www.wdfxfox34.com Open in urlscan Pro
2606:4700:4400::6812:27f7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rgcbv.com/click?redirect=https://www.wdfxfox34.com/&dID=1666618023517&linkName=https://www.wdfxfox34.com/
Effective URL:
https://www.wdfxfox34.com/
Submission: On October 26 via api (October 26th 2022, 2:41:12 am UTC) from SG — Scanned from DE

Summary HTTP 169 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 44 IPs in 5 countries across 34 domains to perform 169 HTTP transactions. The main IP is 2606:4700:4400::6812:27f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wdfxfox34.com.
TLS certificate: Issued by Cloudflare Inc RSA CA-2 on March 2nd 2022. Valid for: a year.

This is the only time www.wdfxfox34.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.230.160.228 3.230.160.228	14618 (AMAZON-AES) (AMAZON-AES)
10	2606:4700:440... 2606:4700:4400::6812:27f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:440... 2606:4700:4400::ac40:94e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:440... 2606:4700:4400::6812:2862	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	2606:4700:440... 2606:4700:4400::6812:2776	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::ac40:939e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	52.160.40.218 52.160.40.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	20.60.81.107 20.60.81.107	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:6::17d5:a18f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	213.254.244.112 213.254.244.112	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
5	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1 2	23.203.81.208 23.203.81.208	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
2	18.169.123.253 18.169.123.253	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.110 65.9.66.110	16509 (AMAZON-02) (AMAZON-02)
2	3.9.45.93 3.9.45.93	16509 (AMAZON-02) (AMAZON-02)
169	44

1 3.230.160.228 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-160-228.compute-1.amazonaws.com

rgcbv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::6812:27f7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wdfxfox34.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::ac40:94e4 (United States)

ASN13335 (CLOUDFLARENET, US)

ngw-static.franklyinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::6812:2862 (United States)

ASN13335 (CLOUDFLARENET, US)

ftpcontent.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ftpcontent6.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:4400::6812:2776 (United States)

ASN13335 (CLOUDFLARENET, US)

wdfx.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stacker.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cntsyncont.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:939e (United States)

ASN13335 (CLOUDFLARENET, US)

content.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

citysparkstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:6::17d5:a18f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.112 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (Amsterdam, Netherlands) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.81.208 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-81-208.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.169.123.253 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-123-253.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-110.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.45.93 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-45-93.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	worldnow.com ftpcontent.worldnow.com — Cisco Umbrella Rank: 144531 ftpcontent6.worldnow.com wdfx.images.worldnow.com content.worldnow.com — Cisco Umbrella Rank: 162670 stacker.images.worldnow.com cntsyncont.images.worldnow.com	2 MB
19	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 ad.doubleclick.net — Cisco Umbrella Rank: 185	158 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147	101 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29898 ad4m.at — Cisco Umbrella Rank: 9937 assets.ad4m.at — Cisco Umbrella Rank: 38774	765 KB
12	franklyinc.com ngw-static.franklyinc.com — Cisco Umbrella Rank: 158251	1 MB
10	wdfxfox34.com www.wdfxfox34.com	144 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 482 tps.doubleverify.com — Cisco Umbrella Rank: 502 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 492292	113 KB
4	windows.net citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 28840	313 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2668 www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 22707 api.webgains.io — Cisco Umbrella Rank: 64915	31 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	120 KB
3	gstatic.com fonts.gstatic.com	75 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	129 KB
3	cityspark.com cdn.cityspark.com — Cisco Umbrella Rank: 32977 p.cityspark.com — Cisco Umbrella Rank: 22523	15 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 53183	50 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16153	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 543	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 671	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 828 s.tribalfusion.com — Cisco Umbrella Rank: 2234	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 111868 static-de.ad4mat.net — Cisco Umbrella Rank: 149616	4 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	128 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	6 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720	31 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 82942	517 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1094	576 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 777	337 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1521	351 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 13419	556 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 602	191 B
1	azureedge.net csp.azureedge.net — Cisco Umbrella Rank: 29972	61 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	29 KB
1	rgcbv.com 1 redirects rgcbv.com — Cisco Umbrella Rank: 414528	626 B
169	34

	Domain	Requested by
18	wdfx.images.worldnow.com	www.wdfxfox34.com wdfx.images.worldnow.com
16	cntsyncont.images.worldnow.com	www.wdfxfox34.com
12	ngw-static.franklyinc.com	www.wdfxfox34.com ngw-static.franklyinc.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.wdfxfox34.com
10	www.wdfxfox34.com	www.wdfxfox34.com ngw-static.franklyinc.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	www.wdfxfox34.com e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	ftpcontent.worldnow.com	www.wdfxfox34.com content.worldnow.com
5	cm.g.doubleclick.net	e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	citysparkstorage.blob.core.windows.net	www.wdfxfox34.com
4	stacker.images.worldnow.com	www.wdfxfox34.com
3	www.google.com	securepubads.g.doubleclick.net e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.wdfxfox34.com
3	www.googletagservices.com	content.worldnow.com securepubads.g.doubleclick.net e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	content.worldnow.com	wdfx.images.worldnow.com
2	api.webgains.io	analytics.webgains.io
2	track.webgains.com	as.ad4m.at
2	www.awin1.com	1 redirects as.ad4m.at
2	ad.doubleclick.net	2 redirects
2	sync.1rx.io	2 redirects
2	image6.pubmatic.com	2 redirects
2	cdn.doubleverify.com	securepubads.g.doubleclick.net www.wdfxfox34.com
2	e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	p.cityspark.com	cdn.cityspark.com
2	fonts.googleapis.com	ftpcontent.worldnow.com client
2	www.googletagmanager.com	www.wdfxfox34.com
2	cdnjs.cloudflare.com	www.wdfxfox34.com cdn.cityspark.com
2	maxcdn.bootstrapcdn.com	www.wdfxfox34.com
1	tpsc-frc.doubleverify.com	cdn.doubleverify.com
1	analytics.webgains.io	track.webgains.com
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	sync.targeting.unrulymedia.com	1 redirects
1	onetag-sys.com	1 redirects
1	rtb.openx.net	e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	pixel-sync.sitescout.com	e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
1	s.tribalfusion.com	www.wdfxfox34.com
1	a.tribalfusion.com	1 redirects
1	prod-rtb.ad4mat.net	www.wdfxfox34.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	csp.azureedge.net	cdn.cityspark.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	imasdk.googleapis.com	content.worldnow.com
1	cdn.cityspark.com	www.wdfxfox34.com
1	code.jquery.com	www.wdfxfox34.com
1	ftpcontent6.worldnow.com	www.wdfxfox34.com
1	rgcbv.com	1 redirects
169	55

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
wdfxfox34.com
portal.cityspark.com
al-ba.com
www.grittv.com
publicfiles.fcc.gov
www.aboutads.info
www.franklymedia.com

Subject Issuer	Validity	Valid
www.wdfxfox34.com Cloudflare Inc RSA CA-2	`2022-03-02` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
images.worldnow.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.cityspark.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-08` - `2023-03-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 01	`2022-08-18` - `2023-08-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.wdfxfox34.com/
Frame ID: 5BFF0C436213FACEE8B99315B1F9CF61
Requests: 115 HTTP requests in this frame

Frame: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 39370A384BF6CF82B4432B66B8D22C4C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu84v19VnbZX6i1FPVm9RV6Jf8FsRIr18dixA1ogZQYI0lVrVpmqv6KDuUAs796Cfy-P1BGl-EC7TIspjK-EPMelmBsmNczj0ONjcrAd3iWLzbtqJWoE6H8KbZ-rMqFW0hSjcyFcoERkFNYhlzWavq-TZn_PPFEcTT8mZp6GVgwd14fgy0uKWOaezG_Y2Esxx_Hbdd1vxe9gboPHLf0K1kbvioCI7jUk7Epf3l2eEPkM9OACsYkiz7SpiXj043Fd9EkBws9jFk8Yv0Yqykrx3OLpAX90Tf2xiwjZoPGqpX_82e5uS5sDjpvwu_ni_6q_7RiPBf5273RjOGrGcH__ZEXLlKGY9cx1U7viObhluxJC17z&sai=AMfl-YShaH7Qli9UcCNUlMsFjbt2ddxtY5bRjh5B-rMTu5KhFOAdKaHXiRLrzSgLaO-3ZvH_1615iL57ZQESq4R9eJvtsJhhoFWSqQexGUE_t7qMl9eo6VHftulUtJShAxqxMngq9Q&sig=Cg0ArKJSzOMeaAvzS_KlEAE&uach_m=[UACH]&adurl=
Frame ID: A1DDBDCCAF91FABEBF4E5CCF1158A8C4
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: 6D1BBE7AED547CFB485E42C3AA26B0AA
Requests: 3 HTTP requests in this frame

Frame: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 768C1226C77A23461BA48A4058214C20
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hdb65cz43x7x4gejw3h5ehhdfsnrkw92fb757b3081j0bvtjj1njn59pcxmjxg5jfymy4m7hctk0scgy3g2w6q6nz5gykssc59t52dh7d7b7m076nkd20bh3fexssgzbjgkdzv30xvr2tjypfa7heary6d3rtyp147nh55wg8a3mg1z6bca8hsp0fhha04wed1nvqg0njbwrj2mb68zyjhpvdpc4w5ajbtbmvkgd7kaj987t0gnt6kr4tdf5fe629y8avdkp45e3atm8eqc81hpvwc2j8c2tjh5m0d1n9h51qe7j166hf7yg94f16ythtgm88pg7j4p4rtm0jweksc3hcz7fp7fwdf0wwk3w3t0d8bt1hf8d6b5w1w25r8cvxpthj4rqvvtc8r710snmp7ncd0bhxcxhvkw36fxkqst4p6hx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%26client%3Dca-pub-6042373951237502%26adurl%3D
Frame ID: 325310E86AB168145CEB39FFEF9082FE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8D90F4EB84F8BC9B8638C8C4E2AB6A66
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9F904D80F5E7FCF44F591A4B62E3C9CB
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Frame ID: 9720429DD0597C97D8204A8CF04B1BD7
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 67685B4BBC42DC211ABC5DEF05BFA401
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 882CB0169445D5DC9A427B63BD0F5BA4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - WDFX 34 - WDFX - Fox34Arrow LeftArrow Right

Page URL History Show full URLs

https://rgcbv.com/click?redirect=https://www.wdfxfox34.com/&dID=1666618023517&linkName=https:/... HTTP 301
https://www.wdfxfox34.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

169
Requests

96 %
HTTPS

65 %
IPv6

34
Domains

55
Subdomains

44
IPs

5
Countries

5732 kB
Transfer

14341 kB
Size

22
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pg/FOX34WDFX/posts/?ref=page_internal

Search URL Search Domain Scan URL

URL: https://twitter.com/WDFXFox34

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar#!/details/PAW-PATROL-LIVE/10602229/2022-10-26T18
Title: Wed, Oct 26 @6:00pm SponsoredPAW Patrol Live!Donald L. Tucker Center Tallahassee, FL86.7 mi

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar#!/details/FAMU-HOMECOMING-HIGH-SCHOOL-BATTLE-OF-THE-BANDS/11032035/2022-10-28T14
Title: Fri, Oct 28 @2:00pm SponsoredFAMU Homecoming High School Battle of the BandsFAMU Jake Gaither Gym Tallahassee, FL85.7 mi

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar#!/details/THE-PANTERA-EXPERIENCE-A-TRIBUTE-TO-PANTERA/10819290/2022-10-28T20
Title: Fri, Oct 28 @8:00pm SponsoredThe Pantera Experience - A Tribute to PanteraClub LA Destin, FL84.6 mi

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar#!/details/ONLINE-WINTER-PROGRAM-REGISTRATION/10432143/2022-11-01T00
Title: Tue, Nov 01 Online Winter Program RegistrationDothan, AL

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar#!/details/BECCA-ANDREWS/10639718/2022-11-07T18
Title: Mon, Nov 07 @6:00pmBecca AndrewsWeeks, AL

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar
Title: See All Events

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/WDFX
Title: Add Your Event

Search URL Search Domain Scan URL

URL: https://al-ba.com/wp2/

Search URL Search Domain Scan URL

URL: https://www.grittv.com/

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/f7972926-7d07-3e10-1ef7-01dbf53ad69c/fbb7b2dd-6fe5-4ea2-b1c3-9e1d96dcebb8.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WDFX-TV
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.franklymedia.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rgcbv.com/click?redirect=https://www.wdfxfox34.com/&dID=1666618023517&linkName=https://www.wdfxfox34.com/ HTTP 301
https://www.wdfxfox34.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPXtViDiWILYW5qmhTQwuq4&google_cver=1&google_push=AZmPxg_vSVkQja-IZmsAtpo90EB9zs2bZxZgPAn1LfD3DJRo3crxspOxmhSzTnurl0JGYZB356hUnlxYtlgO9G5XKTq9-AA15bFJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_vSVkQja-IZmsAtpo90EB9zs2bZxZgPAn1LfD3DJRo3crxspOxmhSzTnurl0JGYZB356hUnlxYtlgO9G5XKTq9-AA15bFJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPXtViDiWILYW5qmhTQwuq4&google_cver=1&google_push=AZmPxg_vSVkQja-IZmsAtpo90EB9zs2bZxZgPAn1LfD3DJRo3crxspOxmhSzTnurl0JGYZB356hUnlxYtlgO9G5XKTq9-AA15bFJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_vSVkQja-IZmsAtpo90EB9zs2bZxZgPAn1LfD3DJRo3crxspOxmhSzTnurl0JGYZB356hUnlxYtlgO9G5XKTq9-AA15bFJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 121

https://ads.travelaudience.com/google_pixel?google_gid=CAESELgz6pD75yZ5f-szOzI5uYE&google_cver=1&google_push=AZmPxg_gqPTIp1-3Z13DCOk_PNRZdEikVF_eKI9kj_IbXY7MXZ3feE8tQiPHGPHiIbWZh-Zb4VfnUftPBxY_uq2lBDMAG9gCN5Eyxg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=P2xlxml-QK6U06Ulfq4scQ2&google_push=AZmPxg_gqPTIp1-3Z13DCOk_PNRZdEikVF_eKI9kj_IbXY7MXZ3feE8tQiPHGPHiIbWZh-Zb4VfnUftPBxY_uq2lBDMAG9gCN5Eyxg

Request Chain 123

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEATMDIO0LC0mnT_E_uCoSlY&google_cver=1&google_push=AZmPxg8HwqBDO0NR3mlUIBQkqtf_wPysfR3T3Lthz-pUvjbTtAhP_eJOUeax6KRSdYUKB2KC0a8nzu5XXbNEAkcthiLVctvvaw2WTw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEATMDIO0LC0mnT_E_uCoSlY&google_cver=1&google_push=AZmPxg8HwqBDO0NR3mlUIBQkqtf_wPysfR3T3Lthz-pUvjbTtAhP_eJOUeax6KRSdYUKB2KC0a8nzu5XXbNEAkcthiLVctvvaw2WTw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lyW95s-bR1-R7NuQvz4EZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8HwqBDO0NR3mlUIBQkqtf_wPysfR3T3Lthz-pUvjbTtAhP_eJOUeax6KRSdYUKB2KC0a8nzu5XXbNEAkcthiLVctvvaw2WTw

Request Chain 124

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDNJNy1wiVCYWmhSErHNTcw&google_cver=1&google_push=AZmPxg-QBwp7YF1SODgDWt9C9uj0DqSTFfUhzvTzpHp00F13RAtgyElxrlrB7hdJpQ50I0rIrUVgszSJIyxeCJJDG5CtJyv22GEtdw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-QBwp7YF1SODgDWt9C9uj0DqSTFfUhzvTzpHp00F13RAtgyElxrlrB7hdJpQ50I0rIrUVgszSJIyxeCJJDG5CtJyv22GEtdw

Request Chain 125

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDeUu_3CSWi3UZesegyrSR0&google_cver=1&google_push=AZmPxg-GwnXIFiDsplZoF_2U4FW55lEE-sdzWQCYUD2kbfTw-3Ba4nZ78A7TcW7n_7Vg76V3AT-_u8zAcrR5BzcNS3OmcHUxTw_Lgw HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-GwnXIFiDsplZoF_2U4FW55lEE-sdzWQCYUD2kbfTw-3Ba4nZ78A7TcW7n_7Vg76V3AT-_u8zAcrR5BzcNS3OmcHUxTw_Lgw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1666752066842 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-108779ae-d927-4660-a306-e3b709ba8fdb-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-GwnXIFiDsplZoF_2U4FW55lEE-sdzWQCYUD2kbfTw-3Ba4nZ78A7TcW7n_7Vg76V3AT-_u8zAcrR5BzcNS3OmcHUxTw_Lgw%26google_hm%3DAxCHea7ZJ0Zgowbjtwm6j9s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-GwnXIFiDsplZoF_2U4FW55lEE-sdzWQCYUD2kbfTw-3Ba4nZ78A7TcW7n_7Vg76V3AT-_u8zAcrR5BzcNS3OmcHUxTw_Lgw&google_hm=AxCHea7ZJ0Zgowbjtwm6j9s

Request Chain 138

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CP_ikqfv_PoCFQaddwoduJYB4A;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1666752067_a4807fe0-54d7-11ed-9d10-2262c713b6c4

169 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.wdfxfox34.com/
Redirect Chain

https://rgcbv.com/click?redirect=https://www.wdfxfox34.com/&dID=1666618023517&linkName=https://www.wdfxfox34.com/
https://www.wdfxfox34.com/

1 MB
131 KB

234ms
144ms

Document
text/html

2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

103c62f4ae7e10a5a3cd4a0d307d39254b73e41d63f99794076363de8aba6cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=120
cf-cache-status: HIT
cf-ray: 75ffd4af0e2bbb4a-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 02:41:03 GMT
expires: Wed, 26 Oct 2022 02:43:03 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-response-time: 105ms
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, XMLHttpRequest, x-csrf-token
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 26 Oct 2022 02:41:03 GMT
Location: https://www.wdfxfox34.com/
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.3.15
X-XSS-Protection: 1; mode=block
expires: -1
pragma: no-cache

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 61ms
24ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 20678892
cdn-cachedat: 02/17/2022 20:27:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f624089c65f12185e79925bc5a7fc42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 441a5c346e6138207e493340368ec0b9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75ffd4b04db69b5b-FRA
cdn-requestpullsuccess: True

GET
H2 200 app-880153a8c78c9ac87b50.css
ngw-static.franklyinc.com/assets/10763/ 306 KB
49 KB 100ms
32ms Stylesheet
text/css 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 572A5GENXQFR4J4N
age: 2653
etag: W/"e58a5be0290fe66e326bf427d75c83fe"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ffd4b0789f8fd4-FRA
x-amz-id-2: HrhZdW0xvFnyvhu6q1GyiCPuk15P5ZaNDq8XVFTmM5YyZMvd9hmgt3UAim6/2tkvz8w3xVwI/hw=
expires: Thu, 26 Oct 2023 02:41:04 GMT

GET
H2 200 custom-global-breaking-template.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 6 KB
2 KB 194ms
127ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/custom-global-breaking-template.css
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 13:40:44 GMT
server: cloudflare
x-amz-request-id: 4PRKD2KRDC45M7R2
etag: W/"4b357b45b8d5b6f57aefc58b78723684"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ffd4b07e6a9bfa-FRA
x-amz-id-2: XUxX7mfJIzaym+hW1DIFoiBqQ3n7kWIDW6t7YSN68jbrfYWyVpcTKACPoX2snBUwUkmvfEJD+lk=
expires: Wed, 26 Oct 2022 02:46:04 GMT

GET
H2 200 logo.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 3 KB
1 KB 196ms
129ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 19:27:28 GMT
server: cloudflare
x-amz-request-id: 6CG8YAW8Z3RGTRPH
etag: W/"498e7c8c50bbb38d5b281f7ad6edd08c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ffd4b07e6d9bfa-FRA
x-amz-id-2: ne+NamAKtiWfPNjsf0ocBPAhr0crVTmvlJ/yA8d4qa1JWj7hUglTr0SrxCUf1v3gy85KNZxpOHY=
expires: Wed, 26 Oct 2022 02:46:04 GMT

GET
H2 403 Derrick.css
ftpcontent6.worldnow.com/wrde/ 0
0 88ms
22ms Stylesheet
text/html 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 wrde_ngw.css
ftpcontent.worldnow.com/professionalservices/clients/wrde/ 5 KB
2 KB 195ms
128ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/clients/wrde/wrde_ngw.css
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Jul 2020 14:00:46 GMT
server: cloudflare
x-amz-request-id: 20GX1W25DSAXWHVW
etag: W/"8d5d25c637f71dec04c5a416682b6a1a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ffd4b07e709bfa-FRA
x-amz-id-2: TMe3azvAi0miq/k9lWxz3bydyMFHsmlQQNz3HOXpMVUAwMUE6pfy3n4yoY3fPCA/QA/MUj0qdTg=
expires: Wed, 26 Oct 2022 02:46:04 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 79ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e55"
vary: Accept-Encoding
x-hw: 1666752064.dop216.fr8.t,1666752064.cds289.fr8.hn,1666752064.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
11 KB 57ms
23ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 20687141
cdn-cachedat: 11/05/2021 16:36:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bfa40aed2fbee600eecd4f43bc8c0656
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75ffd4b04db99b5b-FRA
cdn-requestpullsuccess: True

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/ 13 KB
5 KB 57ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/iframeResizer.contentWindow.min.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1359619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4430
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-349a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ffd4b37825bb5c-FRA
expires: Mon, 16 Oct 2023 02:41:04 GMT

GET
H2 200 WNVideo.js Show response
wdfx.images.worldnow.com/interface/js/ 2 KB
1 KB 102ms
35ms Script
application/javascript 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb22a1425e3813bc31425e0c35233761a4e4609ce50812465f9c648d6f3479f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Jan 2020 11:53:35 GMT
server: cloudflare
age: 3120
x-amz-request-id: P5ACE7PXEP2VQH6Y
etag: W/"ad5fa8e94463d51b6adbef55fecaa3b6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ffd4b07d3d5b3e-FRA
x-amz-id-2: Vb3tENvEZ8kB4MfutLasqYDQbq6xrKKB9cEJUlYyGj4J0g/az+WSc7RHXaPfnKMESpMK5+gbmsQ=
expires: Wed, 26 Oct 2022 06:41:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 79ms
41ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6YXLQLNYFR

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19fbc4dd2faa74407bfca29c7e959b650114ff63916b6555c24e69de2c216a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76728
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Oct 2022 02:41:04 GMT

GET
H2 200 19303465_G.png
wdfx.images.worldnow.com/images/ 302 B
717 B 31ms
31ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19303465_G.png

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 302
cf-resized: internal=ok/h q=0 n=8 c=0+1 v=2022.10.4 l=302
last-modified: Wed, 01 Apr 2020 19:25:02 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfp7hMN4aiiSKLZeB-69yJiw:914cc4da7fcd377c33ea25b5d22256d5"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b45fe15b3e-FRA

GET
H2 200 19303466_G.png
wdfx.images.worldnow.com/images/ 440 B
627 B 30ms
29ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19303466_G.png

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05dda2cb47317201eb228289f1316b7aa3803e8441a2a1d1d0374e4d52ebe642

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 440
cf-resized: internal=ok/h q=0 n=69 c=1 v=2022.8.4 l=440
last-modified: Wed, 01 Apr 2020 19:25:25 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfw2P9D8zcXmaRwGgcm81xQg:6b506c56c835fb7d44338ddb2db1e652"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b488095b3e-FRA

GET
H2 200 19303471_G.png
wdfx.images.worldnow.com/images/ 6 KB
6 KB 30ms
30ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19303471_G.png

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7584acdcb0fd7e3be17c0558206be07649635809195eb398eb82d656521deb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5742
cf-resized: internal=ok/h q=0 n=22 c=0+14 v=2022.10.4 l=5742
last-modified: Wed, 01 Apr 2020 19:26:40 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfaiuYFiHrhkB34bDCHYYu_w:ede722c2a1893f8f3917828a7cbcd94a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b4b82d5b3e-FRA

GET
H2 200 email-decode.min.js Show response
www.wdfxfox34.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 19ms
18ms Script
application/javascript 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Oct 2022 15:26:52 GMT
server: cloudflare
etag: W/"634ec5bc-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 75ffd4b148f5bb4a-FRA
expires: Fri, 28 Oct 2022 02:41:04 GMT

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 145ms
23ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC27) /
Resource Hash: 948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
content-md5: DgH26NwpVpUJ7mY3mCxUbA==
age: 356313
x-cache: HIT
content-length: 919
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 14:25:32 GMT
server: ECAcc (amc/BC27)
etag: "0x8D7F2927FD84964+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 25fcdf5c-701e-00d7-3ea6-e5a938000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14

GET
H2 200 20038183_G.png
wdfx.images.worldnow.com/images/ 163 KB
163 KB 30ms
29ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/20038183_G.png

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f71503843ed1c9eb5a6c2cfb90eec64b87ac04228e9c064870f50135c0e3af3e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 166497
cf-resized: internal=ok/h q=0 n=39 c=27 v=2022.7.2 l=166497
last-modified: Thu, 05 Nov 2020 15:50:14 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfTp1bMqtzkV7HACkE_nRmKA:39055eba2436f8ac8bf3925c708733d5"
vary: Accept, Accept-Encoding
warning: cf-images 299 "Format 'auto' ignored"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b528885b3e-FRA

GET
H2 200 app-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 4 MB
1 MB 64ms
64ms Script
application/javascript 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
x-amz-request-id: NPNVAF57W19CE3VX
age: 2902
etag: W/"44626e575a5558bfc9f91d067b4272e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ffd4b149398fd4-FRA
x-amz-id-2: GPmy52xBLNc09P/6QbqKKS2mRr6A2rcouTt7G1KG3JA7JA1+8M/8Nc3Y75GNljI3puO9JxKi+i4=
expires: Thu, 26 Oct 2023 02:41:04 GMT

GET
H2 200 ccpa.js Show response
ftpcontent.worldnow.com/professionalservices/globalcss/ 1 KB
733 B 142ms
141ms Script
application/javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/ccpa.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 18:52:15 GMT
server: cloudflare
x-amz-request-id: 2XMHPSMXS0PP7X9N
etag: W/"0ee412381eea4aba59e8a80ef1b33cb2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 75ffd4b1bfe89bfa-FRA
x-amz-id-2: /cI1fFpx/yFAwa7eZo2eFqdFyTHRopv7GgL5MScxNaol4/DwftTB5KSwyK0anr262GLNv7jVicY=
expires: Wed, 26 Oct 2022 02:46:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 65ms
26ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ftpcontent.worldnow.com
URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ftpcontent.worldnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 01:19:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 02:41:04 GMT

GET
H2 200 off-platform.min.css
content.worldnow.com/global/css/_pub/ 89 KB
27 KB 94ms
29ms Stylesheet
text/css 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/css/_pub/off-platform.min.css?ver=7.15.0-5
Requested by: Host: wdfx.images.worldnow.com
URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM02
server: cloudflare
age: 48852
etag: "0297a4baad2d81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b22cba9b2e-FRA
content-length: 27881
expires: Wed, 26 Oct 2022 06:41:04 GMT

GET
H2 200 wdfx.config.js Show response
content.worldnow.com/global/js/_pub/ 12 KB
4 KB 543ms
478ms Script
application/x-javascript 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/wdfx.config.js?ver=7.15.0-5
Requested by: Host: wdfx.images.worldnow.com
URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba

Request headers

Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 16:12:54 GMT
wn: IISCOM01
server: cloudflare
age: 48895
etag: W/"0c7fc894caad71:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ffd4b23cbb9b2e-FRA
expires: Wed, 26 Oct 2022 06:41:04 GMT

GET
H2 200 wnaffiliateconfig.js Show response
wdfx.images.worldnow.com/interface/js/ 40 KB
7 KB 33ms
33ms Script
application/x-javascript 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wdfx.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5
Requested by: Host: wdfx.images.worldnow.com
URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6515fe299b835ae987c38bb0f26fc4ba8bd38d9d444c6a6aeb5fc4ee534277

Request headers

Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 14:33:09 GMT
server: cloudflare
age: 3119
x-amz-request-id: RJQYFSGN31BWNCVY
etag: W/"82afd4edf0f75a64b1c430daf55c6bb6"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ffd4b1ce375b3e-FRA
x-amz-id-2: CCg6wi62sMUrQg0uHWwVfsQfiw3W7UrxtK4bQt8m72jD2mt0CDmpdgLpactaSSV7UESNxa0z3nQ=
expires: Wed, 26 Oct 2022 06:41:04 GMT

GET
H2 200 off-platform.min.js Show response
content.worldnow.com/global/js/_pub/ 2 MB
474 KB 117ms
53ms Script
application/x-javascript 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Requested by: Host: wdfx.images.worldnow.com
URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b

Request headers

Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM01
server: cloudflare
age: 48787
etag: W/"0297a4baad2d81:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ffd4b23cbc9b2e-FRA
expires: Wed, 26 Oct 2022 06:41:04 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 380 KB
127 KB 87ms
24ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129663
x-xss-protection: 0
expires: Wed, 26 Oct 2022 02:41:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
53 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6f5cdf1e20839f80503a6c013c0b6734cfebdee578d9c43364d061d90c61a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53810
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:11:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 02:41:04 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 2iO5YNY.woff2
ngw-static.franklyinc.com/assets/10763/ 75 KB
76 KB 160ms
124ms Font
font/woff2 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/2iO5YNY.woff2
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Origin: https://www.wdfxfox34.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
cf-cache-status: HIT
x-amz-request-id: 0GFCR48WFNCNDY1G
content-length: 77160
x-amz-id-2: fWkOT92sAgw1219hIW7F1WwntLZBIc3DT7MISws/xUdTDTulJ3t/rqNWnvlYOd0MI0n3YkO7E3k=
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ffd4b5ec119960-FRA
expires: Thu, 26 Oct 2023 02:41:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 55ms
15ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wdfxfox34.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 122172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 58ms
19ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wdfxfox34.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:03:58 GMT
x-content-type-options: nosniff
age: 20226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 21:03:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 70ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6YXLQLNYFR&gtm=2oeao0&_p=1523510105&cid=80601208.1666752065&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666752064&sct=1&seg=0&dl=https%3A%2F%2Fwww.wdfxfox34.com%2F&dt=WDFX%20-%20Fox34&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6YXLQLNYFR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:41:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3A8MZF4.png
ngw-static.franklyinc.com/assets/10763/ 145 B
395 B 126ms
125ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3A8MZF4.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
x-amz-request-id: SMJSVR4RNS8H0Y5Z
etag: "3a5fb08143e931aded1e59fa39c3d8ca"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ffd4b5ecf88fd4-FRA
content-length: 145
x-amz-id-2: nrdiUQKjiI/m6xgi0byjhFERBUFz8hdDNT0b8VQQj7DR3ud5hupF59nW8tOmoAgFOJEpQRd0ppc=
expires: Thu, 26 Oct 2023 02:41:05 GMT

GET
H2 200 3sX1XaI.png
ngw-static.franklyinc.com/assets/10763/ 302 B
470 B 132ms
132ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3sX1XaI.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: R4JDPCZXWVXDBH2J
etag: "21eed4c20a1e748a1637cf53696520c2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ffd4b5ecf98fd4-FRA
content-length: 302
x-amz-id-2: fNVydcV3/QiFaSlRIOFLbeuH5UJk70jw/0hixrIXrwv7wj1h2GJd//44h/KA/TCcKlXlBcqD5gU=
expires: Thu, 26 Oct 2023 02:41:05 GMT

GET
H2 200 4-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 145 B
319 B 24ms
24ms Script
application/javascript 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/4-a708c222c663fd6ca8a3.js
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 50QH734K8WNYMG2S
age: 726
etag: W/"c0729cee8a75fb948963d73ab873a79b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ffd4b73dff8fd4-FRA
x-amz-id-2: 594sZ4csYZJPlSdspYN5J1jTUuLMsSqP4U4OSxLnkzYqy7Yxxc8wxRRlR4+RqZ2/tUk+FuFoFTY=
expires: Thu, 26 Oct 2023 02:41:05 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 62ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c6dce761e72309f05b20d64d404ca9798d126f01de528969d0b37f546bcd319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27344
x-xss-protection: 0
server: sffe
etag: "1374 / 714 of 1000 / last-modified: 1666747876"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Oct 2022 02:41:05 GMT

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 17 KB
7 KB 746ms
169ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9922&callback=jsonp1666752391929
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6b80524fa24b41bc3797a9acd42ec11382b48e8a62027e525264fcb3e9bc3cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 02:41:05 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 videojs.ima.1.5.1-3.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 85 KB
17 KB 133ms
133ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/videojs.ima.1.5.1-3.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: 3BQKNHY0FZPGEWC5
etag: W/"8adaa86214cf79d9c87e21aed1384592"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ffd4b7cf599bfa-FRA
x-amz-id-2: 2xmw7PNaPH+9A0Twms3LWFkTq24yfvp5jaw9Y8Pv7N4fwJWUY8hP8fQA2jpZsyudPOhjZkmw9QU=
expires: Wed, 26 Oct 2022 02:46:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 01:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5111
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 03:15:54 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[0],/ 1 KB
970 B 147ms
147ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[0],/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b2803d3980b56c1a1868f7f1374850f2b6a2f9c514c6eed8dbc8b4b0200111c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 777
x-xss-protection: 1; mode=block
x-response-time: 275ms
server: cloudflare
etag: W/"5a8-S6KcVAFZ3h6X5iV86QivH+qSexQ"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ffd4b95960bb4a-FRA
expires: Wed, 26 Oct 2022 02:44:05 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[1],/ 1 KB
876 B 151ms
150ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[1],/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b467191c78e7168dc4d9a184f2b017c326ea508f423dfa5911fa3077c7e8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 773
x-xss-protection: 1; mode=block
x-response-time: 186ms
server: cloudflare
etag: W/"5a6-/pD4990Da7DLeluEPcC4LcVoBQM"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ffd4b95964bb4a-FRA
expires: Wed, 26 Oct 2022 02:44:05 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/routes[1].body[1].cols[1].components[0],/ 57 KB
7 KB 136ms
136ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/routes[1].body[1].cols[1].components[0],/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7970a4481293947b1bb212efd465130bfa8422c56ed3a47e73cf6d54914462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 7196
x-xss-protection: 1; mode=block
x-response-time: 1145ms
server: cloudflare
etag: W/"e3c4-OaCpQEBE44/BvK3xF7aK1B51nS4"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ffd4b98997bb4a-FRA
expires: Wed, 26 Oct 2022 02:44:05 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/ 874 B
577 B 134ms
133ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12224defb844e6472916edb34677dc2f74755df440eed5711b33a0d0b40190ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 475
x-xss-protection: 1; mode=block
x-response-time: 99ms
server: cloudflare
etag: W/"36a-ay2jt4L3+BLvpmqcUXQic4yly0Q"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ffd4b999aebb4a-FRA
expires: Wed, 26 Oct 2022 02:44:05 GMT

GET
H2 200 19300323_G.jpg
wdfx.images.worldnow.com/images/ 9 KB
10 KB 33ms
31ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19300323_G.jpg?auto=webp&disable=upscale&dpr=2&height=70&fit=bounds

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bc96bdb42eea0c082bdd8871ba75cc9ce6f0c26c866ad5ff87e6de7f73b9a33

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9557
cf-resized: internal=ok/h q=0 n=14 c=2+25 v=2022.10.4 l=9557
last-modified: Tue, 31 Mar 2020 17:34:48 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfTcyAn293TiniA6BJxYglFQ:884ebd6db98184bc59eccf43f0d28cb4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b9bbe95b3e-FRA

GET
H2 200 19476095_G.png
wdfx.images.worldnow.com/images/ 547 KB
548 KB 37ms
35ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19476095_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8ca934dc5cc18f06d110f6f7a82671a6a4c4654cddb6d12e6d3b6c8aeb4b244

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 560549
cf-resized: internal=ok/h q=0 n=21 c=191 v=2022.8.1 l=560549
last-modified: Mon, 08 Jun 2020 15:04:32 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfNL-jGBIuYF9CbJKI0pFQ9g:f9eff51d0deb5b205d0daccb71009286"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b9bbea5b3e-FRA

GET
H2 200 23544118_G.jpg
stacker.images.worldnow.com/images/ 5 KB
5 KB 77ms
41ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23544118_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666638602000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 4757
cf-resized: internal=ok/m q=0 n=89 c=3+15 v=2022.10.4 l=4757
last-modified: Mon, 24 Oct 2022 23:10:03 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf0cukACYdowFpMf7eFJKr2w:cbdc4aa9bf6c123a6f765b53e3b21bf4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b9ec185b3e-FRA

GET
H2 200 23535717_G.png
stacker.images.worldnow.com/images/ 16 KB
16 KB 68ms
33ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23535717_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666366693000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16557
cf-resized: internal=ok/h q=0 n=41 c=68+86 v=2022.10.4 l=16557
last-modified: Fri, 21 Oct 2022 19:38:14 GMT
cf-bgj: imgq:93,h2pri
server: cloudflare
etag: "cfSrOfD8OJYofZplFf9qNJog:93fa08b38e1552714c8aceab6fb55489"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b9ec175b3e-FRA

GET
H2 200 23544648_G.png
cntsyncont.images.worldnow.com/images/ 17 KB
17 KB 61ms
39ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23544648_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666665299000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 17435
cf-resized: internal=ok/r q=0 n=58 c=9+37 v=2022.10.4 l=17435
last-modified: Tue, 25 Oct 2022 06:35:01 GMT
cf-bgj: imgq:95,h2pri
server: cloudflare
etag: "cfmlSA0QMXQQ-5qNtfkg2BPw:c6d3858b98ebb0ee4ac9425ba2679d78"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b9dc065b3e-FRA

GET
H2 200 23542395_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
7 KB 63ms
40ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23542395_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666607710000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6643
cf-resized: internal=ok/h q=0 n=14 c=8+33 v=2022.10.4 l=6643
last-modified: Mon, 24 Oct 2022 14:35:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfEknHVv2yFvHvZ81xMXuaHg:81c46f16217054073f3a98e771975693"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b9dc085b3e-FRA

GET
H2 200 23536586_G.jpg
cntsyncont.images.worldnow.com/images/ 5 KB
5 KB 59ms
37ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536586_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398869000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5303
cf-resized: internal=ok/h q=0 n=7 c=8+16 v=2022.10.4 l=5303
last-modified: Sat, 22 Oct 2022 04:34:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf2LFFhWyHgJ5snIxwnE3UbA:7ac48e8abecaa038cf18299156ee229f"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b9dc075b3e-FRA

GET
H2 200 23523184_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
6 KB 66ms
44ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23523184_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666222385000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5835
cf-resized: internal=ok/h q=0 n=24 c=8+14 v=2022.10.4 l=5835
last-modified: Thu, 20 Oct 2022 03:33:06 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ9BPHPHgNrAsWnWX4LWOng:b2c2c149e547d11af91a460af1bf2d50"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b9dc095b3e-FRA

GET
H2 200 19313812_G.jpg
wdfx.images.worldnow.com/images/ 14 KB
15 KB 33ms
32ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19313812_G.jpg?auto=webp&disable=upscale&width=300

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cc14d01a44646f6ba79e34ed0359b38d4a584055261f6327b052859b17927e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 14680
cf-resized: internal=ok/h q=0 n=10 c=24 v=2022.9.4 l=14680
last-modified: Mon, 06 Apr 2020 17:48:43 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfvnPtSXI6v5LbOr-SS83Eag:4e533162d09d557a69071f9f7722475c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b9bbeb5b3e-FRA

GET
H2 200 19313808_G.jpg
wdfx.images.worldnow.com/images/ 10 KB
10 KB 32ms
32ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19313808_G.jpg?auto=webp&disable=upscale&width=300

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 10183
cf-resized: internal=ok/h q=0 n=42 c=0+24 v=2022.10.4 l=10183
last-modified: Mon, 06 Apr 2020 17:47:16 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfrDd2ro2RhurCnyR-_XbD1w:e9d429ee90f3d05de4962461e425af56"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4b9bbed5b3e-FRA

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 17 KB
7 KB 412ms
177ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9922&callback=jsonp1666752673012
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8b1b3b7297ec8378a0ec3931fdb5e525c793442a3cdd15ee518064404828b0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 02:41:05 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 pubads_impl_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 68ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130516
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Oct 2023 21:04:57 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
718 B 78ms
28ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wdfxfox34.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b08ea0691a25a239e5db2b23367126dda0520d177e3209616e540fc01f5b10b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Wed, 26 Oct 2022 02:41:05 GMT

GET
H2 200 can-autoplay.3.0.0-1.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 8 KB
2 KB 125ms
124ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/can-autoplay.3.0.0-1.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: FB0H2PH7309S8JR4
etag: W/"cee92fb89ab4f849569bd1354aeb4618"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ffd4b9ea0e9bfa-FRA
x-amz-id-2: B8RpHVnMYWc8iqHCtbEqkYpYcZgBkDfPyfG7UH+4UlUKEVmkU8dk/w2Je5vGn3tsBXtmflG6ZWE=
expires: Wed, 26 Oct 2022 02:46:05 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 53ms
16ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Oct 2022 02:43:39 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 90ms
29ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-82494642-222&cid=80601208.1666752065&jid=1815093166&gjid=1719819087&_gid=667042105.1666752066&_u=aChAgUAjAAAAAEACM~&z=226099727

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 02:41:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1523510105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wdfxfox34.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20-%20WDFX%2034%20-%20WDFX%20-%20Fox34&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUAjAAAAAAACM~&jid=1815093166&gjid=1719819087&cid=80601208.1666752065&tid=UA-82494642-222&_gid=667042105.1666752066&gtm=2wgao0WV2QLD&cg1=Homepage&cg2=null&cg3=null&cg4=wdfx&cd1=Lockwood%20Broadcast%20Group&cd2=GTM-WV2QLD&cd3=59&cd4=&cd5=&cd7=1666752065242&cd8=1666752065242.ubcchatq&cd9=0&cd10=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&cd11=1419&cd12=wdfx&cd13=173&cd22=Homepage&cd32=ResponsiveWeb&z=1126819848

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 21:09:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19880
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 47_scatteredthunderstorms_night.png
ngw-static.franklyinc.com/assets/static/ 3 KB
3 KB 160ms
159ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/static/47_scatteredthunderstorms_night.png
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44c862d08f95204cbf4f38d727a8d1b28d6eca292e49602d23493a3d119a0ef0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Mar 2020 16:12:37 GMT
server: cloudflare
x-amz-request-id: ZZFBQJYEJVBENM86
etag: "ff2fb672b10367fcb4c34626c132908a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4ba88498fd4-FRA
content-length: 2894
x-amz-id-2: 31jn6Z3jNXtDB+CExZUpVa/UJpGP9j/3RjQ5k+yMXeBWHMvlhLlxo/nieeLUM1tSVlraM1zj0qQ=
expires: Wed, 26 Oct 2022 06:41:05 GMT

GET
H2 200 1HxTVSN.png
ngw-static.franklyinc.com/assets/10763/ 262 B
456 B 129ms
128ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/1HxTVSN.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:06 GMT
server: cloudflare
x-amz-request-id: 5H3C42FJ7B67KJ6S
etag: "b3275baf43d3a9e28ba8e1856b5b342e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ffd4ba884d8fd4-FRA
content-length: 262
x-amz-id-2: RAu3cGvazSuqPlERVlGJsvxzzGQXHsGCEyRrSn0nvvqjle0mhNzILekE+LFodM2ETRLVdptTkkw=
expires: Thu, 26 Oct 2023 02:41:05 GMT

GET
H2 200 qX7G0Ix.png
ngw-static.franklyinc.com/assets/10763/ 267 B
535 B 424ms
423ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/qX7G0Ix.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
x-amz-request-id: 5H3F5YE4ZMKDFYJX
etag: "7c93283255679646ceb48b0a09e528ce"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ffd4ba88508fd4-FRA
content-length: 267
x-amz-id-2: EizK6kXcnV0q4QzB8LAh2R/VU+zlvtWe2LMX3A/bnJ3jwHMopQJFz6g42NqrGGwDD8zA8VNSpiY=
expires: Thu, 26 Oct 2023 02:41:06 GMT

GET
H2 200 ENmisP2.png
ngw-static.franklyinc.com/assets/10763/ 262 B
429 B 131ms
130ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/ENmisP2.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 5H37Y6HM7RTNJQ11
etag: "2181a1a027aad6f2c0a77442ffe37662"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ffd4ba88528fd4-FRA
content-length: 262
x-amz-id-2: 3FJXyJR8yD7pZPTsXLUaQRtkdCC+zDGM0DENzIjne3CcFn2EJDGR1zRF+Eoyht3iSP8UJDuuhY8=
expires: Thu, 26 Oct 2023 02:41:05 GMT

GET
H2 200 2LRxrU9.png
ngw-static.franklyinc.com/assets/10763/ 267 B
462 B 146ms
145ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/2LRxrU9.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:07 GMT
server: cloudflare
x-amz-request-id: 5H3DKST0ZEGFDZ49
etag: "3539134c74c2fa207b851387b14bf8db"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ffd4ba88548fd4-FRA
content-length: 267
x-amz-id-2: ERELp7EeGCnntwEtGGe7GE2l8WDnn9pxoVa44Ayy38vEKBRZQMVznJkspUHYeHceVAPhZDl3PyQ=
expires: Thu, 26 Oct 2023 02:41:05 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 874 B
543 B 148ms
148ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=36301

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12224defb844e6472916edb34677dc2f74755df440eed5711b33a0d0b40190ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 475
x-xss-protection: 1; mode=block
x-response-time: 32ms
server: cloudflare
etag: W/"36a-ay2jt4L3+BLvpmqcUXQic4yly0Q"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ffd4ba9aa4bb4a-FRA
expires: Wed, 26 Oct 2022 02:44:05 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 843 B
562 B 167ms
167ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=36319

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e569af46a2fba96d9faa4b158b60d2ede18a5f3d563ff967abc1ae1b761b9d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 458
x-xss-protection: 1; mode=block
x-response-time: 1017ms
server: cloudflare
etag: W/"34b-xT7ZVpxSdyHI+JfN8umJEKyc0es"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ffd4ba9aa6bb4a-FRA
expires: Wed, 26 Oct 2022 02:44:05 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 71ms
26ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wdfxfox34.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 69ms
24ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wdfxfox34.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 96ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=377537433236964&vrg=2022102001&nw_id=43459271%5C%2C22676109897&nslots=5&eid=31068498%2C31070232&pub_url=https%3A%2F%2Fwww.wdfxfox34.com%2F&sig=0&req=0&req_cnt=5&dm=8

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:41:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 753 B
436 B 281ms
249ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=377537433236964&correlator=396364673266460&eid=31068498%2C31070232&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cloc-desktop%2Cwdfx%2Cweb%2Cweather&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=88x30&ifi=1&adks=3927854720&sfv=1-0-38&prev_scp=wnsz%3D124&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie_enabled=1&abxe=1&dt=1666752065732&lmt=1666752065&dlt=1666752063988&idt=1704&adxs=1382&adys=44&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=88x0&msz=88x0&fws=512&ohw=0&ga_vid=80601208.1666752065&ga_sid=1666752066&ga_hid=1523510105&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

512cf51c32f167aa9353d32c3d926ac902b31f815af8b0403c0c0db099440ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 406
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 640 B
364 B 670ms
638ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=377537433236964&correlator=396364673266460&eid=31068498%2C31070232&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cloc-desktop%2Cwdfx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90&ifi=2&adks=4175600188&sfv=1-0-38&prev_scp=wnsz%3D41&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie_enabled=1&abxe=1&dt=1666752065740&lmt=1666752065&dlt=1666752063988&idt=1704&adxs=84&adys=175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=1432x0&msz=1432x0&fws=0&ohw=0&ga_vid=80601208.1666752065&ga_sid=1666752066&ga_hid=1523510105&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

866adc7f11d568a8986a97983445c4f9a2dba2411a30c3eab52d8b2ae966f44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
13 KB 480ms
449ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=377537433236964&correlator=396364673266460&eid=31068498%2C31070232&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cloc-desktop%2Cwdfx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=3&adks=2107240&sfv=1-0-38&prev_scp=wnsz%3D246&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie_enabled=1&abxe=1&dt=1666752065743&lmt=1666752065&dlt=1666752063988&idt=1704&adxs=84&adys=876&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=1072x20&msz=1072x0&fws=0&ohw=0&ga_vid=80601208.1666752065&ga_sid=1666752066&ga_hid=1523510105&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b73919ece16c4bb75efbec4adebd5d799c0dfd9d0c3ca787509a31aa18f93d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13450
x-xss-protection: 0
google-lineitem-id: 6084843041
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138401092306
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 641 B
365 B 1105ms
1074ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=377537433236964&correlator=396364673266460&eid=31068498%2C31070232&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cloc-desktop%2Cwdfx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=4&adks=3589786638&sfv=1-0-38&prev_scp=wnsz%3D43&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie_enabled=1&abxe=1&dt=1666752065745&lmt=1666752065&dlt=1666752063988&idt=1704&adxs=1164&adys=1007&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=352x0&msz=352x0&fws=0&ohw=0&ga_vid=80601208.1666752065&ga_sid=1666752066&ga_hid=1523510105&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c7e1d3e86394ff119878d2c1f69f58daa963d54c8db71098834b57469fbddf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 640 B
362 B 841ms
810ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=377537433236964&correlator=396364673266460&eid=31068498%2C31070232&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cloc-desktop%2Cwdfx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=5&adks=1261434510&sfv=1-0-38&prev_scp=wnsz%3D346&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie_enabled=1&abxe=1&dt=1666752065747&lmt=1666752065&dlt=1666752063988&idt=1704&adxs=84&adys=2176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=1072x0&msz=1072x0&fws=0&ohw=0&ga_vid=80601208.1666752065&ga_sid=1666752066&ga_hid=1523510105&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69e684f1cedb10bebcb5e0b5a85b7b16f1d4218137c17789954cc73564366e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3937 6 KB
4 KB 102ms
23ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wdfxfox34.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 02:41:05 GMT
expires: Thu, 26 Oct 2023 02:41:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 19739256_G.jpg
wdfx.images.worldnow.com/images/ 6 KB
6 KB 51ms
45ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19739256_G.jpg?auto=webp&disable=upscale&width=180

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94ddde4f3df41ef02b08a889bb56fd90ad9470435159cc27f1bb9a1adf1017c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6285
cf-resized: internal=ok/h q=0 n=15 c=1+16 v=2022.10.4 l=6285
last-modified: Mon, 20 Jul 2020 13:50:24 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfH-eHryLCArNM31lKswJakw:51a3d245ae6d82ebe13e6ac028cab53a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bc0d705b3e-FRA

GET
H2 200 23538527_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 62ms
56ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23538527_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666492378000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7925
cf-resized: internal=ok/r q=0 n=49 c=4+16 v=2022.10.4 l=7925
last-modified: Sun, 23 Oct 2022 06:32:59 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ_UGDutcYHj9sD2OctrBFQ:3735f9c74f0aa70c7cc6eecd73299060"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bc0d735b3e-FRA

GET
H2 200 23536579_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 46ms
40ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536579_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398803000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8261
cf-resized: internal=ok/h q=0 n=57 c=33+29 v=2022.10.4 l=8261
last-modified: Sat, 22 Oct 2022 04:33:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf1ABno7LG6Qr_JeP26kPOFw:7a1752c7bd1d57fe09ae93db6b958529"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bc0d745b3e-FRA

GET
H2 200 23522285_G.png
stacker.images.worldnow.com/images/ 16 KB
17 KB 42ms
37ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23522285_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666195627000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16690
cf-resized: internal=ok/h q=0 n=27 c=7+42 v=2022.10.4 l=16690
last-modified: Wed, 19 Oct 2022 20:07:09 GMT
cf-bgj: imgq:92,h2pri
server: cloudflare
etag: "cfqnnKfSXPbaZ3ZNp7zJULGA:10c7a9722e59986b3c276aaf52070a55"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bc0d755b3e-FRA

GET
H2 200 23538528_G.jpg
cntsyncont.images.worldnow.com/images/ 2 KB
3 KB 47ms
42ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23538528_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666492479000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a2fc60091c50cbed19d697ea916e905d4c9174050ff6af1930b6ba87b65621b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2422
cf-resized: internal=ok/h q=0 n=4 c=3+8 v=2022.10.4 l=2422
last-modified: Sun, 23 Oct 2022 06:34:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfhuu5o20oBRXMGmz2WAkL-Q:0f70a64a63b9f9177817f1ac952ae41e"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bc0d765b3e-FRA

GET
H2 200 23536594_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
6 KB 36ms
32ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536594_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398935000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c659dfc9a1b814dc3c5c6c4e7781dec352352f0975800f90c552b7bfbe27af

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6103
cf-resized: internal=ok/r q=0 n=30 c=8+18 v=2022.10.4 l=6103
last-modified: Sat, 22 Oct 2022 04:35:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfiB-GuHXL9CXS0USVHkd9YQ:77515ca2f29148e5da523ea11b21a182"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bc0d775b3e-FRA

GET
H2 200 23532046_G.jpg
cntsyncont.images.worldnow.com/images/ 3 KB
3 KB 33ms
30ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23532046_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666316082000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3048149bb0d5ab4b5d709224e0216b715c7d0317a403a673408a915fde997477

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2660
cf-resized: internal=ok/m q=0 n=61 c=6+17 v=2022.10.4 l=2660
last-modified: Fri, 21 Oct 2022 05:34:43 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfGx_SC8zhNGR35smOV1LJIA:4644518b4a1da2f4d77a0d12837cb6cf"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bc0d795b3e-FRA

GET
H2 200 23523191_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
6 KB 38ms
34ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23523191_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666222445000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca6d74cad633ecfab918aeba895c4ec22de204c136ddc7d9779d1a57ccd3b8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5907
cf-resized: internal=ok/r q=0 n=39 c=1+12 v=2022.10.4 l=5907
last-modified: Thu, 20 Oct 2022 03:34:06 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfBW8wOlwF1T2WIOweUHM6iQ:e08da9c6d30955ea6f2bd9ce63d7ecb6"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bc0d7a5b3e-FRA

GET
H2 200 23499493_G.jpg
cntsyncont.images.worldnow.com/images/ 9 KB
9 KB 50ms
31ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23499493_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665797531000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9362
cf-resized: internal=ok/r q=0 n=56 c=10+17 v=2022.10.4 l=9362
last-modified: Sat, 15 Oct 2022 05:32:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfprW84uaruG_N6C6EyJ11_A:cdaf8cf9639796b81112c0342c38b503"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bc5dad5b3e-FRA

GET
H2 200 23498073_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 33ms
29ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23498073_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665747135000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:05 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7340
cf-resized: internal=ok/h q=0 n=32 c=17+22 v=2022.10.4 l=7340
last-modified: Fri, 14 Oct 2022 15:32:17 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfSoNXPw48_6-id_E4wAAVAg:1e1f8085f5e6f7827db91f1eaa0453f2"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bc5daf5b3e-FRA

GET
H2 200 one.js Show response
csp.azureedge.net/cdn/OneCol/ 138 KB
61 KB 206ms
30ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 22:43:11 GMT
server: Microsoft-IIS/10.0
etag: "1d8a39c948c0162"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 61870

GET
H3 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 2 KB
938 B 50ms
26ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 3135522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ffd4bc9e8b693d-FRA
expires: Mon, 16 Oct 2023 02:41:06 GMT

GET
H2 200 23485935_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 36ms
34ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23485935_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665624698000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8024
cf-resized: internal=ok/r q=0 n=17 c=19+22 v=2022.10.3 l=8024
last-modified: Thu, 13 Oct 2022 05:31:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfkJbhmwlGYa8rFfywoAQS3A:d4a1bf597d0d1fc965c42753151f335c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bcee1b5b3e-FRA

GET
H2 200 23477333_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 32ms
30ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23477333_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665509457000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6885
cf-resized: internal=ok/h q=0 n=21 c=7+18 v=2022.10.4 l=6885
last-modified: Tue, 11 Oct 2022 21:30:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfsBOyQENXpj7YsNb7nr2T6Q:055cf492e00f3b5a5ef8e21cee83618d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4bcee1d5b3e-FRA

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 59ms
26ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 01:16:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 02:41:06 GMT

GET
H/1.1 200
OK G6XoX46Pz02aWQQ7HIDAfg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 41 KB
42 KB 718ms
171ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/G6XoX46Pz02aWQQ7HIDAfg.medium.jpg
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0558b0023c1c4ef9ad3c1948f9cf1c889992b6038dc9dd482b75caad94339ad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 02:41:06 GMT
Last-Modified: Fri, 02 Jul 2021 01:09:51 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: RN+R/d0ApyTnvQzWUD2oQg==
ETag: 0x8D93CF6180F7A8F
Content-Type: application/octet-stream
x-ms-request-id: 627b80a0-201e-0061-26e4-e81ef2000000
x-ms-version: 2009-09-19
Content-Length: 42081

GET
H/1.1 200
OK 586d643d-55b6-4ba2-a548-b9a45fead3b9.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 34 KB
35 KB 721ms
172ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/586d643d-55b6-4ba2-a548-b9a45fead3b9.medium.png
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fe8437cd5a7ada22f5a5991fd0747060211bd514e36f6d41820a68c90c57c633

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 02:41:06 GMT
Last-Modified: Sun, 20 Nov 2016 14:00:43 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: AdUghhWaScvgUA0ClW5O/A==
ETag: 0x8D4114D9E887B4C
Content-Type: image/png
x-ms-request-id: 289d5efb-901e-0006-4de4-e80e0e000000
x-ms-version: 2009-09-19
Content-Length: 35301

GET
H/1.1 200
OK CKs1Ze673kaCA84Zzv-_WA.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 209 KB
210 KB 723ms
173ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/CKs1Ze673kaCA84Zzv-_WA.medium.png
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 57a62640952523260df08a98c8d7f794e2e9cb17d6d81f4a10cf3958237b628e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 02:41:06 GMT
Last-Modified: Fri, 02 Sep 2022 07:12:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: i8csDHyRslEC5Umo4ZED7Q==
ETag: 0x8DA8CB27070DBC5
Content-Type: application/octet-stream
x-ms-request-id: 2b885b29-e01e-000c-4ae4-e8aab9000000
x-ms-version: 2009-09-19
Content-Length: 214406

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK k2SWYB2frU-kRXzW6U27tw.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 26 KB
27 KB 734ms
176ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/k2SWYB2frU-kRXzW6U27tw.medium.jpg
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 673a628d04deb21b0ab7a9b2b87765a64766c897979cc1b3c89c8961c9d7db11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 02:41:06 GMT
Last-Modified: Tue, 26 Jul 2022 23:24:19 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: X4CNMuXJrQJVdtvIglrOOA==
ETag: 0x8DA6F5DF769688A
Content-Type: application/octet-stream
x-ms-request-id: d26c0990-901e-0064-43e4-e8cc29000000
x-ms-version: 2009-09-19
Content-Length: 26759

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 70ms
27ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wdfxfox34.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 70ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wdfxfox34.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 285ms
285ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=377537433236964&correlator=1731114355286673&eid=31068498%2C31070232&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cnat-external%2Ceviesays%2Cfrankly%2Cwdfx&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=6&adks=358730519&sfv=1-0-38&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie=ID%3De6bab9e0215f82eb-225a3e3b57ce0007%3AT%3D1666752065%3AS%3DALNI_MZSL6vRVcd0j88p6zjGon6E4gCPzA&gpic=UID%3D00000b78716687f8%3AT%3D1666752065%3ART%3D1666752065%3AS%3DALNI_MZFa6bOfLKHFp-WKGeKHeGzEuCsmw&abxe=1&dt=1666752066273&lmt=1666752066&dlt=1666752063988&idt=1704&adxs=1190&adys=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=80601208.1666752065&ga_sid=1666752066&ga_hid=1523510105&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b564d050cbe98c80ef626b3deb03c4960f8928d2ee11163cd0a012986166681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12108
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A1DD 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu84v19VnbZX6i1FPVm9RV6Jf8FsRIr18dixA1ogZQYI0lVrVpmqv6KDuUAs796Cfy-P1BGl-EC7TIspjK-EPMelmBsmNczj0ONjcrAd3iWLzbtqJWoE6H8KbZ-rMqFW0hSjcyFcoERkFNYhlzWavq-TZn_PPFEcTT8mZp6GVgwd14fgy0uKWOaezG_Y2Esxx_Hbdd1vxe9gboPHLf0K1kbvioCI7jUk7Epf3l2eEPkM9OACsYkiz7SpiXj043Fd9EkBws9jFk8Yv0Yqykrx3OLpAX90Tf2xiwjZoPGqpX_82e5uS5sDjpvwu_ni_6q_7RiPBf5273RjOGrGcH__ZEXLlKGY9cx1U7viObhluxJC17z&sai=AMfl-YShaH7Qli9UcCNUlMsFjbt2ddxtY5bRjh5B-rMTu5KhFOAdKaHXiRLrzSgLaO-3ZvH_1615iL57ZQESq4R9eJvtsJhhoFWSqQexGUE_t7qMl9eo6VHftulUtJShAxqxMngq9Q&sig=Cg0ArKJSzOMeaAvzS_KlEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 02:41:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame A1DD 3 KB
2 KB 65ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 20:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 20:16:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1DD 152 KB
46 KB 73ms
33ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 02:41:06 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame A1DD 8 KB
4 KB 107ms
17ms Script
application/javascript 2a02:26f0:1700:6::17d5:a18f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138401092306&splc=/43459271/loc-desktop/wdfx/web/homepage&adu=21957033208&unit=728x90&btreg=6084843041138401092306&btadsrv=6084843041138401092306&ctx=19955922&cmp=DV451308
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 02:41:06 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 14:24:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80e87b37ebe6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H2 200 14941923498515493524
tpc.googlesyndication.com/simgad/ Frame A1DD 37 KB
38 KB 65ms
16ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14941923498515493524

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e2a7741be63f59de3c7649731a377fe6b2f4dafa1750a924811dd45f73a54d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:22:51 GMT
x-content-type-options: nosniff
age: 397095
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38310
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:54:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Oct 2023 12:22:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A1DD 0
0 71ms
26ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxeGPlIS13xWtpNZqClDYjQdKKdwKOtZz_Eyr6jXr6mOtdiUpUk7-RRtISubn0x30A8jZHTxJyOQKW7-wTelAnV7vD_A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 58ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wdfxfox34.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 114642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:50:24 GMT

GET
DATA 200
OK truncated
/ Frame A1DD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 083a81a7c987c9751419f01d26ca7539e7661e73a7159843cf8f06b34eb36233

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A1DD 0
0 92ms
54ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssIjp3jgJh8wZtu5Gzinr44FkBcZRLGqIRWbHHw5VJYB-TeMu7fghaUokoNUUfnaJT7lFHD5AGa32V0P65Y1yfZ52epjYsGtwzTiS5137fdKOhZGfXMkbl15zdK5vGHcwu6TiheaWAMnml286m2CVZOJCE5RTP8e3onKhXlWmKsmTIgRUSibwQNqxBMdTvyttRpekv5BhOzEZfCogmlF6O4EI8rkDmO6yRwhfFBNAVgMS9Ouzw5HfBelt6dWf619y_2l3WFPO6pgfC_8aDI9ml4uvDCCKCumOqrklJJ8T3Igy395CtNNe5JGdNpAJ8Hj-eUHn9UGxBbLa3f-88ru3mOmNGQZKp&sai=AMfl-YSDTk4bCs7J5IXynx3zsJzUTwIBJm5yNCA4JNyViJF2SU-icyKmDDij_MsXvVhGX-Q3OmyB3cUee6Rkz6Yq0pZBN_t2-MDmg3O-ZPgdCLbtmoEc1IXYz2HukcL3I4liuBVfyQ&sig=Cg0ArKJSzIzoA5tH9o3gEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 02:41:06 GMT

GET
H/1.1 200
OK dv-measurements3130.js Show response
cdn.doubleverify.com/ Frame 6D1B 545 KB
105 KB 17ms
17ms Script
application/javascript 2a02:26f0:1700:6::17d5:a18f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3130.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 02:41:06 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 11:48:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e9d655d5e6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106973

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 6D1B 8 KB
4 KB 216ms
27ms Script
text/javascript 213.254.244.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=66&ttfrms=46&brid=3&brver=106.0.5249.119&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH57I7%40Ibc%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH57I7%40Ibc%5D4%40%3ETar9EEADTbpTauTauHHH%5DH57I7%40Ibc%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=14&ddur=111&uid=1666752066576463&jsCallback=dvCallback_1666752066576337&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.wdfxfox34.com%2F&fwc=0&fcl=454&flt=47&fec=922&fcifrms=2&brh=2&sdf=2&dvp_epl=154&noc=4&nav_pltfrm=Win32&ctx=19955922&cmp=DV451308&btreg=6084843041138401092306&btadsrv=6084843041138401092306&adsrv=104&unit=728x90&seltag=1&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138401092306&splc=/43459271/loc-desktop/wdfx/web/homepage&adu=21957033208&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=432810370545.43353&dvp_tukv=5704711748.534826&dvp_uuid=1731040222.798918&dvp_tuid=1102260111807
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 137d0af41219c7b514962e0c81c6a3ce841516866d4d280b65c6f10b39057829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 02:41:04 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 10/25/2022 02:41:06

GET
H3 200 container.html Show response
e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 768C 6 KB
3 KB 49ms
16ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wdfxfox34.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 02:41:05 GMT
expires: Thu, 26 Oct 2023 02:41:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 768C 0
0 59ms
58ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cy6B5Qp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEiQJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0Q-WaGL6FloZsfQOrqCscGaGCB5raPB5enwE0DFmdksBxEvrTzdf4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02MDQyMzczOTUxMjM3NTAyGK_6Fg&sigh=yIuXpx4teDc&uach_m=[UACH]&cid=CAQSPADq26N9dfz-fWFfWwv-Cz7ETeTcS--siaRbCWz6R4hXT2azutw6S-GQ6YuZEzX_af_rcVvW-MTIn1nXMBgBIBM
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 768C 0
0 74ms
30ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gcveh380axqgxq28g51gq11je603hrwxe3far3vtjtnxffg7tt703mbqm7sjj910bmqjvp3hex3fj4g46gj6q6y2wgtmt78vtt4n8vf46f5nq2v6fmke0pzs6ncz475nnc3py06c7ye41cymcjcw21863ndv7xv69jycg99xefk9fa1kgmnn8d948y44mt9v1ms0pnx39trhjjy87bf7e01wg45e0b5svn4kx3s27m306xt0tya8n8am74h4rwbcqn33a7s8mwtjv175xx17ywymwa7f5qts8x8s854vvev00k01xry2y3yttvrvws5ks0kj02029ywhfa3mved2x8ywk3wskcpcbe1af7x5m8w11b3f860mjvvpst4370myxqv810brvs780pfhvfkvpxdwyr9m605&b=Y1ieQgAFD0oIEd6pAAhkixnRQvH8rDdF0MQ4Zg
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Oct 2022 02:41:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 3253 2 KB
3 KB 73ms
30ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hdb65cz43x7x4gejw3h5ehhdfsnrkw92fb757b3081j0bvtjj1njn59pcxmjxg5jfymy4m7hctk0scgy3g2w6q6nz5gykssc59t52dh7d7b7m076nkd20bh3fexssgzbjgkdzv30xvr2tjypfa7heary6d3rtyp147nh55wg8a3mg1z6bca8hsp0fhha04wed1nvqg0njbwrj2mb68zyjhpvdpc4w5ajbtbmvkgd7kaj987t0gnt6kr4tdf5fe629y8avdkp45e3atm8eqc81hpvwc2j8c2tjh5m0d1n9h51qe7j166hf7yg94f16ythtgm88pg7j4p4rtm0jweksc3hcz7fp7fwdf0wwk3w3t0d8bt1hf8d6b5w1w25r8cvxpthj4rqvvtc8r710snmp7ncd0bhxcxhvkw36fxkqst4p6hx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%26client%3Dca-pub-6042373951237502%26adurl%3D

Requested by

Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c91e8f2c6f2a48da3092f7d676b5089e8387a2f30ab353412942e33c8eaca2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75ffd4c12e8e9b39-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 02:41:06 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 768C 3 KB
1 KB 54ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 20:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 20:16:03 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8D90 1 KB
643 B 49ms
15ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 11:22:46 GMT
etag: 48472445140208031
expires: Wed, 26 Oct 2022 11:22:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 768C 17 KB
7 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:21:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 768C 0
0 61ms
26ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTP5UV1pOCdTUKyJGO31Q_IZV1wYzdksrkayeGXHo-aR9T2KhL69uLz4GaB4UrGyBkfBoiws3Vm7726P26e0lw16KwZQQ
Requested by: Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 768C 22 KB
7 KB 50ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64382
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Oct 2023 08:48:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 768C 152 KB
46 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 02:41:06 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8D90
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPXtViDiWILYW5qmhTQwuq4&google_cver=1&google_push=AZmPxg_vSVkQja-IZmsAtpo90EB9zs2bZxZgPAn1LfD3DJRo3crxspOxmhSzTnurl0JGYZB356hUnlxYtlgO9G5XKTq9-AA15bFJ&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPXtViDiWILYW5qmhTQwuq4&google_cver=1&google_push=AZmPxg_vSVkQja-IZmsAtpo90EB9zs2bZxZgPAn1LfD3DJRo3crxspOxmhSzTnurl0JGYZB356hUnlxYtlgO9G5XKTq9-AA15bF...

43 B
443 B

189ms
180ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPXtViDiWILYW5qmhTQwuq4&google_cver=1&google_push=AZmPxg_vSVkQja-IZmsAtpo90EB9zs2bZxZgPAn1LfD3DJRo3crxspOxmhSzTnurl0JGYZB356hUnlxYtlgO9G5XKTq9-AA15bFJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_vSVkQja-IZmsAtpo90EB9zs2bZxZgPAn1LfD3DJRo3crxspOxmhSzTnurl0JGYZB356hUnlxYtlgO9G5XKTq9-AA15bFJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:41:07 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75ffd4c2cefd6927-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:41:06 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1254
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPXtViDiWILYW5qmhTQwuq4&google_cver=1&google_push=AZmPxg_vSVkQja-IZmsAtpo90EB9zs2bZxZgPAn1LfD3DJRo3crxspOxmhSzTnurl0JGYZB356hUnlxYtlgO9G5XKTq9-AA15bFJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_vSVkQja-IZmsAtpo90EB9zs2bZxZgPAn1LfD3DJRo3crxspOxmhSzTnurl0JGYZB356hUnlxYtlgO9G5XKTq9-AA15bFJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75ffd4c18da86927-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8D90 0
191 B 127ms
35ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBWWjr3YsfineMOxLeK7srI&google_cver=1&google_push=AZmPxg9P0fGcl08pPankraQus2t1GQ5fco70GG_HQRGyXhPjE6itj7TIeyfM6zIOFki9G0jMxM4-d-4Jk2mlGQelNkJzRSspml8OiA
Requested by: Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 26 Oct 2022 02:41:06 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8D90
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELgz6pD75yZ5f-szOzI5uYE&google_cver=1&google_push=AZmPxg_gqPTIp1-3Z13DCOk_PNRZdEikVF_eKI9kj_IbXY7MXZ3feE8tQiPHGPHiIbWZh-Zb4VfnUftPBxY_uq2l...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=P2xlxml-QK6U06Ulfq4scQ2&google_push=AZmPxg_gqPTIp1-3Z13DCOk_PNRZdEikVF_eKI9kj_IbXY7MXZ3feE8tQiPHGPHiIbWZh-Zb4VfnUftPBxY_uq2lBDMAG9gCN5Eyxg

170 B
188 B

29ms
26ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=P2xlxml-QK6U06Ulfq4scQ2&google_push=AZmPxg_gqPTIp1-3Z13DCOk_PNRZdEikVF_eKI9kj_IbXY7MXZ3feE8tQiPHGPHiIbWZh-Zb4VfnUftPBxY_uq2lBDMAG9gCN5Eyxg

Requested by

Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 26 Oct 2022 02:41:06 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=P2xlxml-QK6U06Ulfq4scQ2&google_push=AZmPxg_gqPTIp1-3Z13DCOk_PNRZdEikVF_eKI9kj_IbXY7MXZ3feE8tQiPHGPHiIbWZh-Zb4VfnUftPBxY_uq2lBDMAG9gCN5Eyxg
x-host: tde-deliveryengine-production-7496bf5f48-4578t
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 8D90 43 B
351 B 116ms
25ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMKdLHNLaHoWtxyxSRfx1_A&google_cver=1&google_push=AZmPxg9vXxG8gUNrpEoO42Z3_Bv52UFOk_ilRlKThlTsncoPaykoa50cAzZTdHa5adqkQcjKs68pirhI63ZM0FBNwd9F5-ES2EYtHg
Requested by: Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:41:06 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: mpg9ncdlj6qsk7ql19n0eaqggjotjbdr

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8D90
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lyW95s-bR1-R7NuQvz4EZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

61ms
25ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lyW95s-bR1-R7NuQvz4EZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8HwqBDO0NR3mlUIBQkqtf_wPysfR3T3Lthz-pUvjbTtAhP_eJOUeax6KRSdYUKB2KC0a8nzu5XXbNEAkcthiLVctvvaw2WTw

Requested by

Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lyW95s-bR1-R7NuQvz4EZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8HwqBDO0NR3mlUIBQkqtf_wPysfR3T3Lthz-pUvjbTtAhP_eJOUeax6KRSdYUKB2KC0a8nzu5XXbNEAkcthiLVctvvaw2WTw
date: Wed, 26 Oct 2022 02:41:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8D90
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDNJNy1wiVCYWmhSErHNTcw&google_cver=1&google_push=AZmPxg-QBwp7YF1SODgDWt9C9uj0DqSTFfUhzvTzpHp00F13RAtgyElxrlrB7hdJpQ50I0rIrUVgszSJIyxe...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-QBwp7YF1SODgDWt9C9uj0DqSTFfUhzvTzpHp00F13RAtgyElxrlrB7hdJpQ50I0rIrUVgszSJIyxeCJJDG5CtJyv22GEtdw

170 B
329 B

31ms
23ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-QBwp7YF1SODgDWt9C9uj0DqSTFfUhzvTzpHp00F13RAtgyElxrlrB7hdJpQ50I0rIrUVgszSJIyxeCJJDG5CtJyv22GEtdw

Requested by

Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-QBwp7YF1SODgDWt9C9uj0DqSTFfUhzvTzpHp00F13RAtgyElxrlrB7hdJpQ50I0rIrUVgszSJIyxeCJJDG5CtJyv22GEtdw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8D90
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-GwnXIFiDsplZoF_2U4FW55lEE-sdzWQCYUD2kbfTw-3Ba4nZ78A7TcW7n_7Vg76V3AT-_u8zAcrR5BzcNS3OmcHUxTw_Lgw&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-108779ae-d927-4660-a306-e3b709ba8fdb-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-GwnXIFiDsplZoF_2U4...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-GwnXIFiDsplZoF_2U4FW55lEE-sdzWQCYUD2kbfTw-3Ba4nZ78A7TcW7n_7Vg76V3AT-_u8zAcrR5BzcNS3OmcHUxTw_Lgw&google_hm=AxCHea7ZJ0Zgowbjtwm6j9s

170 B
188 B

27ms
27ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-GwnXIFiDsplZoF_2U4FW55lEE-sdzWQCYUD2kbfTw-3Ba4nZ78A7TcW7n_7Vg76V3AT-_u8zAcrR5BzcNS3OmcHUxTw_Lgw&google_hm=AxCHea7ZJ0Zgowbjtwm6j9s

Requested by

Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:41:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-GwnXIFiDsplZoF_2U4FW55lEE-sdzWQCYUD2kbfTw-3Ba4nZ78A7TcW7n_7Vg76V3AT-_u8zAcrR5BzcNS3OmcHUxTw_Lgw&google_hm=AxCHea7ZJ0Zgowbjtwm6j9s
date: Wed, 26 Oct 2022 02:41:06 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX108779aed9274660a306e3b709ba8fdb003
content-type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8D90 0
232 B 89ms
19ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LfiS5zVjMnPOJyxJFye5z0tJzq-IttbUcyel51HE9LaK5Ekd7sXUfn_J47c8fP7rZWB-dR

Requested by

Host: e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
URL: https://e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 768C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd6120e671cb88765871fe6a8eda45e192136ba52b87ed47bd849c9c6d86ba94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 3253 89 KB
11 KB 100ms
81ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hdb65cz43x7x4gejw3h5ehhdfsnrkw92fb757b3081j0bvtjj1njn59pcxmjxg5jfymy4m7hctk0scgy3g2w6q6nz5gykssc59t52dh7d7b7m076nkd20bh3fexssgzbjgkdzv30xvr2tjypfa7heary6d3rtyp147nh55wg8a3mg1z6bca8hsp0fhha04wed1nvqg0njbwrj2mb68zyjhpvdpc4w5ajbtbmvkgd7kaj987t0gnt6kr4tdf5fe629y8avdkp45e3atm8eqc81hpvwc2j8c2tjh5m0d1n9h51qe7j166hf7yg94f16ythtgm88pg7j4p4rtm0jweksc3hcz7fp7fwdf0wwk3w3t0d8bt1hf8d6b5w1w25r8cvxpthj4rqvvtc8r710snmp7ncd0bhxcxhvkw36fxkqst4p6hx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%26client%3Dca-pub-6042373951237502%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hdb65cz43x7x4gejw3h5ehhdfsnrkw92fb757b3081j0bvtjj1njn59pcxmjxg5jfymy4m7hctk0scgy3g2w6q6nz5gykssc59t52dh7d7b7m076nkd20bh3fexssgzbjgkdzv30xvr2tjypfa7heary6d3rtyp147nh55wg8a3mg1z6bca8hsp0fhha04wed1nvqg0njbwrj2mb68zyjhpvdpc4w5ajbtbmvkgd7kaj987t0gnt6kr4tdf5fe629y8avdkp45e3atm8eqc81hpvwc2j8c2tjh5m0d1n9h51qe7j166hf7yg94f16ythtgm88pg7j4p4rtm0jweksc3hcz7fp7fwdf0wwk3w3t0d8bt1hf8d6b5w1w25r8cvxpthj4rqvvtc8r710snmp7ncd0bhxcxhvkw36fxkqst4p6hx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%26client%3Dca-pub-6042373951237502%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 573957
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 11:15:09 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75ffd4c1fec99a09-FRA
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 3253 36 KB
12 KB 36ms
26ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hdb65cz43x7x4gejw3h5ehhdfsnrkw92fb757b3081j0bvtjj1njn59pcxmjxg5jfymy4m7hctk0scgy3g2w6q6nz5gykssc59t52dh7d7b7m076nkd20bh3fexssgzbjgkdzv30xvr2tjypfa7heary6d3rtyp147nh55wg8a3mg1z6bca8hsp0fhha04wed1nvqg0njbwrj2mb68zyjhpvdpc4w5ajbtbmvkgd7kaj987t0gnt6kr4tdf5fe629y8avdkp45e3atm8eqc81hpvwc2j8c2tjh5m0d1n9h51qe7j166hf7yg94f16ythtgm88pg7j4p4rtm0jweksc3hcz7fp7fwdf0wwk3w3t0d8bt1hf8d6b5w1w25r8cvxpthj4rqvvtc8r710snmp7ncd0bhxcxhvkw36fxkqst4p6hx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%26client%3Dca-pub-6042373951237502%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57664
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMuE2ae1m8yBpp0MKIyZK1iYU89cF6XW07IvnyVupl40nxBkM6DHyBGFtFpQZdbo6552uNsNkUFwk6DUpWQZwFnrkMH04X7snzXYHnfo%2Bgam1z8CQXc4dw31m4PD0Aa0Ou93tj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 75ffd4c19f099b39-FRA
expires: Tue, 18 Oct 2022 10:40:08 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3253 3 KB
4 KB 71ms
27ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23656348
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fb2K6MrsBmOpJ9jRskKRDvx%2BBqCrSf3C5wS2GSqTrs28FEDfDM807wCM4%2FXcGz4%2B2wMSm2NnJ7c32VjWkDNPUEccyd7LA3LhCIujy93aUrpsqdiMwpDu62o%2FcA6t960ek8KlOKkjfP9w%2BENI5nhwt8Mt"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 75ffd4c27c249b45-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 9F90 2 KB
1 KB 30ms
25ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2615754
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 75ffd4c24f2e9a09-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 02:41:06 GMT
expires: Sun, 25 Sep 2022 21:03:20 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIhUvM71yCIyl9Hqn3bKp77DhdoJ93mijhzOumaPNYUhkjCTud3aAtkI%2BhnGyXJA6PUdOsTIWNNmOpfTCkZevngZiCcja%2FOKDbJrd9eyZMDZNfr5jVMQmqRzSW86rP6cAf%2FOy00%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 3253 2 KB
2 KB 54ms
54ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc8d5e3d2a5146954891ce1d0cfb006517b179f8247c3f98f85bf3d646c9b90e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXJj0t5pFIiivlbzGaPK8Q58JrHao%2BLsTWEKoqzKEb2dIHOqj2Jlty2yJmYXlYVhejfCi1f3t14C6DTMhBrVaAUosc3POUt4%2FF%2Bf5UMQijMO0P%2B6LIKGTdECJDWY6B7yoh1mtOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 75ffd4c2fe2268ec-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 66ms
45ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75ffd4c2add068ec-FRA
content-length: 24
content-type: text/plain
date: Wed, 26 Oct 2022 02:41:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ow4A%2FZNveW0SvoGFBouabI%2BFu7oUjmkzrMZICpsCM0CkN0taYVTDNYK4KztTdHHFm00JJEW6O3ypBcoGLrd4zgUV1xIGLna3%2BCk3vUFD3BZ6Ickgz2v0AWRry3sB6VKE%2BgP4ERI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9720 11 KB
5 KB 30ms
30ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b4778a244a5b3bb89aa9c073a4efeb8687c8d2a67b96481576aa9a029e9eb1b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hdb65cz43x7x4gejw3h5ehhdfsnrkw92fb757b3081j0bvtjj1njn59pcxmjxg5jfymy4m7hctk0scgy3g2w6q6nz5gykssc59t52dh7d7b7m076nkd20bh3fexssgzbjgkdzv30xvr2tjypfa7heary6d3rtyp147nh55wg8a3mg1z6bca8hsp0fhha04wed1nvqg0njbwrj2mb68zyjhpvdpc4w5ajbtbmvkgd7kaj987t0gnt6kr4tdf5fe629y8avdkp45e3atm8eqc81hpvwc2j8c2tjh5m0d1n9h51qe7j166hf7yg94f16ythtgm88pg7j4p4rtm0jweksc3hcz7fp7fwdf0wwk3w3t0d8bt1hf8d6b5w1w25r8cvxpthj4rqvvtc8r710snmp7ncd0bhxcxhvkw36fxkqst4p6hx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%26client%3Dca-pub-6042373951237502%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75ffd4c3486c9a09-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 02:41:07 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 9720 89 KB
11 KB 27ms
27ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 573958
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 11:15:09 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75ffd4c388ac9a09-FRA
expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 9720 8 KB
9 KB 51ms
44ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1414873
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkcQL1Hm2YvVJXB3HwbXtKTDme3csqPAwb%2BOvgg0qKq0CEZS7PjWPVFmQtE17JeIWcx04aM8w%2B1OB8EO3bUAPAvrMHSHD%2BHEOH4DWFE8gef8YnRsuoCiFUf2LUHiZ3pn9ugG%2BFoiz7b0Tw6v"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75ffd4c3991b9b39-FRA
expires: Thu, 27 Oct 2022 02:41:07 GMT

GET
H2 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 9720 93 KB
94 KB 49ms
43ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 550170
cf-polished: origFmt=png, origSize=155400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8a8IRhIKQJCAN9dB1MzXgzwNV85iDFKVKOtTixiUWakTP3lRgY7pk2E6ZuAkYiuc1Ly6mGXTay%2FLWXqggp3AwLKg4odAs4qzl1MJuNulP29jJSFPICiNZaJYNC2tZTmssgMY8KoPnaxbWta"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75ffd4c3991c9b39-FRA
expires: Thu, 27 Oct 2022 02:41:07 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 9720
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CP_ikqfv_PoCFQaddwoduJYB4A;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1666752067_a4807fe0-54d7-11ed-9d10-2262c713b6c4

0
517 B

108ms
29ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1666752067_a4807fe0-54d7-11ed-9d10-2262c713b6c4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 02:41:06 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Wed, 26 Oct 2022 02:41:07 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1666752067_a4807fe0-54d7-11ed-9d10-2262c713b6c4
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 9720 18 KB
19 KB 28ms
24ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25388
cf-polished: origFmt=png, origSize=35453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
cf-bgj: imgq:85,h2pri
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxI15ZAkttD9SUnv7aljBBITw%2Fw3DvXQui6kocY2RGLMMmfxZdI7DaYer1mTb%2Fe1htcGeUw570bQrw4mLuJ2cHF0hf7Z6z7b1clNXSMWXaIGwBsQ89u%2BhROzS3lKxHslz%2FfWJycitjgTxqC1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75ffd4c3991a9b39-FRA
expires: Thu, 27 Oct 2022 02:41:07 GMT

GET
H2 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 9720 9 KB
9 KB 29ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 459832
cf-polished: qual=85, origFmt=jpeg, origSize=83479
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
cf-bgj: imgq:85,h2pri
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LI3%2BfTzevuDr63zUukVa6QiPZNzSl0BIZSAkYre9ehhVf7g0WO1SudRJzpRXwfAfhzwmt%2FoYE0w1%2FqHLVP82DO5b3xrHr13016ZkdKB77ykxvUoErahDLy5XQmuabYcIIi8iopAXg5s1Uaf9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75ffd4c399179b39-FRA
expires: Thu, 27 Oct 2022 02:41:07 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9720 43 B
705 B 99ms
49ms Image
image/gif 23.203.81.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1oneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.203.81.208 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-81-208.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 02:41:07 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 9720 127 KB
128 KB 30ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 549660
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130162
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MW%2Fa8WL6EZDI7%2Bii6o18T9k76DX%2FwOa6elLh%2Bk6ifvwgykt02FIbKM6x0KSpJHALZtyVfE7v0LJ7wT4OCnZN288TLEPlOchBUv8BF4hM96o8jb%2B8cEHBPmJUdkzeOLm50EIj0hskate%2BFdEg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75ffd4c399199b39-FRA
expires: Thu, 27 Oct 2022 02:41:07 GMT

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 9720 461 KB
462 KB 48ms
44ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1749703
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAsvJcYoWUI7x2Vfpik26w3%2FThLghVV%2BoJxyo6ACxgeOE2F51Omnb%2B5kca6a74NV0vhb2jw4F9YpJY5kAu%2BdHZqHxFQQmYsp4dcHSsvifGUxcqtHJAC%2Bf1l5xcPE%2FmyxbVsAddnti5HMWFTQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75ffd4c399189b39-FRA
expires: Thu, 27 Oct 2022 02:41:07 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9720 1 KB
2 KB 164ms
84ms Script
text/html 18.169.123.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gfz3bmahf7f5kepxqp5cv3ne9a1htx00ccvp9gbdcgcwd81ej0a7b5cttmpkq7786bg8d3nydb88zh3zgx0vwwm6cp77wazk5j9d903gph6tz4z4pxbbxpwgfhw2snjnxneq60sxtgp2tred256mny7bq3ps6vxfbt61j70nvntdbf28aaw6qfx0yzq1vz6760dcygp5mpk7wbrrc7b1dm1zx3qvphkdwrgd92rgjdftg9my8vny7g25wr5cs0nvc9x6%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%252526client%25253Dca-pub-6042373951237502%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.123.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-123-253.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 8b4391d4261a4d128e196f61bc5e1d8abd7c8ee8e3cf3a4362a8015faf6c4370

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
last-modified: Wed, 26 Oct 2022 02:41:07 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 26 Oct 2022 02:42:07 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9720 85 KB
31 KB 82ms
17ms Script
text/javascript 65.9.66.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gfz3bmahf7f5kepxqp5cv3ne9a1htx00ccvp9gbdcgcwd81ej0a7b5cttmpkq7786bg8d3nydb88zh3zgx0vwwm6cp77wazk5j9d903gph6tz4z4pxbbxpwgfhw2snjnxneq60sxtgp2tred256mny7bq3ps6vxfbt61j70nvntdbf28aaw6qfx0yzq1vz6760dcygp5mpk7wbrrc7b1dm1zx3qvphkdwrgd92rgjdftg9my8vny7g25wr5cs0nvc9x6%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%252526client%25253Dca-pub-6042373951237502%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-110.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:32:01 GMT
content-encoding: gzip
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Thu, 20 Oct 2022 14:27:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 68947
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: VJg2Lw5YjvNf5iOnXwV1Kgz1xQP-JH0Djqn4slgFaYwSxU4Q4DhGww==

GET
H2 200 link.html
track.webgains.com/ Frame 9720 48 KB
49 KB 97ms
96ms Image
image/gif 18.169.123.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C14044%2C183975&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=da1e4ec908498e260fa65908085380a1%2F14454374102723978619&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666752067062&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hmhdfqa99xvzjvex0pad8xwpn16yc38dv5pdbqscn2c8zbek3st5p4gzkt4dtxeab0qzvqzb2b6btnwcfa5f7t6qnkc4aw8s3xmhrkt6dj7eg6bbn3ztne0bg9fge3chjdzm7c23z6wapschpasbwsw534ke74z4ndemm2vansc82vt99vgkcb6w7f4jvabspjhvrxscw9h9qmqprs89r5z1p0hp31jw6mm9b32zmv5pdbhrddqcswrfewn0h431q5w56mz8a6sqzpjn440%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOL-uQp5YY8qeFKm9x_APi8mh-AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQyMzczOTUxMjM3NTAyyAEJqQKNZ696yrSwPuACAKgDAaoEjAJP0N6l9XbQjQ-KgwQYf69bdHfB6akhvZBI0zDLiJWKNqwrkpGQNd5K7Qu8vLXk06BtQolAkytFspEYjU5Q5BcjVCne66HWtcHXlsPjtF1C7nK30p367tK1brbSlhwP1jWCQHFg1mYJaXT_jl_s_TZ0JoVBtbE0yy70rvxEv4L7URHEyqKP0Cchzfg5tgDcq__Mj6yF7JhkLmYr9NKmkbHwI2Arw3x-jYoe-YI9-3UnfUHx5fyM7uzspqfecA9qDDRhUV5Qa9RkvH70vegU1uJJ4ktN_82DTvYY30KWXLLN5YRt0U2USfAt791ZeXNGOHrl4pS_HBTGYt5hp_zGmaOe4lUt3J430HeXKTOO4AQBgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ZDqiU4pGgAvnXm_VGCxq_f8Hazw%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.123.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-123-253.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
last-modified: Wed, 26 Oct 2022 02:41:07 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 26 Oct 2022 02:42:07 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A1DD 42 B
64 B 83ms
50ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHMT_t5JYi2SVYWqUoaGQvAWwZCqYJIp8dyBNQRh1MsMKlNiX0g5rPojIfkJOprV0VSL2xsgY0Kd62zJTmVOOt9sNke1JYzUcHZ54-QrIHaSm0LA62&sig=Cg0ArKJSzHzL05vxgHhFEAE&id=lidar2&mcvt=1002&p=876,256,966,984&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221024&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2107240&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666752066304&rpt=151&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:41:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 59ms
35ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a425f0d2c3f6f6e33ae9c2717869fbd1f423444a5bc2ee60fdb05dee0822975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11185
x-xss-protection: 0

GET
H2 200 19476095_G.png
wdfx.images.worldnow.com/images/ 26 KB
26 KB 38ms
36ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19476095_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1efe771f5589f06a1b158d846b13af0ab0158d1b36a2c2f391e075c3132a9208

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 26509
cf-resized: internal=ok/r q=0 n=80 c=24+71 v=2022.10.4 l=26509
last-modified: Mon, 08 Jun 2020 15:04:32 GMT
cf-bgj: imgq:92,h2pri
server: cloudflare
etag: "cfgPoyEgRJIi208-eMatT4lA:f9eff51d0deb5b205d0daccb71009286"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4c5ebd85b3e-FRA

GET
H2 200 19476097_G.png
wdfx.images.worldnow.com/images/ 144 KB
145 KB 34ms
32ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19476097_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cd7482bf991eb7dc9fb12dcdac98dc8dde2ed1c80617eece7e00ced675b8d08

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 147702
cf-resized: internal=ok/h q=0 n=15 c=40 v=2022.9.6 l=147702
last-modified: Mon, 08 Jun 2020 15:04:36 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfPyQQOWOIgdEm4XZ4c320oQ:0fdf37cf3c8081d207780dfbb62fabaa"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4c5ebd95b3e-FRA

GET
H2 200 22945485_G.png
wdfx.images.worldnow.com/images/ 91 KB
91 KB 39ms
38ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/22945485_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c997dd2117e327864cd06743f204f152fd1d00fcd5e718f666328249663cef3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 93064
cf-resized: internal=ok/h q=0 n=18 c=38 v=2022.9.6 l=93064
last-modified: Tue, 05 Jul 2022 13:27:26 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfR7NEXtLBWAcAzHluP6Am4A:e0a51ececd9ecf1c36eedf3abbb23cf5"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4c5ebda5b3e-FRA

GET
H2 200 23522128_G.jpg
stacker.images.worldnow.com/images/ 7 KB
7 KB 32ms
31ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23522128_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666191121000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec0cf7c1797e6534470bccea76daf1e0b8d07fb96cec70a1ccafda988ecef29e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6960
cf-resized: internal=ok/h q=0 n=8 c=6+23 v=2022.10.4 l=6960
last-modified: Wed, 19 Oct 2022 18:52:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfHZBJVJHtRILBWyS2zsQZvQ:2745c2b5ef129d7c49fab03d1711b752"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4c5ebdb5b3e-FRA

GET
H2 200 23523190_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
6 KB 29ms
29ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23523190_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666222444000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b28981d1ac39524dbd9a0ed83162f052006aad8748008c4de46fa27ec1c59312

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5781
cf-resized: internal=ok/h q=0 n=11 c=1+9 v=2022.10.4 l=5781
last-modified: Thu, 20 Oct 2022 03:34:05 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfvC8aKidGBC1X-mijoM3WkA:4768e35c9fbd38354f6ee8279fba872d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4c5ebdc5b3e-FRA

GET
H2 200 23477332_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 37ms
37ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23477332_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665509455000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38ddc763f362ec861248b814820095bc3feb499f5f684251b4a85d4ad3cfeee4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8249
cf-resized: internal=ok/r q=0 n=24 c=8+16 v=2022.10.3 l=8249
last-modified: Tue, 11 Oct 2022 21:30:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfPIpaIQpqnJmjV63_Eofmwg:19e5d2e72dcafcfbd104ce5a860dd191"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4c5ebdd5b3e-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 02:41:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6768 13 KB
5 KB 17ms
15ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wdfxfox34.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 22:34:24 GMT
expires: Wed, 25 Oct 2023 22:34:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 882C 783 B
534 B 26ms
26ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9bd44136d6962c88d5a51be8e2ef579e935a617d18becfb96dc1a1ba11f29fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q0UiqW5yTaDrQaZBYpftnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wdfxfox34.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Q0UiqW5yTaDrQaZBYpftnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 02:41:07 GMT
expires: Wed, 26 Oct 2022 02:41:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 22952504_G.png
wdfx.images.worldnow.com/images/ 96 KB
97 KB 41ms
40ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/22952504_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2d50e019b6f544bdaa43f220a5c2f2949dcc61f7d4d3dbc50d5dfe53b6c1b85

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 98722
cf-resized: internal=ok/r q=0 n=84 c=45 v=2022.9.6 l=98722
last-modified: Wed, 06 Jul 2022 15:18:57 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfMDkd84C_MhkjRFN6ns2Epw:3236ecd8296782eb71f52d397b2a5af8"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4c6bc7d5b3e-FRA

GET
H2 200 22966030_G.png
wdfx.images.worldnow.com/images/ 26 KB
26 KB 33ms
32ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/22966030_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

643bba58ce61488334e10de9ebeecb1a92ae0ede0cc30d40e67b572ba6c5a0f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 26325
cf-resized: internal=ok/h q=0 n=10 c=10+40 v=2022.10.4 l=26325
last-modified: Fri, 08 Jul 2022 15:57:07 GMT
cf-bgj: imgq:92,h2pri
server: cloudflare
etag: "cfuv67sSBDX8-H11BDNoAV3g:c181afbc7b4931129ed39ba4b40dbff1"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4c6bc7e5b3e-FRA

GET
H2 200 23010109_G.png
wdfx.images.worldnow.com/images/ 39 KB
40 KB 40ms
40ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/23010109_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ff22f5016ae32a579105d44e94d8910dfa94de4f78690e713657f3db0238bc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 40296
cf-resized: internal=ok/h q=0 n=26 c=11+75 v=2022.10.4 l=40296
last-modified: Mon, 18 Jul 2022 15:04:41 GMT
cf-bgj: imgq:78,h2pri
server: cloudflare
etag: "cf8EBJmT53NC-5EDS0_TC4vw:eb658cff30664ae78e63e8b800c2598b"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4c6bc7f5b3e-FRA

GET
H3 200 S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6768 36 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 16:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15944
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 16:28:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 882C 0
0 49ms
49ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=377537433236964&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6768 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?F1J3cg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9720 16 B
232 B 74ms
74ms Fetch
application/json 3.9.45.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.45.93 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-45-93.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Oct 2022 02:41:08 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 113ms
28ms Preflight 3.9.45.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.45.93 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-45-93.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 26 Oct 2022 02:41:08 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=377537433236964&bg=!GRqlGl7NAAaaxvStusY7ACkAdvg8WruwIUruB9Otlb3rmtkT4VVT25ZC0XjfkrPeiLJH4XFuUwdxCQIAAABTUgAAAAJoAQcKAMCwFM7AEcJiRlEQ91t-cNidmDNAAofS_RcrGJRa6ke0Z4369BJHSyPcnoKcQQKdB40kEs1oeLzkfI2julL3NKmdUgYfjcjo6n0aNft-oiIp3xFzybZk8_Wl76ypOAUutAuX-XShLlETCY38CDU7TTBELlrnSiyyqMN8_XTxvmCVx2AykDzLOaAc2pht5KFba9NV5J0z-waBxMwpiUegbfZHKNTqwhPaXbykfg4j68lcrF-goM4CslrDFJh61MTLA5iZAqqwu-yuCJZr01J914CBxRh7efe1MZxOlfVSizSG6Hr8Hp-PMGrV7pjXWEE51npuokh0DM_Mjvbf_9iHmRRGNlTWXxs5KhxtFDn5KiU9qrsxI4dzJq5V3_CG7QlpHTFDcFW5sOxnboOUlUlS5fW9kmlAvVyCjgWnsi3jdjDqRsLZF3O7EuLTFUhkzywd2SWZ2uBsxlC01bDMqTgvnUTMcZP-K5eFBTv_f5L4lfd7DTb-tLPBEdK4cnJ0TKdkNadJRes7EZY6XWnZqxiBepA7VrNy6dht-E_a318GCOfJmCg1QSEhLICuEGP6VW9kD5a2bSbfKEz3urXt5IGa0keeK-M1MlTKP643O7eugcor3z-kmmXBU7Rl5YDClEEhjfPCy8ajSQtuOrwfDgKsdLozN8YgEfUTGmXtHsSq3FijDG6SjyXoBxL7yQ633UrVS0qwP4QZuVWew1_wQUGO-v4YvvPC69KEUqGNSs5tPsCzLcIuvNBKyUcAjbIZ68iAAm15h-snRF0hZYyazy2WhKMK4zt4oWerZTtLFq2bmVHybaeMyrJLduri_XHjT7LaGpfAj8vByfnB0DAH3phdcGMzBDRS1FWdw2Hf-TGCEF1Mtlebg0Eu5YjeLGDg-sIF7K7h1xcSTfvKtVtWR9yDgUws1hEt5xrdAxiKst0KWx31l1lla1RZsbgclHAbFiL2ZNSNnK9_2ZZDx8MJL-64pk1CNPwUMMDad4Wk-jaShDAj7cn4Eh55qX-fXENiH8f7ZZiMKv8MjWJMQhpEG7O7aL_o-SovIWBVZJKZHNbtrTYP_tKitKJXgsl_4GPuTeO2yPh6acCjVUx1rA4CFlgLWem8xMGIlGif4xK9JLuCrfsWZuyEJWVN39banEjcsUrBih8gRfqiu1RU-Q3n3POm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 845 B
610 B 151ms
151ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=36312

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cbbf409c010ece440595a5a84751cc1d3b1121e392016dbca8004a737fef28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 461
x-xss-protection: 1; mode=block
x-response-time: 194ms
server: cloudflare
etag: W/"34d-SOUAkUnHnms2GX4AkeOrC8vsRvo"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ffd4cd5ef4bb4a-FRA
expires: Wed, 26 Oct 2022 02:44:08 GMT

GET
H2 200 26_cloudy_day_night.png
ngw-static.franklyinc.com/assets/static/ 2 KB
2 KB 131ms
130ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/static/26_cloudy_day_night.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5986fbf89a06e3788ae62c05a8fbe38cac3034377a9602bdab3c651c7a19eb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:08 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Mar 2020 16:09:54 GMT
server: cloudflare
x-amz-request-id: RX412A693SFXF1JW
etag: "febd94620a53d84f3d864c9cf5526544"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4cd5f4c8fd4-FRA
content-length: 1983
x-amz-id-2: uaZo2dsKdPrzRc3LvwQPYQBRTljDdGUxcDllo1aQ9R3UjR4DIH7FSJ87AVbN79f18WpVwa4CKSE=
expires: Wed, 26 Oct 2022 06:41:08 GMT

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 6D1B 0
210 B 79ms
26ms Ping
text/plain 213.254.244.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=05338f3cb64944f7a298baac0819b81e&gdpr=&gdpr_consent=&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=218&eoid=12&msrjs=3130&dvp_ac_version=0810&dvp_acibv=&bsigr=19860147274241&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=111&tetms=11&msltms=36&vltms=218&sei=289&vetms=12&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=786824&msrcannum=4&ismms=61&isumms=60&nvr=6&isgmmims=61&isgmv4mims=61&elmtp=3&isbxdms=3061&b11=3177&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&lftb=3177&sftb=3177&msrdp=1&naral=786432&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=961&isuiabvms=961&isgmpims=60&isgmv4dpims=961&ispmxpms=961&engalms=58&dvp_hdnAd=0&dvp_dpr=1&ttfurm=3269&cbust=1666752069805958
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 26 Oct 2022 02:41:06 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 10/25/2022 02:41:09

GET
H2 200 19476097_G.png
wdfx.images.worldnow.com/images/ 320 KB
321 KB 29ms
29ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19476097_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ba3c9fe481f2762d707727eeb02a9f3815098fff075f6ab8a535fb222b09cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:10 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 327625
cf-resized: internal=ok/h q=0 n=18 c=13+357 v=2022.10.4 l=327625
last-modified: Mon, 08 Jun 2020 15:04:36 GMT
cf-bgj: imgq:82,h2pri
server: cloudflare
etag: "cfy_twT_mVyUReXe05rZN_LQ:0fdf37cf3c8081d207780dfbb62fabaa"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ffd4d8bfe75b3e-FRA

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 876 B
622 B 127ms
127ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=36330

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e575f71114a5da94bcc4a3dc2a81bf45b65cfd69e184cfa99eadeff75618fd42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 472
x-xss-protection: 1; mode=block
x-response-time: 641ms
server: cloudflare
etag: W/"36c-eNCDCtKuzyIx35GGFL8fSEK6SPU"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ffd4e01bb8bb4a-FRA
expires: Wed, 26 Oct 2022 02:44:11 GMT

Verdicts & Comments Add Verdict or Comment

386 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wdfxfox34.com/	1970-01-20 16:35:12	Name: _ga_6YXLQLNYFR Value: GS1.1.1666752064.1.0.1666752064.0.0.0
.wdfxfox34.com/	1970-01-20 16:35:12	Name: _ga Value: GA1.1.80601208.1666752065
www.wdfxfox34.com/	1970-01-20 16:35:12	Name: _lang Value: en
.wdfxfox34.com/	1970-01-20 16:35:12	Name: _ga_frankly Value: GA1.2.80601208.1666752065
.wdfxfox34.com/	1970-01-20 07:00:38	Name: _ga_frankly_gid Value: GA1.2.667042105.1666752066
.wdfxfox34.com/	1970-01-20 06:59:12	Name: _dc_gtm_UA-82494642-222 Value: 1
www.wdfxfox34.com/	1970-01-20 16:35:12	Name: _ga Value: GA1.1.80601208.1666752065
www.wdfxfox34.com/	1970-01-20 07:00:38	Name: _gid Value: GA1.1.438905588.1666752066
.doubleclick.net/	1970-01-20 16:20:48	Name: IDE Value: AHWqTUkl4Tt5ZJTATtMJIgpiqSZmbLh2FJSkNRBsWFXtUEY0TPdh8ch1m4Invze49h8
.doubleclick.net/	1970-01-20 06:59:12	Name: test_cookie Value: CheckForPermission
.pubmatic.com/	1970-01-20 07:00:38	Name: KTPCACOOKIE Value: YES
.wdfxfox34.com/	1970-01-20 16:20:48	Name: __gads Value: ID=014a55791b7b3499-22ead05957ce00eb:T=1666752065:S=ALNI_Mb7WuHbLDjm1Uhaa7CkZSIukMwl-w
.wdfxfox34.com/	1970-01-20 16:20:48	Name: __gpi Value: UID=00000b78716d37ed:T=1666752065:RT=1666752065:S=ALNI_MaI2sRXCnzGjI0mT6g5YZkDybuf3g
.1rx.io/	1970-01-20 15:44:48	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-108779ae-d927-4660-a306-e3b709ba8fdb-003%22%7D
.pubmatic.com/	1970-01-20 09:08:48	Name: KADUSERCOOKIE Value: 9725BDE6-CF9B-475F-91EC-DB90BF3E0467
.travelaudience.com/	1970-01-20 16:29:26	Name: _tracker Value: %7B%22UUID%22%3A%223F6C65C6-697E-40AE-94D3-A5257EAE2C71%22%7D
.targeting.unrulymedia.com/	1970-01-20 15:44:48	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-108779ae-d927-4660-a306-e3b709ba8fdb-003%22%7D
.tribalfusion.com/	1970-01-20 09:08:48	Name: ANON_ID Value: aBntmIqZbaOE6iPq6fHMjqNWL3SmYNfk5425t38YVjDDZcmjYpOF86ncDmwhSnLtWqxDoVasSUb7UWnmT9UKwJgp9Q
.awin1.com/	1970-01-20 07:09:16	Name: awpv14098 Value: 412871\|1666752067\|a47200f0-54d7-11ed-adce-2234a4c513ba
.awin1.com/	1970-01-20 07:09:16	Name: awpv11938 Value: 412871\|1666752067\|a4807fe0-54d7-11ed-9d10-2262c713b6c4
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 07:09:24	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1666752067_a4807fe0-54d7-11ed-9d10-2262c713b6c4%22%2C%22sp%22%3A%22awin%22%7D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wdfx.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wdfx.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js(Line 25) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://wdfx.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js(Line 26) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cdn.cityspark.com
cdn.doubleverify.com
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
cntsyncont.images.worldnow.com
code.jquery.com
content.worldnow.com
csp.azureedge.net
e332d627fd4edf08e51ae8400f235717.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
ftpcontent.worldnow.com
ftpcontent6.worldnow.com
image6.pubmatic.com
imasdk.googleapis.com
maxcdn.bootstrapcdn.com
ngw-static.franklyinc.com
onetag-sys.com
p.cityspark.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
prod-rtb.ad4mat.net
region1.google-analytics.com
rgcbv.com
rtb.openx.net
s.tribalfusion.com
securepubads.g.doubleclick.net
stacker.images.worldnow.com
static-de.ad4mat.net
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
track.webgains.com
wdfx.images.worldnow.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.wdfxfox34.com
142.250.186.166
148.251.139.77
172.217.16.194
18.169.123.253
185.64.190.78
20.60.81.107
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1a
213.19.147.45
213.254.244.112
23.203.81.208
2600:1901:0:76b9::
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700:4400::6812:2776
2606:4700:4400::6812:27f7
2606:4700:4400::6812:2862
2606:4700:4400::ac40:939e
2606:4700:4400::ac40:94e4
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:acf
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9a
2a02:26f0:1700:6::17d5:a18f
2a02:26f0:1700:d::1737:6e8f
3.230.160.228
3.9.45.93
35.186.253.211
35.190.0.66
51.89.9.252
52.160.40.218
65.9.66.110
66.155.71.150
01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7
0558b0023c1c4ef9ad3c1948f9cf1c889992b6038dc9dd482b75caad94339ad0
05dda2cb47317201eb228289f1316b7aa3803e8441a2a1d1d0374e4d52ebe642
065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486
07c659dfc9a1b814dc3c5c6c4e7781dec352352f0975800f90c552b7bfbe27af
083a81a7c987c9751419f01d26ca7539e7661e73a7159843cf8f06b34eb36233
0b2803d3980b56c1a1868f7f1374850f2b6a2f9c514c6eed8dbc8b4b0200111c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d6515fe299b835ae987c38bb0f26fc4ba8bd38d9d444c6a6aeb5fc4ee534277
103c62f4ae7e10a5a3cd4a0d307d39254b73e41d63f99794076363de8aba6cdb
12224defb844e6472916edb34677dc2f74755df440eed5711b33a0d0b40190ba
137d0af41219c7b514962e0c81c6a3ce841516866d4d280b65c6f10b39057829
19fbc4dd2faa74407bfca29c7e959b650114ff63916b6555c24e69de2c216a9b
1b08ea0691a25a239e5db2b23367126dda0520d177e3209616e540fc01f5b10b
1c6dce761e72309f05b20d64d404ca9798d126f01de528969d0b37f546bcd319
1efe771f5589f06a1b158d846b13af0ab0158d1b36a2c2f391e075c3132a9208
1f7584acdcb0fd7e3be17c0558206be07649635809195eb398eb82d656521deb
2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b564d050cbe98c80ef626b3deb03c4960f8928d2ee11163cd0a012986166681
2c997dd2117e327864cd06743f204f152fd1d00fcd5e718f666328249663cef3
2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3048149bb0d5ab4b5d709224e0216b715c7d0317a403a673408a915fde997477
340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c
38ddc763f362ec861248b814820095bc3feb499f5f684251b4a85d4ad3cfeee4
3a425f0d2c3f6f6e33ae9c2717869fbd1f423444a5bc2ee60fdb05dee0822975
3bc96bdb42eea0c082bdd8871ba75cc9ce6f0c26c866ad5ff87e6de7f73b9a33
3cd7482bf991eb7dc9fb12dcdac98dc8dde2ed1c80617eece7e00ced675b8d08
3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
44c862d08f95204cbf4f38d727a8d1b28d6eca292e49602d23493a3d119a0ef0
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e
4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec
4ca6d74cad633ecfab918aeba895c4ec22de204c136ddc7d9779d1a57ccd3b8b
4cc14d01a44646f6ba79e34ed0359b38d4a584055261f6327b052859b17927e9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785
4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167
512cf51c32f167aa9353d32c3d926ac902b31f815af8b0403c0c0db099440ba3
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b73919ece16c4bb75efbec4adebd5d799c0dfd9d0c3ca787509a31aa18f93d
55c91e8f2c6f2a48da3092f7d676b5089e8387a2f30ab353412942e33c8eaca2
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
57a62640952523260df08a98c8d7f794e2e9cb17d6d81f4a10cf3958237b628e
5986fbf89a06e3788ae62c05a8fbe38cac3034377a9602bdab3c651c7a19eb9e
5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52
643bba58ce61488334e10de9ebeecb1a92ae0ede0cc30d40e67b572ba6c5a0f3
673a628d04deb21b0ab7a9b2b87765a64766c897979cc1b3c89c8961c9d7db11
69e684f1cedb10bebcb5e0b5a85b7b16f1d4218137c17789954cc73564366e10
6b80524fa24b41bc3797a9acd42ec11382b48e8a62027e525264fcb3e9bc3cdc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2
79b467191c78e7168dc4d9a184f2b017c326ea508f423dfa5911fa3077c7e8ec
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6
7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
866adc7f11d568a8986a97983445c4f9a2dba2411a30c3eab52d8b2ae966f44b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a2fc60091c50cbed19d697ea916e905d4c9174050ff6af1930b6ba87b65621b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b1b3b7297ec8378a0ec3931fdb5e525c793442a3cdd15ee518064404828b0d9
8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d
8b4391d4261a4d128e196f61bc5e1d8abd7c8ee8e3cf3a4362a8015faf6c4370
8cbbf409c010ece440595a5a84751cc1d3b1121e392016dbca8004a737fef28f
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ff22f5016ae32a579105d44e94d8910dfa94de4f78690e713657f3db0238bc7
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4778a244a5b3bb89aa9c073a4efeb8687c8d2a67b96481576aa9a029e9eb1b
9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed
9c7e1d3e86394ff119878d2c1f69f58daa963d54c8db71098834b57469fbddf0
9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a
a5e2a7741be63f59de3c7649731a377fe6b2f4dafa1750a924811dd45f73a54d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024
aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1
ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db
ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf
b28981d1ac39524dbd9a0ed83162f052006aad8748008c4de46fa27ec1c59312
b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca
be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222
c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3ba3c9fe481f2762d707727eeb02a9f3815098fff075f6ab8a535fb222b09cb
c6f5cdf1e20839f80503a6c013c0b6734cfebdee578d9c43364d061d90c61a03
c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167
cb22a1425e3813bc31425e0c35233761a4e4609ce50812465f9c648d6f3479f4
cc8d5e3d2a5146954891ce1d0cfb006517b179f8247c3f98f85bf3d646c9b90e
ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1
cd6120e671cb88765871fe6a8eda45e192136ba52b87ed47bd849c9c6d86ba94
cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9
d2d50e019b6f544bdaa43f220a5c2f2949dcc61f7d4d3dbc50d5dfe53b6c1b85
d8ca934dc5cc18f06d110f6f7a82671a6a4c4654cddb6d12e6d3b6c8aeb4b244
d9bd44136d6962c88d5a51be8e2ef579e935a617d18becfb96dc1a1ba11f29fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e569af46a2fba96d9faa4b158b60d2ede18a5f3d563ff967abc1ae1b761b9d6e
e575f71114a5da94bcc4a3dc2a81bf45b65cfd69e184cfa99eadeff75618fd42
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31
e94ddde4f3df41ef02b08a889bb56fd90ad9470435159cc27f1bb9a1adf1017c
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4
ec0cf7c1797e6534470bccea76daf1e0b8d07fb96cec70a1ccafda988ecef29e
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7970a4481293947b1bb212efd465130bfa8422c56ed3a47e73cf6d54914462
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71503843ed1c9eb5a6c2cfb90eec64b87ac04228e9c064870f50135c0e3af3e
fe8437cd5a7ada22f5a5991fd0747060211bd514e36f6d41820a68c90c57c633

www.wdfxfox34.com Open in urlscan Pro 2606:4700:4400::6812:27f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

169 Requests

96 %HTTPS

65 %IPv6

34 Domains

55 Subdomains

44 IPs

5 Countries

5732 kBTransfer

14341 kBSize

22 Cookies

15 Outgoing links

Page URL History

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wdfxfox34.com Open in urlscan Pro
2606:4700:4400::6812:27f7 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

96 %
HTTPS

65 %
IPv6

34
Domains

55
Subdomains

44
IPs

5
Countries

5732 kB
Transfer

14341 kB
Size

22
Cookies

169 HTTP transactions
4 data transactions