYyun8S9Aen3J8CvB-gUvc6Ah8_stjX7zH2PeH_q54MGZscLfphmWqIUR8ihCuUZqBOL67QouzAe6qW_TJKtKFEptkG5QuFpA3TY61F_Jtev6btoNltn_cPZ2iH-KpOO8at0rBll3-SSLC2Y46PMBwgT9pjBs1hT16FWxW9F6c-8SCoMcaHCSdzZVBwvdXUcN26iy2PVWNZf8eZME20tvnfLgpGLNnH714QgjkF9mFad7jbTk40MuhN5qQ7zux144HVuZme7WF7gH7rwLpXhH6aaELGSae81173YlgggQsKTtjQ6OnDbBhjWNh-1ykJHLqWCODoyckDb0N8Cbm8Gc1GEwTbm5aS6_rzOALLCFN9vVQmpwMA1UBFF4Fx1aboYkqAqKWcw2zc4scbB1_TRfTIS1hzZvMGzYEOijMSjqzBTpgzE855RSCwCdzT8FdvP0cKnNORk5sKONml9szp_ToeQSryoOgzLTSLrdEy9esX4UpQennxYeZA2NWUGJvAWEaKL-NPQjPnlj1g3Ew5mEyx4_2v62GKxW_C4eWTHp-FKqGxib60_mfPLVyu-32KOZR05NuWaGHAJkD2pgxWiSDp5pxceSaY3edxGk35F9gSYNIy8BFrfcOhx3oMSt8I9OYwi3OU0XAKPuzIO6DpVaBz3P5bXbXshAgj3OjOu7vbFNzVy8-iGvKvOoCFmotr2J49Qpusm0uxcUyniNYwf1rISlA0N2C85oQXsdBYgcbzSzMKaPhiyszGqitCmOKpR5Tynz5rNKaJXa6WTPhFeh0sWA4lEKHmfAbmUsa2NIFxCKRwr5qNDslMrn61Jrv5NvZssDBVTTUtzvG3d8p7kje42TbyYl_oVNydjS81eE3cBDI4nRDt1MnRe6csezRyQ67SFQFgdZNt2lALmFMKbOjDCZk6htv1APm3RztU1vW0van-8Tijtxwy_8vqKjmgNBFaOHnigkg09O5BfW3gGHPOMfOue9cWTH3nn22CESbqlCdmRidoIqKF4c8C5zJCmd8yvlr-Er0nWsKX8TS_nXERdX7ohXa-BL1vYAyTsXblR08hRbLsArQxNCv3Rz0%26sai%3DAMfl-YTu1gfRpveNWPFCsrxmSk67O8mUFpfFy94UnGMUtGoQzPONv8alfTZMRGoJeBhOcQv9r1XM9zjd8v9H09vddO9i0plPjNd4mjNNcE8GDCGFgTh2e7c5dFnG9hxNGFUq_pLmWEMDNBOjoMoDIAyRUxXMOOf-H3wteNVNJov_aJ0iBB1kjS2GLKQ-z4J0Wyuhea2rMF07lqc93qik3kDmfOQjgBtnqy3u_A6TZbwNHT3YVo4%26sig%3DCg0ArKJSzBOkrvLlfQeEEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D6653327%26adurl%3Dhttps%253A%252F%252Fwww.wyndhamhotels.com%252Fde-de%253Fcid%253DDP%253A1ichz21masfns8n%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36713bc6dbb8bf44ab850f0a60dd5a6e620c0e1c42457d2aac3b408c41464498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 6qcXiNw8dI7Df/JwueIIgQ==
age: 134921
cf-polished: origSize=148791
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Thu, 20 Oct 2022 08:50:20 GMT
server: cloudflare
etag: W/"0x8DAB2781EAD9551"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 78bc8f84-d01e-005e-32a0-e706c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 75ff6a467b586927-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 135ms
57ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cdbb540dc7806cba6ebfc3d850f68bdda1dbac91dfee88b19490a4e475aff40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11266
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BFE3 0
26 B 76ms
76ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEXzPlwPY07osIiBa0wxXuymAy3Ccvsyk7r1WEC9ArZ4kNVQMzV-tyDs8-C7rH1gxXmm5rwpynz9JjkxEB6IdXd96ZoZoSevQs3BUSZd5GKh1Kb1fUR_NY64MIRlcIPKAnea-BKAkVc5-5kQWX5CCNMxTvhTxGECl_YXBiFMkRKiPK9m73tWQ8_McUm6wB4JrpezhwVDeCMGhFGWX6O2ANcl4SMuBVdOUUSXfYdtxkEnpEAJqCpYDrvcBL1uIM1yG7fCnRfky-bXTwsf3tfVUT8_o8z2rDo95R6cxsK-uwdjMcV1zJ9Af4kR5yvKKRFG9mYY6YBuisSkTUIZfGNma8zuuREtH5uStqRliXia_19YN0TkMc3hcFIS8QnAJ0QuCRR5Qmp4RpD1ZsETJPM1bQyJnyegNXi-b_6yNxnvn6_IX4a2ifq3HjpJFb0ClhXKrtn1NsnjqxacHVAHDqyOVAvbzWr3MsaIYTWSEIUvBj2jzq9izf4h67Mb01yHtnOVE24PRum5lPXZNybejHer3ypwS13oxEWX1tWHRWuiizVOwSy0ZXQYNlZ1XY4IxYYgraNhO_LYpBUp7VHKfqcpDR62oRiBIfxmmL1bneAiD-xg6tKxCDmTlNafFimHwv4OrzVN1OF59cCEO3Bvtq4efp-2Zia3i5CWUawBpeFMxaXdM_EPyxvhUPb1m8Eon038AGZ4a8sPS51737npvp0krxkUNReGvgEW2uOwwQyGi4zWG9pjsYE0sv_h4Aifn3W-YvQA4AKcKzs4SSj-mT0_H81I5Pr28Da287SbnT5BI9YErhc8B92uoNLbanDNuhoIelg3fU4F6-xYtTdcFs9Al3E_sXTYyt-nFQU9X4ch3H1CZdBXXBOULPQ4-wgwKRh6JOfOH7dtDtkNCItbRkukLrI5dolsAYFoMPNBx0WvHHGvqHmtalpKU62BJPX5AYPJTMSySD3jnGbeChQsmvi_lwl4hQscugbQ_uv_wWEpMrNZZENtDZx6INidOh-IW8_Mw6ZmjutLxOlHSHPuxEmok6EgSYwc9funf7IiwDJa8OLpviiC9hECG7jW-lyEdFh7nkUexK5_uO3SdDbeHMon0RekdBlDbM9-KdMt16tWXcMcsKFdrofrhHkVbmuemHFnrrBIGA5FJqxLbt7LcThbcBhk30dZjn1o5Rwm8bmVaJmHc_Wd_KpH6TxzjU_rWHLjqq1HPJw3PhwPx7IwS8zcMFhyAm21TTvESvfi8n3F8Xlpps&sai=AMfl-YQiWMdyLntg6NYRt9dbUde4Yysn8Om7qAQ0YCIYL94ZmJLEaIqUfhox9U2zoGX32p1rQ1_Tl3iFwVMDHS9s8-PMi3K1-n6Hn3-Ex_Rg0PpWiMSOd_NN2LVvdMBYC7RRxJzQZvE63Pv4TZOe639c7vw9r83nYoPfgpcBqQJH6JlemFcMKCj9bzht22O82SWfmWCtxQrRw7rRug-jS2KuyBjUALRMKxCvC6Xj&sig=Cg0ArKJSzHS__23wh7hiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=299&vt=11&dtpt=147&dett=3&cstd=299&cisv=r20221020.27359&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Whereveryouradventuretakesyou-WHRGerman-Deutsch-728x90-638022878323086302-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html Show response
s0.2mdn.net/sadbundle/6041290610302779392/ Frame 980E 4 KB
1 KB 38ms
38ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6041290610302779392/Whereveryouradventuretakesyou-WHRGerman-Deutsch-728x90-638022878323086302-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2225c8a80005b622bb4a54869a719518a07c2363a82832258205d948063a71a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1426
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 15:10:51 GMT
expires: Wed, 25 Oct 2023 15:10:51 GMT
last-modified: Tue, 25 Oct 2022 09:44:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 221B 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-9MBOY1YY-3JBKmyx_AP4bmZwA8AAAAAOAHgBAI&bg=!bW6lbirNAAaaxvStusY7ACkAdvg8WjN5n1Gv_Lak-DsViVfHmXXHvPS_g0LKayhh7J_ax9v2F7zHRQIAAACDUgAAAANoAQeZAt9eV101ghzW2TkqRv1kX79e040uAjLnFe9A9Xs4sGg7zuuu3jVLWB09C3LqAMf2yRDC3EmfFEGMnFJLTH3W2hYh54KsaYqqccQspw87qUCTWz2QUNIrOhHB2vQ1Z3St-4r4zbDuDLV7A5hyChCOMXEr5l4KfZLwqlB78mWbFXxWXQKHJzAwuA8HlcMlR__tHY3xHrhaZClatFZ_tRdHv7zkK_sP3jYCBdGKTArwZ9B7KuDzIUN748fHi2cArgPu7rSDRbUdQygLdUALQ2Sl4_fOIdrW9IEX5nGVsPxgFzysWQmJOI_0B47X80l-w9Lh0IPRfKs6T6d31vRR3fYcTMZjNXHj3RtA4iO_gkAZrpmrIJ0g-gADZx_fgEvZF0T90Ol1dn1bUoMDYH9juU9iI_P6KgAcLqap8Qm3LTIIzbg0mgmLreuXtsz3Wbug5c7wJPo8h6TQ49RCZYct3lecu2KTrtXTii5ATd-3ch6GClf0408mNKWWI50S3rQYKsKV_I6Pve-wA1sLWjdlJ0dxauWvzfoMu8zrYWH2RHff8KmbhB84AWkb9-5mRC7YlcgFB6DKN0kTrno_De0Z3rehoaQc66Bl3f1je4ueM4a7rHeDOZ0wemKlTVrOhgj-_fyOYAefzBC0gxs6VEKHNyDO5wbhKLmnK6bJ1qDuWelxgFDU2YysNCS5a7Iw7plQjywuiDv6-aut_y0wuShZGNjZcpxIJ5VmwI6aAlKZYmPqDyhexAOS_yExbFPgjlI96mDo4iIbaJlkSK23O-nsSHQpPnWoF0QWbdLg2Hw6GqW28WOsCsLmhBxmdpPUBGC1Q14aw--jDvC8xqxMA97k3rhATBAwnfh0GG2xMtUACGYRrpPrWdhm0c1wuL9eieByJO2nqTPw2jY7If-3JFSZOsB3LfWDeujT-aTymERBi2qgxuGnhHYqLn2u9_3ONIVmYX9YszsrUBJY2k3CiH6McDshQIE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8DA0 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 5073a668-d8d6-4394-b6ef-8737699ff5c3 Show response
https://s0.2mdn.net/ Frame EA56 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/5073a668-d8d6-4394-b6ef-8737699ff5c3
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.7d3532d5d831411823fd.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 668

GET
H2 200 19479410_G.png
wpgx.images.worldnow.com/images/ 66 KB
66 KB 50ms
50ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479410_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c1ee10292e6328c4e0a9e64c0eefc31456b216fe58e7bf94ce347a3d35e8db6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 67760
cf-resized: internal=ok/h q=0 n=9 c=45 v=2022.9.6 l=67760
last-modified: Tue, 09 Jun 2020 16:42:17 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfcosGtvoE6i9NUW2HILfiRA:7abf5cdf363221b3d278ec7ee87b4195"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a47ea9dbb65-FRA

GET
H2 200 19479412_G.png
wpgx.images.worldnow.com/images/ 144 KB
145 KB 53ms
53ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479412_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bb7ee02a42c7e43c2b4bd98eb5a1f03bee61cc33da050507ee2251724670766

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 147923
cf-resized: internal=ok/h q=0 n=10 c=27 v=2022.9.7 l=147923
last-modified: Tue, 09 Jun 2020 16:42:21 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfdPuZ5iiPsQcELZibU3OTVQ:0d8c7c54f779e2c0c8f4dfdf98327c4d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a47ea9ebb65-FRA

GET
H2 200 22945412_G.png
wpgx.images.worldnow.com/images/ 91 KB
91 KB 56ms
56ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/22945412_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a34c08596a05648761e7c8ce459c1dfdb8e241d6d29a669e9db29335a8354f9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 93338
cf-resized: internal=ok/h q=0 n=19 c=35 v=2022.9.7 l=93338
last-modified: Tue, 05 Jul 2022 13:20:30 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf2AwkU4yZgVgS6-c5thNXfw:39cc48d078e3bed1c9914ca569d88e23"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a47ea9fbb65-FRA

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 8DA0 5 KB
5 KB 121ms
44ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b7b0cad6817397694e95d66%2F5ca76276e534b182c4576ce4%2F9626af95-9ebc-43f2-a701-a0b25ab65e2b.woff&t=%20.059BCDEHIJLMNPRSTUWZabcdefghiklmnorstuwyz%C3%9C%C3%A4%C3%BC
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17933889851304706048/Whereveryouradventuretakesyou-WHRGerman-Deutsch-300x250-638022878363958639-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 738ba940d2f96c4ba689b37e254626268b917aa54d11b8ca79f37e95acd31ee6

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 14:22:47 GMT
server: cloudflare
age: 39938
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=9626af95-9ebc-43f2-a701-a0b25ab65e2b-subset.woff
cf-ray: 75ff6a487e4e9188-FRA
expires: Wed, 25 Oct 2023 14:22:47 GMT

GET
H2 200 6357afa5f52d7b5d4dd9fec6 Show response
c.bannerflow.net/a/ Frame 980E 66 KB
23 KB 59ms
59ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/6357afa5f52d7b5d4dd9fec6?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv-Ppjum9S4XjoaTDZ2fjqCqwOklfMsNQJSSXewTHN4rvxOcsxVjg_RYiHUX8HydhQmF0C0R6MZrr-mAUOJ_LJFfpTCvT4V6Bkt7eT1U-ceKNvzuTRP_NOv6XteFGv-LwF8ZqsRGaR6uaDEReSpZr6egllED11BMELcSXK34z7bM3dRNuTzCoNLI_iwhf2HqQKXlZL6EXdU2EsllnIhenwDGLZF2RlD-F_iNy5BVWaGt9VAN3SAUsIbra_Y4LByY58D1mF1VwXSe-0400K08JnaTYSRNFCVBcT0CSUY39okpeaZ3VStLKeM9STAP6aMmOlS8xwQASwDHsDhVLvv2P9cqHuDlt22BDGPlh-MguLosstWSYfix7OzLy1_zNmelCYYeBIDhmT78JCK-mbxX-mx5d8-T7f7B5fItzmMKWfI2cx95pzq8M3JZG_19qgKY0GDBhT9oUVgnG9WJk154nwQGoI_m1W-OrrMw6IkxnlikzofDL3WxP4KuUmFb6SYVkso70_QmJupA3eo9iCiOK6cHpc6y_pB6TNab-0qVB4NZ1fwJkrlYkpxYe027i8n19ZhFCqJzmx4Q6Th8BxPLcCBszzIYeUmr2JwRyKNcVSXshtXCkPpgGA-NVbhS2EtJ8xg94rV3ZCoH6xgj1aLHxngJMif21eA6Oz-uTQ5HiLOLNEQ8HskBoRprm3li7bEv3U03du9WAv5fck6Mz2EOMjEwEoLUhUtYf3mhYYOVz1ouB7I6e2P_NODgahfBehGF62zXq4i1lnjRw83fG3pm4q8T_Z__Ute0x2osRXie4Z-N28pq8KglxVvNgRo3yllBKjrNm4nfT4OBPEf6LObsc6DnDLITi1KzPXGPBhF-jfKUed3pWvtTO5_9J8PPQz0YggBC221n4dzE2LmV8vM6BIXfK54nfvFc-p3eW1PKhzXrp1AgjGQid9pgJLUPXvdUfrN_e9GvZDCuu-wDc3xrGIOhDdeWKiU0JDI0n5fVqyBaGFkHPOJvgcXLsAU27Cre-W9I2zzmkuVh2fUf960XfAjurs_N6BUpCVxLh7RJZHeAsYK3GZgcmINcC7UmIZn0RV40LWlFAnM63yv1QEaylY4zpd79j3ikcwFsgWOsAJhxlYg9W_nM6HPu3LVF1IZmB6eLrEaxstiZE_R-55zKkmDA0Ue-ESsYgazwE2_Ar8NqKpVvQSx-0MOwAg7oyVi_c1bFXMRrHBvr35aK84_s6FxWyNe-5uxAJ7b%26sai%3DAMfl-YTyLQ6SYdqDmwc6RWthPIFwDbz0Qa9z_NJCyLBfmSTnHF-_CJhPzEUHqanw1qW05ZpiNjfvAeXbKituKSF-yoA1yJuwdU9exmZZtBw_QAMfQ7mgqqCk46Lehd1wSSU1k-RoMtcFD1-VbANs7ok51eJrnSB07x5lGba0gfG69ZOzi2umViZ8LdNsumH2j9fF0lt9wfMoytQJMXbIByrBGnunj6-2EqJW6KKniHoAF_CEneE%26sig%3DCg0ArKJSzCHSjyivX5ZyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D6653327%26adurl%3Dhttps%253A%252F%252Fwww.wyndhamhotels.com%252Fde-de%253Fcid%253DDP%253A1ichz21masfns8n%2526dclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6041290610302779392/Whereveryouradventuretakesyou-WHRGerman-Deutsch-728x90-638022878323086302-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b3b81f4eb117f1fdd8ed3e93786517d87c69a7964620d36e4a895932c86631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75ff6a481d7f6927-FRA
content-type: application/javascript

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:28:25 GMT

GET
H2 200 widget.5e7c39891aa8163ae299.js Show response
c.bannerflow.net/scripts/ Frame 980E 20 KB
7 KB 45ms
44ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.5e7c39891aa8163ae299.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6357afa5f52d7b5d4dd9fec6?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv-Ppjum9S4XjoaTDZ2fjqCqwOklfMsNQJSSXewTHN4rvxOcsxVjg_RYiHUX8HydhQmF0C0R6MZrr-mAUOJ_LJFfpTCvT4V6Bkt7eT1U-ceKNvzuTRP_NOv6XteFGv-LwF8ZqsRGaR6uaDEReSpZr6egllED11BMELcSXK34z7bM3dRNuTzCoNLI_iwhf2HqQKXlZL6EXdU2EsllnIhenwDGLZF2RlD-F_iNy5BVWaGt9VAN3SAUsIbra_Y4LByY58D1mF1VwXSe-0400K08JnaTYSRNFCVBcT0CSUY39okpeaZ3VStLKeM9STAP6aMmOlS8xwQASwDHsDhVLvv2P9cqHuDlt22BDGPlh-MguLosstWSYfix7OzLy1_zNmelCYYeBIDhmT78JCK-mbxX-mx5d8-T7f7B5fItzmMKWfI2cx95pzq8M3JZG_19qgKY0GDBhT9oUVgnG9WJk154nwQGoI_m1W-OrrMw6IkxnlikzofDL3WxP4KuUmFb6SYVkso70_QmJupA3eo9iCiOK6cHpc6y_pB6TNab-0qVB4NZ1fwJkrlYkpxYe027i8n19ZhFCqJzmx4Q6Th8BxPLcCBszzIYeUmr2JwRyKNcVSXshtXCkPpgGA-NVbhS2EtJ8xg94rV3ZCoH6xgj1aLHxngJMif21eA6Oz-uTQ5HiLOLNEQ8HskBoRprm3li7bEv3U03du9WAv5fck6Mz2EOMjEwEoLUhUtYf3mhYYOVz1ouB7I6e2P_NODgahfBehGF62zXq4i1lnjRw83fG3pm4q8T_Z__Ute0x2osRXie4Z-N28pq8KglxVvNgRo3yllBKjrNm4nfT4OBPEf6LObsc6DnDLITi1KzPXGPBhF-jfKUed3pWvtTO5_9J8PPQz0YggBC221n4dzE2LmV8vM6BIXfK54nfvFc-p3eW1PKhzXrp1AgjGQid9pgJLUPXvdUfrN_e9GvZDCuu-wDc3xrGIOhDdeWKiU0JDI0n5fVqyBaGFkHPOJvgcXLsAU27Cre-W9I2zzmkuVh2fUf960XfAjurs_N6BUpCVxLh7RJZHeAsYK3GZgcmINcC7UmIZn0RV40LWlFAnM63yv1QEaylY4zpd79j3ikcwFsgWOsAJhxlYg9W_nM6HPu3LVF1IZmB6eLrEaxstiZE_R-55zKkmDA0Ue-ESsYgazwE2_Ar8NqKpVvQSx-0MOwAg7oyVi_c1bFXMRrHBvr35aK84_s6FxWyNe-5uxAJ7b%26sai%3DAMfl-YTyLQ6SYdqDmwc6RWthPIFwDbz0Qa9z_NJCyLBfmSTnHF-_CJhPzEUHqanw1qW05ZpiNjfvAeXbKituKSF-yoA1yJuwdU9exmZZtBw_QAMfQ7mgqqCk46Lehd1wSSU1k-RoMtcFD1-VbANs7ok51eJrnSB07x5lGba0gfG69ZOzi2umViZ8LdNsumH2j9fF0lt9wfMoytQJMXbIByrBGnunj6-2EqJW6KKniHoAF_CEneE%26sig%3DCg0ArKJSzCHSjyivX5ZyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D6653327%26adurl%3Dhttps%253A%252F%252Fwww.wyndhamhotels.com%252Fde-de%253Fcid%253DDP%253A1ichz21masfns8n%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d598cb92aa54d28e5d648b5ea6e9abbdec81fe68a0001a654f5761762c64e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 2/pq2QbtVJeZ8S7i1zxKTA==
age: 132638
cf-polished: origSize=20298
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 12 Oct 2022 16:49:10 GMT
server: cloudflare
etag: W/"0x8DAAC71AFF92661"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 66c3935c-201e-0091-5ca5-e78894000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 75ff6a488ddc6927-FRA

GET
H2 200 document.f5573beb4d.js Show response
c.bannerflow.net/accounts/wyndham/5ca76276e534b182c4576ce4/published/3264000/3626919/ Frame 980E 42 KB
12 KB 46ms
45ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/wyndham/5ca76276e534b182c4576ce4/published/3264000/3626919/document.f5573beb4d.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6357afa5f52d7b5d4dd9fec6?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv-Ppjum9S4XjoaTDZ2fjqCqwOklfMsNQJSSXewTHN4rvxOcsxVjg_RYiHUX8HydhQmF0C0R6MZrr-mAUOJ_LJFfpTCvT4V6Bkt7eT1U-ceKNvzuTRP_NOv6XteFGv-LwF8ZqsRGaR6uaDEReSpZr6egllED11BMELcSXK34z7bM3dRNuTzCoNLI_iwhf2HqQKXlZL6EXdU2EsllnIhenwDGLZF2RlD-F_iNy5BVWaGt9VAN3SAUsIbra_Y4LByY58D1mF1VwXSe-0400K08JnaTYSRNFCVBcT0CSUY39okpeaZ3VStLKeM9STAP6aMmOlS8xwQASwDHsDhVLvv2P9cqHuDlt22BDGPlh-MguLosstWSYfix7OzLy1_zNmelCYYeBIDhmT78JCK-mbxX-mx5d8-T7f7B5fItzmMKWfI2cx95pzq8M3JZG_19qgKY0GDBhT9oUVgnG9WJk154nwQGoI_m1W-OrrMw6IkxnlikzofDL3WxP4KuUmFb6SYVkso70_QmJupA3eo9iCiOK6cHpc6y_pB6TNab-0qVB4NZ1fwJkrlYkpxYe027i8n19ZhFCqJzmx4Q6Th8BxPLcCBszzIYeUmr2JwRyKNcVSXshtXCkPpgGA-NVbhS2EtJ8xg94rV3ZCoH6xgj1aLHxngJMif21eA6Oz-uTQ5HiLOLNEQ8HskBoRprm3li7bEv3U03du9WAv5fck6Mz2EOMjEwEoLUhUtYf3mhYYOVz1ouB7I6e2P_NODgahfBehGF62zXq4i1lnjRw83fG3pm4q8T_Z__Ute0x2osRXie4Z-N28pq8KglxVvNgRo3yllBKjrNm4nfT4OBPEf6LObsc6DnDLITi1KzPXGPBhF-jfKUed3pWvtTO5_9J8PPQz0YggBC221n4dzE2LmV8vM6BIXfK54nfvFc-p3eW1PKhzXrp1AgjGQid9pgJLUPXvdUfrN_e9GvZDCuu-wDc3xrGIOhDdeWKiU0JDI0n5fVqyBaGFkHPOJvgcXLsAU27Cre-W9I2zzmkuVh2fUf960XfAjurs_N6BUpCVxLh7RJZHeAsYK3GZgcmINcC7UmIZn0RV40LWlFAnM63yv1QEaylY4zpd79j3ikcwFsgWOsAJhxlYg9W_nM6HPu3LVF1IZmB6eLrEaxstiZE_R-55zKkmDA0Ue-ESsYgazwE2_Ar8NqKpVvQSx-0MOwAg7oyVi_c1bFXMRrHBvr35aK84_s6FxWyNe-5uxAJ7b%26sai%3DAMfl-YTyLQ6SYdqDmwc6RWthPIFwDbz0Qa9z_NJCyLBfmSTnHF-_CJhPzEUHqanw1qW05ZpiNjfvAeXbKituKSF-yoA1yJuwdU9exmZZtBw_QAMfQ7mgqqCk46Lehd1wSSU1k-RoMtcFD1-VbANs7ok51eJrnSB07x5lGba0gfG69ZOzi2umViZ8LdNsumH2j9fF0lt9wfMoytQJMXbIByrBGnunj6-2EqJW6KKniHoAF_CEneE%26sig%3DCg0ArKJSzCHSjyivX5ZyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D6653327%26adurl%3Dhttps%253A%252F%252Fwww.wyndhamhotels.com%252Fde-de%253Fcid%253DDP%253A1ichz21masfns8n%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a50c9cb014424b7db56e8a332f45e7abab33e748e9e1e68191200b046574f708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 9Vc7603wfhccfLgBpOFgug==
age: 39885
cf-polished: origSize=46359
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 25 Oct 2022 09:43:19 GMT
server: cloudflare
etag: W/"0x8DAB66D5958F91E"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ff4e721f-501e-006f-277d-e8e7d5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 75ff6a488ddd6927-FRA

GET
H2 200 animated-creative.7d3532d5d831411823fd.js Show response
c.bannerflow.net/scripts/ Frame 980E 145 KB
50 KB 53ms
52ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.7d3532d5d831411823fd.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6357afa5f52d7b5d4dd9fec6?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv-Ppjum9S4XjoaTDZ2fjqCqwOklfMsNQJSSXewTHN4rvxOcsxVjg_RYiHUX8HydhQmF0C0R6MZrr-mAUOJ_LJFfpTCvT4V6Bkt7eT1U-ceKNvzuTRP_NOv6XteFGv-LwF8ZqsRGaR6uaDEReSpZr6egllED11BMELcSXK34z7bM3dRNuTzCoNLI_iwhf2HqQKXlZL6EXdU2EsllnIhenwDGLZF2RlD-F_iNy5BVWaGt9VAN3SAUsIbra_Y4LByY58D1mF1VwXSe-0400K08JnaTYSRNFCVBcT0CSUY39okpeaZ3VStLKeM9STAP6aMmOlS8xwQASwDHsDhVLvv2P9cqHuDlt22BDGPlh-MguLosstWSYfix7OzLy1_zNmelCYYeBIDhmT78JCK-mbxX-mx5d8-T7f7B5fItzmMKWfI2cx95pzq8M3JZG_19qgKY0GDBhT9oUVgnG9WJk154nwQGoI_m1W-OrrMw6IkxnlikzofDL3WxP4KuUmFb6SYVkso70_QmJupA3eo9iCiOK6cHpc6y_pB6TNab-0qVB4NZ1fwJkrlYkpxYe027i8n19ZhFCqJzmx4Q6Th8BxPLcCBszzIYeUmr2JwRyKNcVSXshtXCkPpgGA-NVbhS2EtJ8xg94rV3ZCoH6xgj1aLHxngJMif21eA6Oz-uTQ5HiLOLNEQ8HskBoRprm3li7bEv3U03du9WAv5fck6Mz2EOMjEwEoLUhUtYf3mhYYOVz1ouB7I6e2P_NODgahfBehGF62zXq4i1lnjRw83fG3pm4q8T_Z__Ute0x2osRXie4Z-N28pq8KglxVvNgRo3yllBKjrNm4nfT4OBPEf6LObsc6DnDLITi1KzPXGPBhF-jfKUed3pWvtTO5_9J8PPQz0YggBC221n4dzE2LmV8vM6BIXfK54nfvFc-p3eW1PKhzXrp1AgjGQid9pgJLUPXvdUfrN_e9GvZDCuu-wDc3xrGIOhDdeWKiU0JDI0n5fVqyBaGFkHPOJvgcXLsAU27Cre-W9I2zzmkuVh2fUf960XfAjurs_N6BUpCVxLh7RJZHeAsYK3GZgcmINcC7UmIZn0RV40LWlFAnM63yv1QEaylY4zpd79j3ikcwFsgWOsAJhxlYg9W_nM6HPu3LVF1IZmB6eLrEaxstiZE_R-55zKkmDA0Ue-ESsYgazwE2_Ar8NqKpVvQSx-0MOwAg7oyVi_c1bFXMRrHBvr35aK84_s6FxWyNe-5uxAJ7b%26sai%3DAMfl-YTyLQ6SYdqDmwc6RWthPIFwDbz0Qa9z_NJCyLBfmSTnHF-_CJhPzEUHqanw1qW05ZpiNjfvAeXbKituKSF-yoA1yJuwdU9exmZZtBw_QAMfQ7mgqqCk46Lehd1wSSU1k-RoMtcFD1-VbANs7ok51eJrnSB07x5lGba0gfG69ZOzi2umViZ8LdNsumH2j9fF0lt9wfMoytQJMXbIByrBGnunj6-2EqJW6KKniHoAF_CEneE%26sig%3DCg0ArKJSzCHSjyivX5ZyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D6653327%26adurl%3Dhttps%253A%252F%252Fwww.wyndhamhotels.com%252Fde-de%253Fcid%253DDP%253A1ichz21masfns8n%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36713bc6dbb8bf44ab850f0a60dd5a6e620c0e1c42457d2aac3b408c41464498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 6qcXiNw8dI7Df/JwueIIgQ==
age: 134921
cf-polished: origSize=148791
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Thu, 20 Oct 2022 08:50:20 GMT
server: cloudflare
etag: W/"0x8DAB2781EAD9551"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 78bc8f84-d01e-005e-32a0-e706c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 75ff6a488dde6927-FRA

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4976 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 22:34:24 GMT
expires: Wed, 25 Oct 2023 22:34:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3FCE 783 B
536 B 54ms
53ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6862e49e74c92626fa17b0d77b7e4f87d0d06f9fd634aa75eb34738e6c5c21d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4W_6KXJseOuVy1aJ19RQkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-4W_6KXJseOuVy1aJ19RQkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:28:25 GMT
expires: Wed, 26 Oct 2022 01:28:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 22966020_G.png
wpgx.images.worldnow.com/images/ 68 KB
68 KB 60ms
59ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/22966020_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32650a9b093f28dc490abf5176328505a04ee788c754f3a1b9a73d66fcfe8a8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 69455
cf-resized: internal=ok/h q=0 n=14 c=25 v=2022.9.7 l=69455
last-modified: Fri, 08 Jul 2022 15:50:38 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfG0HvZ5ZIqxyXK5uGSL1asg:ece14f95fdd13fa1b7576bd968937f7f"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a48ac06bb65-FRA

GET
H2 200 23010093_G.png
wpgx.images.worldnow.com/images/ 136 KB
136 KB 51ms
51ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/23010093_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c17985959910799acd222feb28e36d3a95e0c147fe60f84357fd1858258f5d9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 138785
cf-resized: internal=ok/h q=0 n=14 c=28 v=2022.8.4 l=138785
last-modified: Mon, 18 Jul 2022 15:01:52 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfpwFQXbVrUGiq_aIskkweFA:77b69c44ed8ff649c29adf498775d93e"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a48ac08bb65-FRA

GET
H2 200 23424443_G.png
wpgx.images.worldnow.com/images/ 95 KB
95 KB 57ms
56ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/23424443_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc292134380271405ccac0796b2499577265795b812f138812b66c90d7d843a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 97198
cf-resized: internal=ok/h q=0 n=21 c=43 v=2022.9.7 l=97198
last-modified: Fri, 30 Sep 2022 13:00:33 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfEssTN45z398XQQlR17EYiQ:1d5df1c886a6690e38d7e5c953ade88c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a48ac09bb65-FRA

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame A260 10 KB
10 KB 45ms
43ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fwyndham%2F5ca76276e534b182c4576ce4%2Fimages%2F17622ef9-c27e-4315-8b02-92430d4d3ba4.jpg&w=300&h=250&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b4d6cd5e85ea1ce05090355b4400c5e1e3dfb2e98507d0b5e8542c0f878136

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 14:23:36 GMT
api-supported-versions: 2.0
server: cloudflare
age: 39889
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 75ff6a48ee376927-FRA
content-length: 9754
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame A260 1 KB
1 KB 46ms
45ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fwyndham%2F5ca76276e534b182c4576ce4%2Fimages%2Fed6d4b8a-09ff-4fb5-8481-827b486b7231.png&w=82&h=53&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cdf00324c14696672d71ebaf1fcb420c0caf205537a1c28612f19a92bd163ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 14:18:12 GMT
api-supported-versions: 2.0
server: cloudflare
age: 40213
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 75ff6a48ee396927-FRA
content-length: 1246
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 gsap.min.js Show response
c.bannerflow.net/misc/libs/gsap/3.5.1/ Frame 3589 60 KB
25 KB 46ms
45ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/misc/libs/gsap/3.5.1/gsap.min.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.5e7c39891aa8163ae299.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: WyDhubHD6tBc1sDDhRKFJg==
age: 6332
x-ms-lease-status: unlocked
last-modified: Thu, 22 Oct 2020 09:07:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eb744e55-501e-00a4-7be5-10e480000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 75ff6a491e5b6927-FRA

GET
H2 200 TextPlugin.min.js Show response
c.bannerflow.net/misc/libs/gsap/3.5.1/ Frame 3589 10 KB
4 KB 44ms
43ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/misc/libs/gsap/3.5.1/TextPlugin.min.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.5e7c39891aa8163ae299.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3169b2726b5c785026813413eb505d88cb3b8d95f899b66153624266a9ef503

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: DOn//7fLVTPV/pYjKJokUQ==
age: 4610
x-ms-lease-status: unlocked
last-modified: Tue, 26 Apr 2022 11:12:28 GMT
server: cloudflare
etag: W/"0x8DA2775A64AD9B9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 58228d1f-a01e-0009-4a06-c4a8f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 75ff6a491e5d6927-FRA

GET
H2 200 MotionPathPlugin.min.js Show response
c.bannerflow.net/misc/libs/gsap/3.5.1/ Frame 3589 20 KB
10 KB 48ms
47ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/misc/libs/gsap/3.5.1/MotionPathPlugin.min.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.5e7c39891aa8163ae299.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 670b4574ac00792fb78909b383658833cd5c776a7f5715b9e9a5670668506db8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: QyV10aQjskvJeMWugUJ9Sg==
age: 5829
x-ms-lease-status: unlocked
last-modified: Tue, 26 Apr 2022 11:11:52 GMT
server: cloudflare
etag: W/"0x8DA277591530E37"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d45fdd8e-c01e-0030-3b61-c353e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 75ff6a491e5e6927-FRA

GET
H2 200 ScrollToPlugin.min.js Show response
c.bannerflow.net/misc/libs/gsap/3.5.1/ Frame 3589 3 KB
2 KB 48ms
48ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/misc/libs/gsap/3.5.1/ScrollToPlugin.min.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.5e7c39891aa8163ae299.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b80b934f3f4c2332dd8d77abd1354233647dfb138eec1c4f5a9c07fd69651a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: RCeckZr9ahjy1CSocLy88Q==
age: 1917
x-ms-lease-status: unlocked
last-modified: Tue, 26 Apr 2022 11:12:06 GMT
server: cloudflare
etag: W/"0x8DA277599529108"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 78428f1c-501e-008b-5f06-c4e94b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 75ff6a491e5f6927-FRA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3FCE 0
0 72ms
71ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=2034772372501708&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 4976 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 10:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 10:36:14 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 655D 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssObC71S--i-YWwYnr9TKLmPrrUfsUu6HsJWsAQlsMELsg5iqrlDvd78GSfEZHYJNwfCb5sofBdN18fzZL2vgxk4oSnfbzQKlnjcIr-kflvdUmkhJ-tLyT3ZTZLcyPBZZg5t1L6msw&sai=AMfl-YSch4qSMAa3Q3V4B24O2-ywbikFt9oS5Oe0o8pcFTdjFymE9rdQno3ZFEflJP4jInt2ik8Rj8SccgCrhc62hqC5QDgPowP9weyeAOCDBhUyXsmr2vuXAoav3YBqd6iqhA&sig=Cg0ArKJSzCz2m-9vLROdEAE&cid=CAASJ-RovCCVTWpvHoZFjTuYdQaUWKCQcjHJOE12RvyraXaZAD67H2VWcg&id=lidar2&mcvt=1002&p=876,256,966,984&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3909097108&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666747704491&rpt=298&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 8DA0 2 KB
3 KB 45ms
45ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b7b0cad6817397694e95d66%2F5ca76276e534b182c4576ce4%2F9626af95-9ebc-43f2-a701-a0b25ab65e2b.woff%3Fr%3D0.8056212241193335&t=%0A%20ADLWabcdehinorstu
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17933889851304706048/Whereveryouradventuretakesyou-WHRGerman-Deutsch-300x250-638022878363958639-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e9d99c14680ec0930378e14ef3568ed175cd6ab9abcc351abe85161f48526b8

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 14:22:48 GMT
server: cloudflare
age: 39937
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=9626af95-9ebc-43f2-a701-a0b25ab65e2b-subset.woff?r=0
cf-ray: 75ff6a497fef9188-FRA
expires: Wed, 25 Oct 2023 14:22:48 GMT

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 8DA0 0
81 B 60ms
60ms Ping
text/plain 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6357afa5f52d7b5d4dd9fec2?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu24kR0vfbX2j1aqMxdZ0BtccsYJLBuvJUajQ2yRL9wQS6Oi68irJGD2Ualuto7mMYHB_Co0rf__kSxEj2CgFx96bFm98a3KhZfEvDYEvZqYkKJWo1vKB-axDY-E-L0Whakd3LYv5_-3HbAndTkb2FKFjI8aPVMAA19k_TZfHwNv9yXzOyRukUyKw0eQyYyun8S9Aen3J8CvB-gUvc6Ah8_stjX7zH2PeH_q54MGZscLfphmWqIUR8ihCuUZqBOL67QouzAe6qW_TJKtKFEptkG5QuFpA3TY61F_Jtev6btoNltn_cPZ2iH-KpOO8at0rBll3-SSLC2Y46PMBwgT9pjBs1hT16FWxW9F6c-8SCoMcaHCSdzZVBwvdXUcN26iy2PVWNZf8eZME20tvnfLgpGLNnH714QgjkF9mFad7jbTk40MuhN5qQ7zux144HVuZme7WF7gH7rwLpXhH6aaELGSae81173YlgggQsKTtjQ6OnDbBhjWNh-1ykJHLqWCODoyckDb0N8Cbm8Gc1GEwTbm5aS6_rzOALLCFN9vVQmpwMA1UBFF4Fx1aboYkqAqKWcw2zc4scbB1_TRfTIS1hzZvMGzYEOijMSjqzBTpgzE855RSCwCdzT8FdvP0cKnNORk5sKONml9szp_ToeQSryoOgzLTSLrdEy9esX4UpQennxYeZA2NWUGJvAWEaKL-NPQjPnlj1g3Ew5mEyx4_2v62GKxW_C4eWTHp-FKqGxib60_mfPLVyu-32KOZR05NuWaGHAJkD2pgxWiSDp5pxceSaY3edxGk35F9gSYNIy8BFrfcOhx3oMSt8I9OYwi3OU0XAKPuzIO6DpVaBz3P5bXbXshAgj3OjOu7vbFNzVy8-iGvKvOoCFmotr2J49Qpusm0uxcUyniNYwf1rISlA0N2C85oQXsdBYgcbzSzMKaPhiyszGqitCmOKpR5Tynz5rNKaJXa6WTPhFeh0sWA4lEKHmfAbmUsa2NIFxCKRwr5qNDslMrn61Jrv5NvZssDBVTTUtzvG3d8p7kje42TbyYl_oVNydjS81eE3cBDI4nRDt1MnRe6csezRyQ67SFQFgdZNt2lALmFMKbOjDCZk6htv1APm3RztU1vW0van-8Tijtxwy_8vqKjmgNBFaOHnigkg09O5BfW3gGHPOMfOue9cWTH3nn22CESbqlCdmRidoIqKF4c8C5zJCmd8yvlr-Er0nWsKX8TS_nXERdX7ohXa-BL1vYAyTsXblR08hRbLsArQxNCv3Rz0%26sai%3DAMfl-YTu1gfRpveNWPFCsrxmSk67O8mUFpfFy94UnGMUtGoQzPONv8alfTZMRGoJeBhOcQv9r1XM9zjd8v9H09vddO9i0plPjNd4mjNNcE8GDCGFgTh2e7c5dFnG9hxNGFUq_pLmWEMDNBOjoMoDIAyRUxXMOOf-H3wteNVNJov_aJ0iBB1kjS2GLKQ-z4J0Wyuhea2rMF07lqc93qik3kDmfOQjgBtnqy3u_A6TZbwNHT3YVo4%26sig%3DCg0ArKJSzBOkrvLlfQeEEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D6653327%26adurl%3Dhttps%253A%252F%252Fwww.wyndhamhotels.com%252Fde-de%253Fcid%253DDP%253A1ichz21masfns8n%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75ff6a49cf116927-FRA
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
DATA 200
OK truncated
/ Frame 980E 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK b6ab8348-891d-4c31-bc27-389bfefadd5c Show response
https://s0.2mdn.net/ Frame 960D 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/b6ab8348-891d-4c31-bc27-389bfefadd5c
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.7d3532d5d831411823fd.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 668

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 980E 5 KB
5 KB 45ms
44ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b7b0cad6817397694e95d66%2F5ca76276e534b182c4576ce4%2F9626af95-9ebc-43f2-a701-a0b25ab65e2b.woff&t=%20.059BCDEHIJLMNPRSTUWZabcdefghiklmnorstuwyz%C3%9C%C3%A4%C3%BC
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6041290610302779392/Whereveryouradventuretakesyou-WHRGerman-Deutsch-728x90-638022878323086302-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 738ba940d2f96c4ba689b37e254626268b917aa54d11b8ca79f37e95acd31ee6

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 14:22:47 GMT
server: cloudflare
age: 39938
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=9626af95-9ebc-43f2-a701-a0b25ab65e2b-subset.woff
cf-ray: 75ff6a4a08a09188-FRA
expires: Wed, 25 Oct 2023 14:22:47 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4976 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?e6wxUQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame CC17 3 KB
3 KB 46ms
45ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fwyndham%2F5ca76276e534b182c4576ce4%2Fimages%2F31093acf-656b-4ce7-884f-16f38138a4c5.jpg&w=728&h=90&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2aaf631432a3c985073310d54bae12f3b6f2b6f6b872b21349e1517b12b22f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 14:23:41 GMT
api-supported-versions: 2.0
server: cloudflare
age: 39884
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 75ff6a4a7fcc6927-FRA
content-length: 2880
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame CC17 3 KB
3 KB 45ms
45ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fwyndham%2F5ca76276e534b182c4576ce4%2Fimages%2Fed6d4b8a-09ff-4fb5-8481-827b486b7231.png&w=176&h=74&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e94b9245bd85aeac3d56c187b0c96df8a6ec52a604829075c3cc880c8a633e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:25 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 14:23:41 GMT
api-supported-versions: 2.0
server: cloudflare
age: 39884
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 75ff6a4a7fcd6927-FRA
content-length: 3238
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 gsap.min.js Show response
c.bannerflow.net/misc/libs/gsap/3.5.1/ Frame 77AB 60 KB
24 KB 54ms
53ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/misc/libs/gsap/3.5.1/gsap.min.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.5e7c39891aa8163ae299.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:26 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: WyDhubHD6tBc1sDDhRKFJg==
age: 6333
x-ms-lease-status: unlocked
last-modified: Thu, 22 Oct 2020 09:07:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eb744e55-501e-00a4-7be5-10e480000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 75ff6a4a9feb6927-FRA

GET
H2 200 TextPlugin.min.js Show response
c.bannerflow.net/misc/libs/gsap/3.5.1/ Frame 77AB 10 KB
3 KB 51ms
50ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/misc/libs/gsap/3.5.1/TextPlugin.min.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.5e7c39891aa8163ae299.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3169b2726b5c785026813413eb505d88cb3b8d95f899b66153624266a9ef503

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:26 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: DOn//7fLVTPV/pYjKJokUQ==
age: 4611
x-ms-lease-status: unlocked
last-modified: Tue, 26 Apr 2022 11:12:28 GMT
server: cloudflare
etag: W/"0x8DA2775A64AD9B9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 58228d1f-a01e-0009-4a06-c4a8f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 75ff6a4a9fed6927-FRA

GET
H2 200 MotionPathPlugin.min.js Show response
c.bannerflow.net/misc/libs/gsap/3.5.1/ Frame 77AB 20 KB
9 KB 50ms
49ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/misc/libs/gsap/3.5.1/MotionPathPlugin.min.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.5e7c39891aa8163ae299.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 670b4574ac00792fb78909b383658833cd5c776a7f5715b9e9a5670668506db8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:26 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: QyV10aQjskvJeMWugUJ9Sg==
age: 5830
x-ms-lease-status: unlocked
last-modified: Tue, 26 Apr 2022 11:11:52 GMT
server: cloudflare
etag: W/"0x8DA277591530E37"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d45fdd8e-c01e-0030-3b61-c353e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 75ff6a4a9fef6927-FRA

GET
H2 200 ScrollToPlugin.min.js Show response
c.bannerflow.net/misc/libs/gsap/3.5.1/ Frame 77AB 3 KB
2 KB 53ms
52ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/misc/libs/gsap/3.5.1/ScrollToPlugin.min.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.5e7c39891aa8163ae299.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b80b934f3f4c2332dd8d77abd1354233647dfb138eec1c4f5a9c07fd69651a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:28:26 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: RCeckZr9ahjy1CSocLy88Q==
age: 1918
x-ms-lease-status: unlocked
last-modified: Tue, 26 Apr 2022 11:12:06 GMT
server: cloudflare
etag: W/"0x8DA277599529108"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 78428f1c-501e-008b-5f06-c4e94b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 75ff6a4a9ff06927-FRA

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 980E 2 KB
3 KB 43ms
43ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5b7b0cad6817397694e95d66%2F5ca76276e534b182c4576ce4%2F9626af95-9ebc-43f2-a701-a0b25ab65e2b.woff%3Fr%3D0.09890369228934537&t=%0A%20ADLWabcdehinorstu
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6041290610302779392/Whereveryouradventuretakesyou-WHRGerman-Deutsch-728x90-638022878323086302-3b4e030a-4fc7-45c9-9e5f-a4d99fe7cffc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faebcb2f011aa91a01e837c7fdcdfc07863f5ecf9f61b1a8e53ae2ecf6eac46f

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:26 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 14:23:46 GMT
server: cloudflare
age: 39880
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=9626af95-9ebc-43f2-a701-a0b25ab65e2b-subset.woff?r=0
cf-ray: 75ff6a4ae9c29188-FRA
expires: Wed, 25 Oct 2023 14:23:46 GMT

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 980E 0
33 B 63ms
63ms Ping
text/plain 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6357afa5f52d7b5d4dd9fec6?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv-Ppjum9S4XjoaTDZ2fjqCqwOklfMsNQJSSXewTHN4rvxOcsxVjg_RYiHUX8HydhQmF0C0R6MZrr-mAUOJ_LJFfpTCvT4V6Bkt7eT1U-ceKNvzuTRP_NOv6XteFGv-LwF8ZqsRGaR6uaDEReSpZr6egllED11BMELcSXK34z7bM3dRNuTzCoNLI_iwhf2HqQKXlZL6EXdU2EsllnIhenwDGLZF2RlD-F_iNy5BVWaGt9VAN3SAUsIbra_Y4LByY58D1mF1VwXSe-0400K08JnaTYSRNFCVBcT0CSUY39okpeaZ3VStLKeM9STAP6aMmOlS8xwQASwDHsDhVLvv2P9cqHuDlt22BDGPlh-MguLosstWSYfix7OzLy1_zNmelCYYeBIDhmT78JCK-mbxX-mx5d8-T7f7B5fItzmMKWfI2cx95pzq8M3JZG_19qgKY0GDBhT9oUVgnG9WJk154nwQGoI_m1W-OrrMw6IkxnlikzofDL3WxP4KuUmFb6SYVkso70_QmJupA3eo9iCiOK6cHpc6y_pB6TNab-0qVB4NZ1fwJkrlYkpxYe027i8n19ZhFCqJzmx4Q6Th8BxPLcCBszzIYeUmr2JwRyKNcVSXshtXCkPpgGA-NVbhS2EtJ8xg94rV3ZCoH6xgj1aLHxngJMif21eA6Oz-uTQ5HiLOLNEQ8HskBoRprm3li7bEv3U03du9WAv5fck6Mz2EOMjEwEoLUhUtYf3mhYYOVz1ouB7I6e2P_NODgahfBehGF62zXq4i1lnjRw83fG3pm4q8T_Z__Ute0x2osRXie4Z-N28pq8KglxVvNgRo3yllBKjrNm4nfT4OBPEf6LObsc6DnDLITi1KzPXGPBhF-jfKUed3pWvtTO5_9J8PPQz0YggBC221n4dzE2LmV8vM6BIXfK54nfvFc-p3eW1PKhzXrp1AgjGQid9pgJLUPXvdUfrN_e9GvZDCuu-wDc3xrGIOhDdeWKiU0JDI0n5fVqyBaGFkHPOJvgcXLsAU27Cre-W9I2zzmkuVh2fUf960XfAjurs_N6BUpCVxLh7RJZHeAsYK3GZgcmINcC7UmIZn0RV40LWlFAnM63yv1QEaylY4zpd79j3ikcwFsgWOsAJhxlYg9W_nM6HPu3LVF1IZmB6eLrEaxstiZE_R-55zKkmDA0Ue-ESsYgazwE2_Ar8NqKpVvQSx-0MOwAg7oyVi_c1bFXMRrHBvr35aK84_s6FxWyNe-5uxAJ7b%26sai%3DAMfl-YTyLQ6SYdqDmwc6RWthPIFwDbz0Qa9z_NJCyLBfmSTnHF-_CJhPzEUHqanw1qW05ZpiNjfvAeXbKituKSF-yoA1yJuwdU9exmZZtBw_QAMfQ7mgqqCk46Lehd1wSSU1k-RoMtcFD1-VbANs7ok51eJrnSB07x5lGba0gfG69ZOzi2umViZ8LdNsumH2j9fF0lt9wfMoytQJMXbIByrBGnunj6-2EqJW6KKniHoAF_CEneE%26sig%3DCg0ArKJSzCHSjyivX5ZyEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D6653327%26adurl%3Dhttps%253A%252F%252Fwww.wyndhamhotels.com%252Fde-de%253Fcid%253DDP%253A1ichz21masfns8n%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Oct 2022 01:28:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75ff6a4b38e96927-FRA
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 852 B
615 B 61ms
60ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32320

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ef29e5fb3704a23100a152e1f002fe74adc5836a96ede767271684a38aa034e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 299
x-dns-prefetch-control: off
content-length: 462
x-xss-protection: 1; mode=block
x-response-time: 1460ms
server: cloudflare
etag: W/"354-jRKgAuIuHYZPmYKPBKlBgSWqXPU"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff6a4ba8a39b21-FRA
expires: Wed, 26 Oct 2022 01:31:26 GMT

GET
H2 200 29_partlycloudy_night.png
ngw-static.franklyinc.com/assets/static/ 2 KB
2 KB 48ms
47ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/static/29_partlycloudy_night.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b83e17e6448f888d6fa1c118494b0d85b60e7072f64a340c46a2bb4d9ca8e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:26 GMT
cf-cache-status: HIT
x-amz-request-id: 8HVXHVHNJQCFC2CR
age: 303
content-length: 1965
x-amz-id-2: Mj5/Dt+z0rLBDv2iOA8UI1ycYJo1Au6tx8wOMFoCfFFEz/gMQ/8gZ9tRw65kX5ILvdq+afJxp0s=
last-modified: Tue, 03 Mar 2020 16:10:24 GMT
server: cloudflare
etag: "60f42bc1d3ce24349624b79db059a7e3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a4bab669bc4-FRA
expires: Wed, 26 Oct 2022 05:28:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BFE3 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSSCBz20fENVl49k2VJ4hlkySpEyFjG2ocTZfeutJJk0MIUo2lcemyEBz0wJv3QNOFr3yVbzMSqinXCMFBOcECXrWf2ocPo5IiTRaRVNNAKnxsxsz3gesGMNjkdkD33sJrc4WafsI&sai=AMfl-YSUFow0ByZwf1UQZAPcYfxIU7yF2oPrM0GkOx8pFhFVNMfcNu9HiBHXbj_4zQI8Ac7LCTKnaPyMAhc4KWLg84xkw-QO-uY3ABZI-8zie5XtQA2MX94i_MtvWih0f10UmA&sig=Cg0ArKJSzMNNQSyXAq_-EAE&cid=CAASJ-Ro-ek8DFtDfLRsMJR99aw9A3RfX2EjAngyiFf_QMvOwKLYXP3nBg&id=lidar2&mcvt=1001&p=160,436,250,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3379187505&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666747704940&rpt=292&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:28:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
73ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=2034772372501708&bg=!Dg2lDUnNAAaaxvStusY7ACkAdvg8Wld6hodtHIdnqpdo-yhaRQOz1hYTszj5GBIuW-1yRmQCYeQMZgIAAABhUgAAAARoAQcKALOe9DSLVg3uZA22QldmTtAt-tyFecbx8SIlXJYGk4lBLuPuTGk4h00B1IZBDaqHMSdUY9lGqZILyMvH1ReveBKmRQ82GwQiBsSWJlw5kCrmsHx_773BbdPS_F4DOnSFUogt38APnqnu3tN17jVC0NKGw79Xcf0CGtOV9oPE2YscTz0zZ6xhMtkqMtf64IM7DggCKyFgsGiGgXud8T5SWqq-EEg_PmQQnbm3UQDtYIUKk9yYM5kCpzWqvKE2ZLsSdQ7cDg0Xqq01ikQan79U6sgeYRHgojOZvXqWjirUXoCotoNNHcy5Hu0u2B5qq4ixhZLPaHrIJcb8xPU6ndSThUMBCtPKzUbLua7Lvf-jaZzZeqjjbD7xsGVksKBQRGk9IK6R8MXjRDqe0U2p2QYalXHtaEh7_nPnYQbJx1uJrMhh66ev_w6eNOUVCbY64E15YWv-TXK7TGV2ePxRW91siiKPNDfrkSEd8MFjiXz0U2fDMIkgtdK-SX2HH-5JDcPP6UCUYa7Q4JQtLLbVXPqp1LScQDBW4tUQTYMEfPKBX61AaocfviRVPdPSsAYqG62zD-zH2g8RKdxURU7qKXvhVIQ12144xIic0C-e5fyYTVUvsN4ShW8GxtnoZGXo98vzzD2Y1kIq_pSAAh3ZkJF-yvZB7BI3V-Ngl-Dq_lrh3C2OL8_FVizfhfM8t6upJsLBSRI9srqwVC474O0sAcoxCU9fRJlnEnMTAVUQtbMvc1wpcrY84ISYCzwde2VtvzWwlftPHWiMpqGToOp9DOhqNgO3GcEmkYqf8hc0k4gqyseEBL1_loExgHzgEqiSGERZ8U3bXp6Ma5jsOxlrjU_rSyRjWcKTF-4jhyxfyyeu_vDH0VJxK0qB9I_P2J1JsOsGDF-WzGTCYefQgl3P9rTZfyyHgtC60p-pUzIktziEl6ukHn_89yAic962vv_4SYjKGmSoRfHbaju-FMJYxZVfxLpZkvCOfMn8_-xNqwQodllKd4Ccn_KsoqQmcmmLzMPh2rDiFBUJz85u6eMt2g8FRjbF401QOhqvSKLsTXydoT9jEi20YSlPSlhbCbnsH3FfHKlyI8vfJJYVs72pyDBI1M9wfXtmRVlnhBL4t85OYuRoLFFq5j88IiMt-ssEH_U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 19479412_G.png
wpgx.images.worldnow.com/images/ 321 KB
321 KB 52ms
51ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479412_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4b73c055fd5a37e9ab84a5dd3f0e2384d04d6a299e156eacca96c7724599af2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 328440
cf-resized: internal=ok/h q=0 n=67 c=6+206 v=2022.10.4 l=328440
last-modified: Tue, 09 Jun 2020 16:42:21 GMT
cf-bgj: imgq:82,h2pri
server: cloudflare
etag: "cfFwhFQ01DS4BM3kxwHNSVQw:0d8c7c54f779e2c0c8f4dfdf98327c4d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff6a57cd25bb65-FRA

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 8F70 0
210 B 150ms
45ms Ping
text/plain 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=7d09d7d75d574dda8b578fc26f6b08e5&gdpr=&gdpr_consent=&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=260&eoid=11&msrjs=3130&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=179&tetms=6&msltms=87&vltms=260&sei=289&vetms=4&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=786824&msrcannum=4&ismms=35&isumms=35&nvr=2&isgmmims=35&isgmv4mims=35&elmtp=3&isbxdms=3036&b0=3157&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&dvp_mvpw=device-width&lftb=3157&sftb=3157&msrdp=1&naral=786432&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=34&dvp_hdnAd=0&dvp_dpr=1&ttfurm=3295&cbust=1666747708394186
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 26 Oct 2022 01:28:26 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 10/25/2022 01:28:28

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 856 B
617 B 59ms
59ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32536

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

155fde42ba9c42a28fa8f094c9f539db9ea6048d70f5a2922061ddd2939cc400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 299
x-dns-prefetch-control: off
content-length: 466
x-xss-protection: 1; mode=block
x-response-time: 1056ms
server: cloudflare
etag: W/"358-RNoaD0BPvnYEu1M7GzlykzDb09k"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff6a5e6abf9b21-FRA
expires: Wed, 26 Oct 2022 01:31:29 GMT

Verdicts & Comments Add Verdict or Comment

393 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wpgxfox28.com/	1970-01-20 16:35:07	Name: _ga_L9W7PFFC9X Value: GS1.1.1666747702.1.0.1666747702.0.0.0
.wpgxfox28.com/	1970-01-20 16:35:07	Name: _ga Value: GA1.1.1269501530.1666747703
www.wpgxfox28.com/	1970-01-20 16:35:07	Name: _lang Value: en
.wpgxfox28.com/	1970-01-20 16:35:07	Name: _ga_frankly Value: GA1.2.1269501530.1666747703
.wpgxfox28.com/	1970-01-20 07:00:34	Name: _ga_frankly_gid Value: GA1.2.1030010075.1666747703
.wpgxfox28.com/	1970-01-20 06:59:07	Name: _dc_gtm_UA-82494642-223 Value: 1
www.wpgxfox28.com/	1970-01-20 16:35:07	Name: _ga Value: GA1.1.1269501530.1666747703
www.wpgxfox28.com/	1970-01-20 07:00:34	Name: _gid Value: GA1.1.501018814.1666747703
.doubleclick.net/	1970-01-20 16:20:43	Name: IDE Value: AHWqTUkrEJXezAtVkb5Yu405lb5gMiJKjvyuHJVSRcuULcOl7QHd7XEXIVe9s-GFTTc
.casalemedia.com/	1970-01-20 09:08:43	Name: CMPS Value: 5284
.casalemedia.com/	1970-01-20 09:08:43	Name: CMPRO Value: 5284
.adnxs.com/	1970-01-20 09:08:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il^gI<sm!]tbPl1M>e)ZlrFUfJ+tGXxp)Fq=s[_'%KEIFu/+Sg`pXS`po.aaS81S*T]l3If)y3KL9D3I?+Lfvi(A
.adnxs.com/	1970-01-20 09:08:43	Name: uuid2 Value: 7471550238506061699
.casalemedia.com/	1970-01-20 15:44:43	Name: CMID Value: Y1iNOANsys8oSYl5GipXvAAA
.casalemedia.com/	1970-01-20 09:08:43	Name: CMTS Value: 1179
.doubleclick.net/	1970-01-20 06:59:08	Name: test_cookie Value: CheckForPermission
.wpgxfox28.com/	1970-01-20 16:20:43	Name: __gads Value: ID=c3dc4fd2e5d5914e-223461f356ce0032:T=1666747703:S=ALNI_MZiB_iwAHvz9NwsI7rB2GN8mek7ew
.wpgxfox28.com/	1970-01-20 16:20:43	Name: __gpi Value: UID=00000b7870c5ff3d:T=1666747703:RT=1666747703:S=ALNI_MYnGQLYOBk-nWy7M_f3lpsNYA8Raw
.yahoo.com/	1970-01-20 15:45:05	Name: A3 Value: d=AQABBDmNWGMCEHUhJPFkUohcaPB6u67MsJMFEgEBAQHeWWNiYwAAAAAA_eMAAA&S=AQAAAjiwR9Eu1Z6X3f_CT6-QcIM
.spotxchange.com/	1970-01-20 07:39:26	Name: audience Value: 7c93a5a6-54cd-11ed-bf00-19bfd3920306
.analytics.yahoo.com/	1970-01-20 15:44:43	Name: IDSYNC Value: 18yl~27xd

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wpgx.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wpgx.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 25) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://wpgx.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 26) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3c1454eefe3fc78bd94b41e60de0e266.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
c.bannerflow.net
cdn.ampproject.org
cdn.cityspark.com
cdn.doubleverify.com
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
cntsyncont.images.worldnow.com
code.jquery.com
content.worldnow.com
csp.azureedge.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ftpcontent.worldnow.com
ftpcontent6.worldnow.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
maxcdn.bootstrapcdn.com
ngw-static.franklyinc.com
p.cityspark.com
pagead2.googlesyndication.com
prsubmitpresslifestyle.images.worldnow.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
stacker.images.worldnow.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
ups.analytics.yahoo.com
us-u.openx.net
wpgx.images.worldnow.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.wpgxfox28.com
142.250.184.194
142.250.186.98
18.156.0.31
185.80.39.216
185.94.180.125
2.18.232.7
20.60.81.107
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2a
213.254.244.26
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::6812:271c
2606:4700:4400::6812:2776
2606:4700:4400::6812:27f7
2606:4700:4400::6812:2862
2606:4700:4400::ac40:939e
2606:4700::6810:d40
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c02::9b
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:6c00::210:ba19
34.98.64.218
37.252.173.215
52.160.40.218
01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7
05005b26212e41e691f2d58ec6123c168a8e7806d52644c9b24df26a38a12ecf
05eb9a8ca785b646383a080703947451c7cbcaa2364fcb711cd1acfc3838a9ca
065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
070b6f7dc9b17c9ca102ce12102402b76f1022803dff1cbf977be872f82a3981
0adda642d06c3b2804a96604c9edef761749138422b773baddb31afbe7ce4d9d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
11a3b89578189234c9cce5465f44c976ceb10d89445f10361206be80a5dcbbc6
122300354c22712f0200bdf16f73af2490bf28e23bce0b82521160c8373fd262
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
138428f0385e5f3f6483788b618f6f915b622f5a2b1b17689cbdce674d9b9238
155fde42ba9c42a28fa8f094c9f539db9ea6048d70f5a2922061ddd2939cc400
180f707c73f1687a2da87466d7497c011fceaec6bca87a884eb9077e1b63465f
195ed5974f767542dd0cf8aa95bd476000c8a9d93134084f9f36006f5691fde7
199e5795b09dda994fd37e7c1c711a4385628fceb25dfbaebc19d0d587e80040
1f7584acdcb0fd7e3be17c0558206be07649635809195eb398eb82d656521deb
2225c8a80005b622bb4a54869a719518a07c2363a82832258205d948063a71a9
2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339
24d021dba6eb9dd539de12069c42238c96535a681f9d7fc62fec5e0a10c893f8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bb7ee02a42c7e43c2b4bd98eb5a1f03bee61cc33da050507ee2251724670766
2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71
2cdbb540dc7806cba6ebfc3d850f68bdda1dbac91dfee88b19490a4e475aff40
2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f
2f85cca2535f9e30486b6d13f9a6ba587466a9c639d872dd80413b5c5bab1fdc
32650a9b093f28dc490abf5176328505a04ee788c754f3a1b9a73d66fcfe8a8c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c7bc6c64cc35226f8795cce64608dde0e4f89dfbfd66d8cdbbc1fa89eee9ef
33e94b9245bd85aeac3d56c187b0c96df8a6ec52a604829075c3cc880c8a633e
340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36713bc6dbb8bf44ab850f0a60dd5a6e620c0e1c42457d2aac3b408c41464498
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3cc35ddb51674d592a93ebc7d1fa2e888c180d74852af90fe676190e165a6abf
3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4
3ef29e5fb3704a23100a152e1f002fe74adc5836a96ede767271684a38aa034e
3f5e44145f943b844b2310c3a19092ace4c7d916fb62c3e28fd4d794906e2e2e
4156f57c3080b420ebef3ed8d5919f91359e998ee9a1aeadce9aa5f3f53a5d4b
43e6c9037363a59716a82c7ca28495fbeb7692b6fd97854774ad491dbe4f62b2
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47b4d6cd5e85ea1ce05090355b4400c5e1e3dfb2e98507d0b5e8542c0f878136
4864f6c9223feede324f8751a108b287884d9d4b114af8ab7ecf6f823afcbec3
48918968dd9a4892fb71a9f6fd0d25826f727dd379406cf755174e30cd13d81b
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1ee10292e6328c4e0a9e64c0eefc31456b216fe58e7bf94ce347a3d35e8db6
4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785
4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f69414a831e41a952e27a9caae5d6fff93aa91f79fa1cc727fb44c12c393d2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a6f9ba1d825fcb7d2c094b4af70e130befe3928107f7843a99ed637616f5a45
5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71
5c231ba82cf5db2d23f5a2be10573b98d2148444380e387e7ca13674ffce5c91
5f138d62a5d56b269b25d58da8041bd70b9765cdd99e9c2bbb6f705b2e7790f4
5f87a793d858b61ef142b90102d40ceb8268ca3c50cc1c4d9f7b93a135c97b4b
607fb035cd784740222458bcb31a47cdc7a2031cd8029d7c827d34ca92cc45c2
60b3b81f4eb117f1fdd8ed3e93786517d87c69a7964620d36e4a895932c86631
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
646f822b200d3945414f6d39a6218348f33974446ae17193bfaf2c8e1fd8bb4a
670b4574ac00792fb78909b383658833cd5c776a7f5715b9e9a5670668506db8
6862e49e74c92626fa17b0d77b7e4f87d0d06f9fd634aa75eb34738e6c5c21d1
6a644bae263fe0b6f0db2237db0dd4341f43b107e3ea4b99d1f0b1f615267cf9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc3f3a80e8e41ab016933c5070ef6e94dadc39d0f41abb1e2c0899f3cd93fab
70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2
734c0ba074ffcf4bd3e7d10f27abf07bd4ed00b8c9d2c245cf1420df1dbfbad7
738ba940d2f96c4ba689b37e254626268b917aa54d11b8ca79f37e95acd31ee6
784cf734171b1a5c9adb298caeeaf3a4f254e6811a9ee3d52489604e4c8e9222
789873a67a7546a54d84da02ff5d90b953a958287a07aa34bb501d0ac0c0545f
7c31a7b0990af81a279b26ca80b9c39f73e1ade39f7fd9117950b1d558e52e2c
7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6
7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
865d512b0631d33b932cc8a563cb738bcddab918ef1d66057bbbab948e7e33fc
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
89b38a38aee6bf48518eca26a560a3a1000771e9ce179de042a14a89d7bbdd59
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d
8b80b934f3f4c2332dd8d77abd1354233647dfb138eec1c4f5a9c07fd69651a7
8cdf00324c14696672d71ebaf1fcb420c0caf205537a1c28612f19a92bd163ee
8e9d99c14680ec0930378e14ef3568ed175cd6ab9abcc351abe85161f48526b8
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9269e1d00da11f333cedf8d2a21a22c6475e377ae0bb2f03d99b94a2e1cded2f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
98818d35d4c98fa17afc5b59d080fefa902ea8c8ca10601591eca13b65f6c2d2
9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf
9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed
9ddf568f70123e07d50cb4bb2fd5f687c105e6cb814a8914cfbdfd736ab73f12
9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a34c08596a05648761e7c8ce459c1dfdb8e241d6d29a669e9db29335a8354f9c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a
a50c9cb014424b7db56e8a332f45e7abab33e748e9e1e68191200b046574f708
a5e2a7741be63f59de3c7649731a377fe6b2f4dafa1750a924811dd45f73a54d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a899e5cc1f47a105acb478a44a08cd5553fa49af2991ef1d7019dc09c6ffbdcb
a975ed5a70fb131883fd1ec66ed577c5e07b8e2cd14bdc540d4abc7ab879019e
a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024
aa07d80aec8be3bb2ab5e5872b20e5cb3d480c890e05546c57d2d48042977d8c
aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1
ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db
ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d598cb92aa54d28e5d648b5ea6e9abbdec81fe68a0001a654f5761762c64e7
b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b8d155725fe88d694620d079e6e05f63984d946ce379b51e4479b484e3081059
b95c677f19a0451051a4c1f580f1d8fbba9f2cde9c706d252fe9cea9f5c28319
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca
bbd1f06ab933d73d6dd182a9b80fcd0962ee2878eaa5a3340b1684c07e7449ca
be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f
c17985959910799acd222feb28e36d3a95e0c147fe60f84357fd1858258f5d9b
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2c16cae7de7a79ac3a5404b76dabb5ba25708562ce7767a6113f08d17c70f74
c6ddabeb976913897ca54d1d652b79a4cfb338271bdc878f983a34c186b53304
c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26
ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167
ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cdbfc79eb2d21f053b4ddf353cc46aecb68a876785c2cc63326bd204e9f6c982
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1aa5c86352e48d6415ab98b5bfc01024bd68462615cc0793d90aba2e07533ae
d276300072ba9ba3c91c2af4c51b1035dd957da6f6545a94eaf713b67996b47f
d2aaf631432a3c985073310d54bae12f3b6f2b6f6b872b21349e1517b12b22f9
d3169b2726b5c785026813413eb505d88cb3b8d95f899b66153624266a9ef503
d508be1fb171ffb37b228b3c1db7619abff73786c9e2099b5113c86e7e03f236
d763b8b9af61e7b395e36132461f3cfdbeaf7d83940df5f59a657f21dfe28fba
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d860e91242b6b2dbc46a04b545ddbcc4a53a01d7343dcb9d011bf8853a441a7f
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
d99171489f4050fea6a4c2440c9d0337f8ae8b2bedb7116587687621d85d7261
dc292134380271405ccac0796b2499577265795b812f138812b66c90d7d843a3
df3068434ac581e45c5c916c93166ed2d95a488e7d66e06707239a37ad6f26f5
e0fb3d0760ea5f33c6a28d618ec802eaf11d3c6b298e284ba7403af714c7dd93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4b73c055fd5a37e9ab84a5dd3f0e2384d04d6a299e156eacca96c7724599af2
e560a0b23dc990ed9eff45afb20ffc3f6d072b3f2762fe6b122c1f2546759c97
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6e1b6ea43a23f536d217359781937fc558a0fa398203e835688cfd2ba334f0c
e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31
e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e49738dac457f1c0b1b906c96da239b5b2361e4318a31b401487ac1dd89077
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b83e17e6448f888d6fa1c118494b0d85b60e7072f64a340c46a2bb4d9ca8e6
f906f2a90975f9fe4abb542dd9fd4d698c6ff656c66de9626b28d07c44ab0ecd
faebcb2f011aa91a01e837c7fdcdfc07863f5ecf9f61b1a8e53ae2ecf6eac46f
fbbfef54b7356d5976be2578760874b170b4fcbed606288da533c60e173e2e2b

www.wpgxfox28.com Open in urlscan Pro 2606:4700:4400::6812:27f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

250 Requests

96 %HTTPS

73 %IPv6

28 Domains

46 Subdomains

41 IPs

5 Countries

6736 kBTransfer

17154 kBSize

21 Cookies

32 Outgoing links

Redirected requests

250 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wpgxfox28.com Open in urlscan Pro
2606:4700:4400::6812:27f7 Public Scan

Screenshot
Live screenshot

Full Image

250
Requests

96 %
HTTPS

73 %
IPv6

28
Domains

46
Subdomains

41
IPs

5
Countries

6736 kB
Transfer

17154 kB
Size

21
Cookies

250 HTTP transactions
12 data transactions