www.wdfxfox34.com Open in urlscan Pro
2606:4700:4400::ac40:9409 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wdfxfox34.com/
Submission: On October 26 via api (October 26th 2022, 1:54:24 am UTC) from SG — Scanned from DE

Summary HTTP 261 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 45 IPs in 8 countries across 32 domains to perform 261 HTTP transactions. The main IP is 2606:4700:4400::ac40:9409, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wdfxfox34.com.
TLS certificate: Issued by Cloudflare Inc RSA CA-2 on March 2nd 2022. Valid for: a year.

This is the only time www.wdfxfox34.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:440... 2606:4700:4400::ac40:9409	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:440... 2606:4700:4400::6812:271c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:440... 2606:4700:4400::6812:2862	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	2606:4700:440... 2606:4700:4400::ac40:948a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::ac40:939e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	52.160.40.218 52.160.40.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
10	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	66.102.1.155 66.102.1.155	15169 (GOOGLE) (GOOGLE)
1 4	34.247.139.125 34.247.139.125	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
4	20.60.81.107 20.60.81.107	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11 20	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4 10	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 7	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
28	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
5	2600:9000:214... 2600:9000:214f:9a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2600:1f18:1ac... 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2	14618 (AMAZON-AES) (AMAZON-AES)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.11.239.181 23.11.239.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
261	45

10 2606:4700:4400::ac40:9409 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wdfxfox34.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::6812:271c (United States)

ASN13335 (CLOUDFLARENET, US)

ngw-static.franklyinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::6812:2862 (United States)

ASN13335 (CLOUDFLARENET, US)

ftpcontent.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ftpcontent6.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:4400::ac40:948a (United States)

ASN13335 (CLOUDFLARENET, US)

wdfx.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stacker.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cntsyncont.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:939e (United States)

ASN13335 (CLOUDFLARENET, US)

content.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.247.139.125 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-139-125.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

citysparkstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.74.194 (Glen Cove, United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.211.12 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:214f:9a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.11.239.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-11-239-181.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147 ade.googlesyndication.com — Cisco Umbrella Rank: 287	690 KB
47	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 bid.g.doubleclick.net — Cisco Umbrella Rank: 444 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	314 KB
45	worldnow.com ftpcontent.worldnow.com — Cisco Umbrella Rank: 144531 ftpcontent6.worldnow.com wdfx.images.worldnow.com content.worldnow.com — Cisco Umbrella Rank: 162670 stacker.images.worldnow.com cntsyncont.images.worldnow.com	3 MB
28	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	539 KB
17	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 620 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 546	194 KB
12	franklyinc.com ngw-static.franklyinc.com — Cisco Umbrella Rank: 158251	1 MB
11	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	8 KB
10	wdfxfox34.com www.wdfxfox34.com	142 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	7 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	671 B
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	259 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 482 tps.doubleverify.com — Cisco Umbrella Rank: 502 tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9427	109 KB
4	windows.net citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 28840	313 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2668 www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
3	gstatic.com fonts.gstatic.com	75 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	129 KB
3	cityspark.com cdn.cityspark.com — Cisco Umbrella Rank: 32977 p.cityspark.com — Cisco Umbrella Rank: 22523	15 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	795 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 373	960 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 828 s.tribalfusion.com — Cisco Umbrella Rank: 2234	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1137	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 409	365 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	128 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	6 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720	31 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 863	45 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	457 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 13419	554 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 14057	60 B
1	azureedge.net csp.azureedge.net — Cisco Umbrella Rank: 29972	61 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	29 KB
261	32

	Domain	Requested by
28	s0.2mdn.net	www.wdfxfox34.com s0.2mdn.net eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
28	pagead2.googlesyndication.com	eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com bid.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net www.wdfxfox34.com s0.2mdn.net www.googletagservices.com
20	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
19	tpc.googlesyndication.com	eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.wdfxfox34.com s0.2mdn.net
18	wdfx.images.worldnow.com	www.wdfxfox34.com wdfx.images.worldnow.com
14	cntsyncont.images.worldnow.com	www.wdfxfox34.com
12	ngw-static.franklyinc.com	www.wdfxfox34.com ngw-static.franklyinc.com
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.wdfxfox34.com
10	www.wdfxfox34.com	www.wdfxfox34.com ngw-static.franklyinc.com
8	dt.adsafeprotected.com	eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
8	googleads4.g.doubleclick.net	www.wdfxfox34.com
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com www.wdfxfox34.com
6	www.googletagservices.com	content.worldnow.com eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6	ftpcontent.worldnow.com	www.wdfxfox34.com content.worldnow.com
5	static.adsafeprotected.com	pixel.adsafeprotected.com eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
5	www.google.com	eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5	eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	citysparkstorage.blob.core.windows.net	www.wdfxfox34.com
4	pixel.adsafeprotected.com	1 redirects eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
3	stacker.images.worldnow.com	www.wdfxfox34.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.wdfxfox34.com
3	fonts.gstatic.com	fonts.googleapis.com
3	content.worldnow.com	wdfx.images.worldnow.com
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	cdn.doubleverify.com	securepubads.g.doubleclick.net www.wdfxfox34.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	p.cityspark.com	cdn.cityspark.com
2	fonts.googleapis.com	ftpcontent.worldnow.com client
2	www.googletagmanager.com	www.wdfxfox34.com
2	cdnjs.cloudflare.com	www.wdfxfox34.com cdn.cityspark.com
2	maxcdn.bootstrapcdn.com	www.wdfxfox34.com
1	tpsc-eu3.doubleverify.com	cdn.doubleverify.com
1	ade.googlesyndication.com	www.wdfxfox34.com
1	ssbsync.smartadserver.com	eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com	eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	m.exactag.com	eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	bid.g.doubleclick.net	eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
1	csp.azureedge.net	cdn.cityspark.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	imasdk.googleapis.com	content.worldnow.com
1	cdn.cityspark.com	www.wdfxfox34.com
1	code.jquery.com	www.wdfxfox34.com
1	ftpcontent6.worldnow.com	www.wdfxfox34.com
261	55

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
wdfxfox34.com
portal.cityspark.com
al-ba.com
www.grittv.com
publicfiles.fcc.gov
www.aboutads.info
www.franklymedia.com

Subject Issuer	Validity	Valid
www.wdfxfox34.com Cloudflare Inc RSA CA-2	`2022-03-02` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
images.worldnow.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.cityspark.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-08` - `2023-03-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 01	`2022-08-18` - `2023-08-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.wdfxfox34.com/
Frame ID: D53413B0C29F4712845CDEA378F6D0FB
Requests: 111 HTTP requests in this frame

Frame: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0E8B6B2D4159F2D330AB1F6A5E1D83C7
Requests: 1 HTTP requests in this frame

Frame: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A830D6D60FB7FB3B47C7F67601426B4F
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPoBEMaM84AEGO2bptQBMAE&v=APEucNXu_J7iyTLgcXyGbLcH4K3ncG19o4GM7CovGf1CU6MMr9XGpNuhBhCIsrRe0F7ovVyxYKW8HOqSmiO1PCtyObuhOXVPkYvy6eKF4wy_p_-QdtPFQPauJ3tkSi_wUWLAmQaD6lUpzfx--ICurDxStGGoRhH2-vSmda22C-HDS_kgyY3uODQ
Frame ID: EBFE4019F65727AE56647646660FA548
Requests: 5 HTTP requests in this frame

Frame: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 310A46EFD65D6816A789030287CDFF2E
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7AC62ADE1BFA59C61B6CC200B2933CEA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNVWt1dA3sE4ZfVOG7SGo_yNyqqLcaO-CuoXbLVh7oSv5nK_2WNGCTYZZstWPxeDWdi4P1nKvyjcDM0aiwYNq0uwiVnxWfrqbaiPGT_5BYQnWCRYmr14cUzS31o3Om02YVJ-xczatKUQ0EzubS4S_AwoBmiKn-KmbzZBuSQJRUvrc7vkfUk
Frame ID: 87CF936DABCDE004E5BAA5124BCF49B1
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4808050399242289082/MR_300x250/index.html
Frame ID: 7700AC0589B1BE5D8D80CE631444B58D
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyG9fkrDPmUOhi3oZeYeZtwa1dzmU1rKMJXYVEO7Sb-1wXYQhTSA3yfq3U2GygcMokEjpfVlo0M7iZ4RRapezoN5Hbb4k6tQ9b9d0OBhnjlBezt5DqZgO7nDnJt6cZamqRj2zZj1NU3JkMX5RJh9MPxPVpobK-8h6TyrqDB_ei6P6k5j6bfhIAwOD-KT0lTnLnRnw7DGCb01_aryDoIWBeK_o1bJzoGu8cdCrJeu6YuS4KL5krErXBAhvCAZtGes64-1rGIkCJxivRQtz72v3Nrfct8flMbGVH-X-I8d1-KNVQA-aJoX-MI67SrBitw5PX2H1fczLiF_9uu5T1OHg8ICpxl6THSoVhB0-lLtMpxoV2&sai=AMfl-YSarVLd7EjC_O1F7p8yVcXAi8Kdr98rSYfZQ2x66g_-akjMaWXHh9BW1PiA9dhDIjyg_5p7-iFZxV_1CFxRmTAyIqauh4ozMB_Qp-mG830RhQc3XiT1F9gZBnsZpuSnryPL3w&sig=Cg0ArKJSzKBwivMr2FyOEAE&uach_m=[UACH]&adurl=
Frame ID: 0E51E21D7FA9DF8DECA4B3BEEBB37471
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
Frame ID: 98EF82DF06CE81C1D757C4CCA22B629B
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B48465A7DF18085B40D4DDFD580228E6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 269549F7A9935117CAF800C09A1FB179
Requests: 3 HTTP requests in this frame

Frame: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 55218CBA6A48C0037842BA265C635107
Requests: 23 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: AED763330CF4DC7D5055E845382D8FBA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY5v2bvQEwAQ&v=APEucNWdfvXSdrkjDqUYyaN90ZOY4EX2jbKoiqkIZEZ84rntTrVsQppEj6W0NKH-m5AQ6rYFYNXpVc0C0DC_z-qwbD8VQGFLahFsmMk_h_U86bYf49xVGtPFLfuX7yBRL_I4dsSLj2h0FxYZMttK8D0dpjq0ORNhdqY1EfbOTysOdNEt5WU0sbM
Frame ID: 95EAA2D749C405CFF751D663255A1D7B
Requests: 5 HTTP requests in this frame

Frame: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B7D984FC10FC60A7652E4089CE89DCBC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNXd6XAloI0hhqeOw2IvePZneD7lZAK7wpkcnDgnsg3w9D0Py3txfTf8W7UPrUtt7dsm7NXlV-EPfg_Sk23A_8HJSO5OMjjHvxvwZ7rR9hp6zcEtSLjaC2kHRfNt6EbaCywF6VHPEYvOP7jHiLvhNbJaXBsTn6f76oYyexDvJc0JXDdiqsI
Frame ID: DA2CE94EF2FCD4DAD0CA91E4D2BD03D7
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247
Frame ID: B833E7E7677AD800CCA89B59D0C40BA9
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D0C22FD47F90ECE20A3CE4B149B79BEE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 55BBFF9EE7D128EB8FDBC3F731DDB81B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4A1475B5B38F2D52CEC46776ED823D3A
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EA37D9536FFC0245B8C72B1DD66BDBAC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Frame ID: 2D0F336AF248EA5EA218F0A028BFC267
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - WDFX 34 - WDFX - Fox34Arrow LeftArrow Right

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

261
Requests

92 %
HTTPS

59 %
IPv6

32
Domains

55
Subdomains

45
IPs

8
Countries

7110 kB
Transfer

17519 kB
Size

25
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pg/FOX34WDFX/posts/?ref=page_internal

Search URL Search Domain Scan URL

URL: https://twitter.com/WDFXFox34

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar#!/details/PAW-PATROL-LIVE/10602229/2022-10-26T18
Title: Wed, Oct 26 @6:00pm SponsoredPAW Patrol Live!Donald L. Tucker Center Tallahassee, FL86.7 mi

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar#!/details/FAMU-HOMECOMING-HIGH-SCHOOL-BATTLE-OF-THE-BANDS/11032035/2022-10-28T14
Title: Fri, Oct 28 @2:00pm SponsoredFAMU Homecoming High School Battle of the BandsFAMU Jake Gaither Gym Tallahassee, FL85.7 mi

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar#!/details/THE-PANTERA-EXPERIENCE-A-TRIBUTE-TO-PANTERA/10819290/2022-10-28T20
Title: Fri, Oct 28 @8:00pm SponsoredThe Pantera Experience - A Tribute to PanteraClub LA Destin, FL84.6 mi

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar#!/details/ONLINE-WINTER-PROGRAM-REGISTRATION/10432143/2022-11-01T00
Title: Tue, Nov 01 Online Winter Program RegistrationDothan, AL

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar#!/details/BECCA-ANDREWS/10639718/2022-11-07T18
Title: Mon, Nov 07 @6:00pmBecca AndrewsWeeks, AL

Search URL Search Domain Scan URL

URL: https://wdfxfox34.com/calendar
Title: See All Events

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/WDFX
Title: Add Your Event

Search URL Search Domain Scan URL

URL: https://al-ba.com/wp2/

Search URL Search Domain Scan URL

URL: https://www.grittv.com/

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/f7972926-7d07-3e10-1ef7-01dbf53ad69c/fbb7b2dd-6fe5-4ea2-b1c3-9e1d96dcebb8.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WDFX-TV
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.franklymedia.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOW1heTi0t7bhhUheIhrpUw&google_cver=1

Request Chain 108

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iTSTW6X7d1S7Aj-fJ.ewAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1&google_hm=2

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEO2xGkdXoRJ3R30oDz_Gjqo&google_cver=1

Request Chain 110

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1

Request Chain 128

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iTSTW6X7d1S7Aj-fJ.ewAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1&google_hm=2

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIwLhQ2hViLAR7jny_yP9II&google_cver=1

Request Chain 130

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D

Request Chain 150

https://pixel.adsafeprotected.com/rfw/st/1193850/66084803/skeleton.js?bidurl=https://www.wdfxfox34.com/&adsafe_url=https%3A%2F%2Fwww.wdfxfox34.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.wdfxfox34.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Feb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Feb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6979b58d-6ac2-637f-76c8-5e014fd9271f,c:s6VoXz,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-rvxz5,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:218,mot:0,app:0,maw:0,fm:tlky1FT+11%7C12*.1193850-66084803%7C121%7C1221%7C123%7C131%7C132%7C14,idMap:12*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:237,oid:19d28b8e-54d1-11ed-b513-ca62637d255d,v:19.8.358,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHzt_MTC0HW17bU7VDwvws&google_cver=1

Request Chain 172

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iTSTW6X7d1S7Aj-fJ.ewAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHzt_MTC0HW17bU7VDwvws&google_cver=1&google_hm=2

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGFrUHYg5HJ4eeFPQvZjOrg&google_cver=1

Request Chain 174

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJx1m781rzZ0_utoOT67B10&google_cver=1

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEPlEi4DAxPOJJZzjRQ7DuXA&google_cver=1

Request Chain 218

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKKh6l8QxGgunvSeezx2CsQ&google_cver=1&google_push=AZmPxg-F8gg0VtZFfyxm7W0wluC53MMub9GO6vPZ7a3Fso0Nk6DD26CLgKQFS0caDt9mvcomr5jvrQcBBNFttwWDTRqtC2bpFtSx&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-F8gg0VtZFfyxm7W0wluC53MMub9GO6vPZ7a3Fso0Nk6DD26CLgKQFS0caDt9mvcomr5jvrQcBBNFttwWDTRqtC2bpFtSx%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKKh6l8QxGgunvSeezx2CsQ&google_cver=1&google_push=AZmPxg-F8gg0VtZFfyxm7W0wluC53MMub9GO6vPZ7a3Fso0Nk6DD26CLgKQFS0caDt9mvcomr5jvrQcBBNFttwWDTRqtC2bpFtSx&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-F8gg0VtZFfyxm7W0wluC53MMub9GO6vPZ7a3Fso0Nk6DD26CLgKQFS0caDt9mvcomr5jvrQcBBNFttwWDTRqtC2bpFtSx%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 219

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOtCMovo_GPwtOxyowVwTno&google_cver=1&google_push=AZmPxg8vjmWwgo58glZ_lhzr6ZZ8IW7m581GrIyr6mU_XYxGrI32W-Bv_kFKtjEVLrvNKgPsVx3ogjdEkijj0S7edMrJUDLOMECn HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_ZwOawegQnqxGB8UYNmjsQ2&google_push=AZmPxg8vjmWwgo58glZ_lhzr6ZZ8IW7m581GrIyr6mU_XYxGrI32W-Bv_kFKtjEVLrvNKgPsVx3ogjdEkijj0S7edMrJUDLOMECn

Request Chain 220

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHg1aeZa_j7qZYbV2-aCCpA&google_cver=1&google_push=AZmPxg8hfRwQlf6JDwhR-mo41CH4hley30cVw82iEHaXdPJMx4fxN6qcJRgnNPsj0sn3YTewb6BYy-JCSGkZUd_OVy9IWL6ycZs7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPWkgyUVUtNi1FRE4=&google_push=AZmPxg8hfRwQlf6JDwhR-mo41CH4hley30cVw82iEHaXdPJMx4fxN6qcJRgnNPsj0sn3YTewb6BYy-JCSGkZUd_OVy9IWL6ycZs7

Request Chain 221

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEh0tGuErCoHw5CRyBoBsqM&google_cver=1&google_push=AZmPxg-sNXEtfVfjobIuPHIo8WtjDuHrHTQ3O50S9v0s4HFrnXI8q8gF5ZBO47vFQjeje3hjd6g11kbO9dStGIuVMe1vbT9AU9ND HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEh0tGuErCoHw5CRyBoBsqM&google_hm=Y1iTSTW6X7d1S7Aj_fJ-ewAADTUAAAAB&google_nid=index&google_push=AZmPxg-sNXEtfVfjobIuPHIo8WtjDuHrHTQ3O50S9v0s4HFrnXI8q8gF5ZBO47vFQjeje3hjd6g11kbO9dStGIuVMe1vbT9AU9ND

Request Chain 222

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDxwEkl5FciQnBUZSpEQ9Gc&google_cver=1&google_push=AZmPxg9DSQ0_9UETVOM6egMqHDR6kJx5-bOwHcWgTWEYELO-oK_kt7JE_UZGAifIQBuzn_DIqzSdX1-FzhuI0BOBF3-QS83BEbVJ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9DSQ0_9UETVOM6egMqHDR6kJx5-bOwHcWgTWEYELO-oK_kt7JE_UZGAifIQBuzn_DIqzSdX1-FzhuI0BOBF3-QS83BEbVJ&google_gid=CAESEDxwEkl5FciQnBUZSpEQ9Gc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUxODc1NzE3MzkwODA0MTM5NDE4OA%3D%3D&google_push=AZmPxg9DSQ0_9UETVOM6egMqHDR6kJx5-bOwHcWgTWEYELO-oK_kt7JE_UZGAifIQBuzn_DIqzSdX1-FzhuI0BOBF3-QS83BEbVJ

Request Chain 224

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMZntW2Rmsw0j0vBaX-wx_4&google_cver=1&google_push=AZmPxg-66wq6p5bhEraW33Ki2J5_o4v64AM1D2Qcf1OFpXGn1GaaayaINwVC-hH2blng2Pv70FYZM2-UrTJ6knSEuHW5ouWMkmdRkg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMZntW2Rmsw0j0vBaX-wx_4&google_cver=1&google_push=AZmPxg-66wq6p5bhEraW33Ki2J5_o4v64AM1D2Qcf1OFpXGn1GaaayaINwVC-hH2blng2Pv70FYZM2-UrTJ6knSEuHW5ouWMkmdRkg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10TjJJZjV0RTJ1R2FtYTQ2aDFCaUowNVF4MDRxZ3h2WH5B&google_push=AZmPxg-66wq6p5bhEraW33Ki2J5_o4v64AM1D2Qcf1OFpXGn1GaaayaINwVC-hH2blng2Pv70FYZM2-UrTJ6knSEuHW5ouWMkmdRkg

261 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.wdfxfox34.com/ 1 MB
131 KB 62ms
40ms Document
text/html 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a22ca104d15f7192ab6db868568a7564c13fde3107393ddb51f2ea4a78c6bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 160
cache-control: public, max-age=120
cf-cache-status: HIT
cf-ray: 75ff901d9c389a2d-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 01:54:15 GMT
expires: Wed, 26 Oct 2022 01:56:15 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-response-time: 146ms
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 42ms
15ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 20676083
cdn-cachedat: 02/17/2022 20:27:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f624089c65f12185e79925bc5a7fc42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 441a5c346e6138207e493340368ec0b9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75ff901e3f7f9b8e-FRA
cdn-requestpullsuccess: True

GET
H2 200 app-880153a8c78c9ac87b50.css
ngw-static.franklyinc.com/assets/10763/ 306 KB
49 KB 73ms
22ms Stylesheet
text/css 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: ZN09E47KWFHS7CAE
age: 2419
etag: W/"e58a5be0290fe66e326bf427d75c83fe"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff901e5aa890dc-FRA
x-amz-id-2: BBd16ZTPKDlr9CtGynWw6kT3bcTFyXqMMuGylaaXNEVjMN5U93KV8CZfV42i05rVeH/uCuGiuq4=
expires: Thu, 26 Oct 2023 01:54:15 GMT

GET
H2 200 custom-global-breaking-template.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 6 KB
2 KB 70ms
20ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/custom-global-breaking-template.css
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 13:40:44 GMT
server: cloudflare
x-amz-request-id: 4PRKD2KRDC45M7R2
age: 10
etag: W/"4b357b45b8d5b6f57aefc58b78723684"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff901e5ea69c04-FRA
x-amz-id-2: XUxX7mfJIzaym+hW1DIFoiBqQ3n7kWIDW6t7YSN68jbrfYWyVpcTKACPoX2snBUwUkmvfEJD+lk=
expires: Wed, 26 Oct 2022 01:59:15 GMT

GET
H2 200 logo.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 3 KB
1 KB 178ms
127ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 19:27:28 GMT
server: cloudflare
x-amz-request-id: 6CG8YAW8Z3RGTRPH
etag: W/"498e7c8c50bbb38d5b281f7ad6edd08c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff901e5ea89c04-FRA
x-amz-id-2: ne+NamAKtiWfPNjsf0ocBPAhr0crVTmvlJ/yA8d4qa1JWj7hUglTr0SrxCUf1v3gy85KNZxpOHY=
expires: Wed, 26 Oct 2022 01:59:15 GMT

GET
H2 403 Derrick.css
ftpcontent6.worldnow.com/wrde/ 0
0 62ms
14ms Stylesheet
text/html 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 wrde_ngw.css
ftpcontent.worldnow.com/professionalservices/clients/wrde/ 5 KB
2 KB 183ms
133ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/clients/wrde/wrde_ngw.css
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Jul 2020 14:00:46 GMT
server: cloudflare
x-amz-request-id: 20GX1W25DSAXWHVW
etag: W/"8d5d25c637f71dec04c5a416682b6a1a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff901e5eaa9c04-FRA
x-amz-id-2: TMe3azvAi0miq/k9lWxz3bydyMFHsmlQQNz3HOXpMVUAwMUE6pfy3n4yoY3fPCA/QA/MUj0qdTg=
expires: Wed, 26 Oct 2022 01:59:15 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 59ms
16ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e55"
vary: Accept-Encoding
x-hw: 1666749255.dop237.fr8.t,1666749255.cds272.fr8.hn,1666749255.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 42ms
16ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 20684332
cdn-cachedat: 11/05/2021 16:36:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bfa40aed2fbee600eecd4f43bc8c0656
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75ff901e3f809b8e-FRA
cdn-requestpullsuccess: True

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/ 13 KB
5 KB 31ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/iframeResizer.contentWindow.min.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 5377904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4430
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-349a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ff90212c8c692e-FRA
expires: Mon, 16 Oct 2023 01:54:15 GMT

GET
H2 200 WNVideo.js Show response
wdfx.images.worldnow.com/interface/js/ 2 KB
1 KB 486ms
423ms Script
application/javascript 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb22a1425e3813bc31425e0c35233761a4e4609ce50812465f9c648d6f3479f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Jan 2020 11:53:35 GMT
server: cloudflare
x-amz-request-id: P5ACE7PXEP2VQH6Y
etag: W/"ad5fa8e94463d51b6adbef55fecaa3b6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ff901e6b07908b-FRA
x-amz-id-2: Vb3tENvEZ8kB4MfutLasqYDQbq6xrKKB9cEJUlYyGj4J0g/az+WSc7RHXaPfnKMESpMK5+gbmsQ=
expires: Wed, 26 Oct 2022 05:54:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 59ms
30ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6YXLQLNYFR

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b69611a3f6276ad52ac009df849345ad392be2345b4a4a2838d77ce8a878607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Oct 2022 01:54:15 GMT

GET
H2 200 19303465_G.png
wdfx.images.worldnow.com/images/ 302 B
740 B 135ms
134ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19303465_G.png

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 302
cf-resized: internal=ok/h q=0 n=8 c=0+1 v=2022.10.4 l=302
last-modified: Wed, 01 Apr 2020 19:25:02 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfp7hMN4aiiSKLZeB-69yJiw:914cc4da7fcd377c33ea25b5d22256d5"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90222d08908b-FRA

GET
H2 200 19303466_G.png
wdfx.images.worldnow.com/images/ 440 B
627 B 122ms
121ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19303466_G.png

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05dda2cb47317201eb228289f1316b7aa3803e8441a2a1d1d0374e4d52ebe642

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 440
cf-resized: internal=ok/h q=0 n=69 c=1 v=2022.8.4 l=440
last-modified: Wed, 01 Apr 2020 19:25:25 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfw2P9D8zcXmaRwGgcm81xQg:6b506c56c835fb7d44338ddb2db1e652"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9022fd7b908b-FRA

GET
H2 200 19303471_G.png
wdfx.images.worldnow.com/images/ 6 KB
6 KB 124ms
124ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19303471_G.png

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7584acdcb0fd7e3be17c0558206be07649635809195eb398eb82d656521deb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5742
cf-resized: internal=ok/h q=0 n=22 c=0+14 v=2022.10.4 l=5742
last-modified: Wed, 01 Apr 2020 19:26:40 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfaiuYFiHrhkB34bDCHYYu_w:ede722c2a1893f8f3917828a7cbcd94a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9023cded908b-FRA

GET
H2 200 email-decode.min.js Show response
www.wdfxfox34.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
824 B 10ms
9ms Script
application/javascript 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Oct 2022 15:26:52 GMT
server: cloudflare
etag: W/"634ec5bc-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 75ff901f6e259a2d-FRA
expires: Fri, 28 Oct 2022 01:54:15 GMT

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 80ms
9ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB9) /
Resource Hash: 948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:54:16 GMT
content-encoding: gzip
content-md5: DgH26NwpVpUJ7mY3mCxUbA==
age: 524594
x-cache: HIT
content-length: 919
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 14:25:32 GMT
server: ECAcc (frc/4CB9)
etag: "0x8D7F2927FD84964+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 89709640-201e-0011-2b18-e462b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14

GET
H2 200 20038183_G.png
wdfx.images.worldnow.com/images/ 163 KB
163 KB 159ms
159ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/20038183_G.png

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f71503843ed1c9eb5a6c2cfb90eec64b87ac04228e9c064870f50135c0e3af3e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 166497
cf-resized: internal=ok/h q=0 n=39 c=27 v=2022.7.2 l=166497
last-modified: Thu, 05 Nov 2020 15:50:14 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfTp1bMqtzkV7HACkE_nRmKA:39055eba2436f8ac8bf3925c708733d5"
vary: Accept, Accept-Encoding
warning: cf-images 299 "Format 'auto' ignored"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9024ee8f908b-FRA

GET
H2 200 app-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 4 MB
1 MB 24ms
24ms Script
application/javascript 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
x-amz-request-id: ZN0AH9V148ARM60W
age: 2459
etag: W/"44626e575a5558bfc9f91d067b4272e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff901f7b7e90dc-FRA
x-amz-id-2: 5mutprJ2apWxIYPMsIGthMOYzmU1UdRFI3uP4JARhrx6Vb3bDD4msNvwtY00wWhgTCKVFjCh2l4=
expires: Thu, 26 Oct 2023 01:54:15 GMT

GET
H2 200 ccpa.js Show response
ftpcontent.worldnow.com/professionalservices/globalcss/ 1 KB
734 B 17ms
17ms Script
application/javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/ccpa.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 18:52:15 GMT
server: cloudflare
x-amz-request-id: 2XMHPSMXS0PP7X9N
age: 10
etag: W/"0ee412381eea4aba59e8a80ef1b33cb2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 75ff9020895a9c04-FRA
x-amz-id-2: /cI1fFpx/yFAwa7eZo2eFqdFyTHRopv7GgL5MScxNaol4/DwftTB5KSwyK0anr262GLNv7jVicY=
expires: Wed, 26 Oct 2022 01:59:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ftpcontent.worldnow.com
URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ftpcontent.worldnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 01:15:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 01:54:15 GMT

GET
H2 200 off-platform.min.css
content.worldnow.com/global/css/_pub/ 89 KB
27 KB 75ms
37ms Stylesheet
text/css 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/css/_pub/off-platform.min.css?ver=7.15.0-5
Requested by: Host: wdfx.images.worldnow.com
URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM02
server: cloudflare
age: 46043
etag: "0297a4baad2d81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff902158b55b44-FRA
content-length: 27881
expires: Wed, 26 Oct 2022 05:54:15 GMT

GET
H2 200 wdfx.config.js Show response
content.worldnow.com/global/js/_pub/ 12 KB
4 KB 606ms
568ms Script
application/x-javascript 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/wdfx.config.js?ver=7.15.0-5
Requested by: Host: wdfx.images.worldnow.com
URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba

Request headers

Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 16:12:54 GMT
wn: IISCOM01
server: cloudflare
age: 46087
etag: W/"0c7fc894caad71:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ff902158b65b44-FRA
expires: Wed, 26 Oct 2022 05:54:16 GMT

GET
H2 200 wnaffiliateconfig.js Show response
wdfx.images.worldnow.com/interface/js/ 40 KB
7 KB 145ms
145ms Script
application/x-javascript 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wdfx.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5
Requested by: Host: wdfx.images.worldnow.com
URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6515fe299b835ae987c38bb0f26fc4ba8bd38d9d444c6a6aeb5fc4ee534277

Request headers

Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 14:33:09 GMT
server: cloudflare
x-amz-request-id: RJQYFSGN31BWNCVY
etag: W/"82afd4edf0f75a64b1c430daf55c6bb6"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ff90211c81908b-FRA
x-amz-id-2: CCg6wi62sMUrQg0uHWwVfsQfiw3W7UrxtK4bQt8m72jD2mt0CDmpdgLpactaSSV7UESNxa0z3nQ=
expires: Wed, 26 Oct 2022 05:54:15 GMT

GET
H2 200 off-platform.min.js Show response
content.worldnow.com/global/js/_pub/ 2 MB
474 KB 89ms
52ms Script
application/x-javascript 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Requested by: Host: wdfx.images.worldnow.com
URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b

Request headers

Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:54:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM01
server: cloudflare
age: 45978
etag: W/"0297a4baad2d81:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ff902158b75b44-FRA
expires: Wed, 26 Oct 2022 05:54:15 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 380 KB
127 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129663
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:54:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
53 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e089e65d86d82baee98dcfa88d998b57218e538b1e6e2af3ac7336e5a8872712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53808
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:11:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 01:54:16 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 2iO5YNY.woff2
ngw-static.franklyinc.com/assets/10763/ 75 KB
76 KB 39ms
19ms Font
font/woff2 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/2iO5YNY.woff2
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Origin: https://www.wdfxfox34.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
cf-cache-status: HIT
x-amz-request-id: 0GFCR48WFNCNDY1G
age: 2784
content-length: 77160
x-amz-id-2: fWkOT92sAgw1219hIW7F1WwntLZBIc3DT7MISws/xUdTDTulJ3t/rqNWnvlYOd0MI0n3YkO7E3k=
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff902559bd5b5c-FRA
expires: Thu, 26 Oct 2023 01:54:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 37ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wdfxfox34.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 119364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 38ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wdfxfox34.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:03:58 GMT
x-content-type-options: nosniff
age: 17418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 21:03:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 43ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6YXLQLNYFR&gtm=2oeao0&_p=1941866568&cid=1873124982.1666749257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666749256&sct=1&seg=0&dl=https%3A%2F%2Fwww.wdfxfox34.com%2F&dt=WDFX%20-%20Fox34&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6YXLQLNYFR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3A8MZF4.png
ngw-static.franklyinc.com/assets/10763/ 145 B
338 B 18ms
17ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3A8MZF4.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
cf-cache-status: HIT
x-amz-request-id: 8XZ5YTHRWXKNDSE2
age: 1323
content-length: 145
x-amz-id-2: 76fZ+/j8Agn6OrH87i8JpEb9oinv4f+5qr4frKr7Hk4qZnJUscdNuhi76OuAk47bN9z/4Mc1ff8=
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
etag: "3a5fb08143e931aded1e59fa39c3d8ca"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff90256f7390dc-FRA
expires: Thu, 26 Oct 2023 01:54:16 GMT

GET
H2 200 3sX1XaI.png
ngw-static.franklyinc.com/assets/10763/ 302 B
534 B 17ms
16ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3sX1XaI.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
cf-cache-status: HIT
x-amz-request-id: R4JDPCZXWVXDBH2J
age: 1323
content-length: 302
x-amz-id-2: fNVydcV3/QiFaSlRIOFLbeuH5UJk70jw/0hixrIXrwv7wj1h2GJd//44h/KA/TCcKlXlBcqD5gU=
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
etag: "21eed4c20a1e748a1637cf53696520c2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff90256f7490dc-FRA
expires: Thu, 26 Oct 2023 01:54:16 GMT

GET
H2 200 4-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 145 B
318 B 17ms
17ms Script
application/javascript 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/4-a708c222c663fd6ca8a3.js
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 50QH734K8WNYMG2S
age: 3511
etag: W/"c0729cee8a75fb948963d73ab873a79b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff90262ffb90dc-FRA
x-amz-id-2: 594sZ4csYZJPlSdspYN5J1jTUuLMsSqP4U4OSxLnkzYqy7Yxxc8wxRRlR4+RqZ2/tUk+FuFoFTY=
expires: Thu, 26 Oct 2023 01:54:16 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c6dce761e72309f05b20d64d404ca9798d126f01de528969d0b37f546bcd319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27344
x-xss-protection: 0
server: sffe
etag: "1374 / 544 of 1000 / last-modified: 1666747876"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Oct 2022 01:54:16 GMT

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 17 KB
7 KB 661ms
160ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9922&callback=jsonp1666750030901
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 268a44119513412fefb97a4886eb86bf19ae6f400d4bd9bf46dba25c439dd2d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:54:17 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 01:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3138
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 03:01:58 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[0],/ 1 KB
881 B 130ms
129ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[0],/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b2803d3980b56c1a1868f7f1374850f2b6a2f9c514c6eed8dbc8b4b0200111c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 777
x-xss-protection: 1; mode=block
x-response-time: 167ms
server: cloudflare
etag: W/"5a8-S6KcVAFZ3h6X5iV86QivH+qSexQ"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff9027cde59a2d-FRA
expires: Wed, 26 Oct 2022 01:57:17 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[1],/ 1 KB
964 B 126ms
126ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[1],/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b467191c78e7168dc4d9a184f2b017c326ea508f423dfa5911fa3077c7e8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 773
x-xss-protection: 1; mode=block
x-response-time: 274ms
server: cloudflare
etag: W/"5a6-/pD4990Da7DLeluEPcC4LcVoBQM"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff9027cde79a2d-FRA
expires: Wed, 26 Oct 2022 01:57:17 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/routes[1].body[1].cols[1].components[0],/ 55 KB
6 KB 143ms
143ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/routes[1].body[1].cols[1].components[0],/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9853e152259c3c56409fe66cf5be56a8c79e3275bb14ffffe05141e3fe764fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 6246
x-xss-protection: 1; mode=block
x-response-time: 456ms
server: cloudflare
etag: W/"dd98-eIdjyKUx669B2mNlbDAhg8GHuGw"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff90280e0e9a2d-FRA
expires: Wed, 26 Oct 2022 01:57:17 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/ 846 B
563 B 129ms
128ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcbcfeff401d0a746096a2276157f59c8a8f18283b54a48b36ba8e1652119f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 460
x-xss-protection: 1; mode=block
x-response-time: 1006ms
server: cloudflare
etag: W/"34e-H9AP9uICwqt5G2ZRhzCLAQkVc2U"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff90281e249a2d-FRA
expires: Wed, 26 Oct 2022 01:57:17 GMT

GET
H2 200 videojs.ima.1.5.1-3.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 85 KB
17 KB 171ms
171ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/videojs.ima.1.5.1-3.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: 3BQKNHY0FZPGEWC5
etag: W/"8adaa86214cf79d9c87e21aed1384592"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ff90284a579c04-FRA
x-amz-id-2: 2xmw7PNaPH+9A0Twms3LWFkTq24yfvp5jaw9Y8Pv7N4fwJWUY8hP8fQA2jpZsyudPOhjZkmw9QU=
expires: Wed, 26 Oct 2022 01:59:17 GMT

GET
H2 200 19300323_G.jpg
wdfx.images.worldnow.com/images/ 9 KB
10 KB 128ms
126ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19300323_G.jpg?auto=webp&disable=upscale&dpr=2&height=70&fit=bounds

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bc96bdb42eea0c082bdd8871ba75cc9ce6f0c26c866ad5ff87e6de7f73b9a33

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9557
cf-resized: internal=ok/h q=0 n=14 c=2+25 v=2022.10.4 l=9557
last-modified: Tue, 31 Mar 2020 17:34:48 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfTcyAn293TiniA6BJxYglFQ:884ebd6db98184bc59eccf43f0d28cb4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90285862908b-FRA

GET
H2 200 19476095_G.png
wdfx.images.worldnow.com/images/ 547 KB
548 KB 128ms
126ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19476095_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8ca934dc5cc18f06d110f6f7a82671a6a4c4654cddb6d12e6d3b6c8aeb4b244

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 560549
cf-resized: internal=ok/h q=0 n=21 c=191 v=2022.8.1 l=560549
last-modified: Mon, 08 Jun 2020 15:04:32 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfNL-jGBIuYF9CbJKI0pFQ9g:f9eff51d0deb5b205d0daccb71009286"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90285864908b-FRA

GET
H2 200 23544118_G.jpg
stacker.images.worldnow.com/images/ 5 KB
5 KB 54ms
30ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23544118_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666638602000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 4757
cf-resized: internal=ok/h q=0 n=13 c=3+14 v=2022.10.4 l=4757
last-modified: Mon, 24 Oct 2022 23:10:03 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf0cukACYdowFpMf7eFJKr2w:cbdc4aa9bf6c123a6f765b53e3b21bf4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90287881908b-FRA

GET
H2 200 23535717_G.png
stacker.images.worldnow.com/images/ 16 KB
16 KB 53ms
30ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23535717_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666366693000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16557
cf-resized: internal=ok/h q=0 n=70 c=36+48 v=2022.10.4 l=16557
last-modified: Fri, 21 Oct 2022 19:38:14 GMT
cf-bgj: imgq:93,h2pri
server: cloudflare
etag: "cfSrOfD8OJYofZplFf9qNJog:93fa08b38e1552714c8aceab6fb55489"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90287882908b-FRA

GET
H2 200 23544648_G.png
cntsyncont.images.worldnow.com/images/ 17 KB
17 KB 53ms
31ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23544648_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666665299000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 17435
cf-resized: internal=ok/h q=0 n=9 c=6+23 v=2022.10.4 l=17435
last-modified: Tue, 25 Oct 2022 06:35:01 GMT
cf-bgj: imgq:95,h2pri
server: cloudflare
etag: "cfmlSA0QMXQQ-5qNtfkg2BPw:c6d3858b98ebb0ee4ac9425ba2679d78"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9028787e908b-FRA

GET
H2 200 23542395_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
7 KB 52ms
31ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23542395_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666607710000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6643
cf-resized: internal=ok/h q=0 n=14 c=8+33 v=2022.10.4 l=6643
last-modified: Mon, 24 Oct 2022 14:35:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfEknHVv2yFvHvZ81xMXuaHg:81c46f16217054073f3a98e771975693"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9028787b908b-FRA

GET
H2 200 23536586_G.jpg
cntsyncont.images.worldnow.com/images/ 5 KB
5 KB 50ms
29ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536586_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398869000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5303
cf-resized: internal=ok/h q=0 n=7 c=5+9 v=2022.10.4 l=5303
last-modified: Sat, 22 Oct 2022 04:34:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf2LFFhWyHgJ5snIxwnE3UbA:7ac48e8abecaa038cf18299156ee229f"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9028787d908b-FRA

GET
H2 200 23523184_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
6 KB 54ms
33ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23523184_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666222385000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5835
cf-resized: internal=ok/h q=0 n=7 c=9+17 v=2022.10.4 l=5835
last-modified: Thu, 20 Oct 2022 03:33:06 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ9BPHPHgNrAsWnWX4LWOng:b2c2c149e547d11af91a460af1bf2d50"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9028787c908b-FRA

GET
H2 200 19313812_G.jpg
wdfx.images.worldnow.com/images/ 14 KB
15 KB 136ms
135ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19313812_G.jpg?auto=webp&disable=upscale&width=300

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cc14d01a44646f6ba79e34ed0359b38d4a584055261f6327b052859b17927e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 14680
cf-resized: internal=ok/h q=0 n=10 c=24 v=2022.9.4 l=14680
last-modified: Mon, 06 Apr 2020 17:48:43 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfvnPtSXI6v5LbOr-SS83Eag:4e533162d09d557a69071f9f7722475c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90285865908b-FRA

GET
H2 200 19313808_G.jpg
wdfx.images.worldnow.com/images/ 10 KB
10 KB 133ms
132ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19313808_G.jpg?auto=webp&disable=upscale&width=300

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 10183
cf-resized: internal=ok/h q=0 n=42 c=0+24 v=2022.10.4 l=10183
last-modified: Mon, 06 Apr 2020 17:47:16 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfrDd2ro2RhurCnyR-_XbD1w:e9d429ee90f3d05de4962461e425af56"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90285866908b-FRA

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 17 KB
7 KB 412ms
165ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9922&callback=jsonp1666749395713
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b861a73e5aa9c41b193d31ef1cea99461da1b289910b8abb99948af34288f461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:54:17 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 pubads_impl_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 62ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130516
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Oct 2023 21:04:57 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
718 B 70ms
19ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wdfxfox34.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

1b08ea0691a25a239e5db2b23367126dda0520d177e3209616e540fc01f5b10b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:54:17 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 22ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Oct 2022 02:12:11 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 82ms
21ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-82494642-222&cid=1873124982.1666749257&jid=1735018982&gjid=1870788988&_gid=843262309.1666749257&_u=aChAgUAjAAAAAEACM~&z=1915560693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 01:54:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1941866568&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wdfxfox34.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20-%20WDFX%2034%20-%20WDFX%20-%20Fox34&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUAjAAAAAAACM~&jid=1735018982&gjid=1870788988&cid=1873124982.1666749257&tid=UA-82494642-222&_gid=843262309.1666749257&gtm=2wgao0WV2QLD&cg1=Homepage&cg2=null&cg3=null&cg4=wdfx&cd1=Lockwood%20Broadcast%20Group&cd2=GTM-WV2QLD&cd3=59&cd4=&cd5=&cd7=1666749256723&cd8=1666749256723.smhesuim&cd9=0&cd10=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&cd11=1419&cd12=wdfx&cd13=173&cd22=Homepage&cd32=ResponsiveWeb&z=2076283253

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:13:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38454
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 846 B
523 B 134ms
134ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=36301

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcbcfeff401d0a746096a2276157f59c8a8f18283b54a48b36ba8e1652119f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 460
x-xss-protection: 1; mode=block
x-response-time: 274ms
server: cloudflare
etag: W/"34e-H9AP9uICwqt5G2ZRhzCLAQkVc2U"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff9028ff0c9a2d-FRA
expires: Wed, 26 Oct 2022 01:57:17 GMT

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 852 B
568 B 142ms
141ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=36319

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53d8b97447ba56135a6ca68959368a71468306d941c6c9a0b828b1f85cea44f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 465
x-xss-protection: 1; mode=block
x-response-time: 715ms
server: cloudflare
etag: W/"354-P6703dtckq88EJrCwSdq2PO9SGw"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff9028ff0e9a2d-FRA
expires: Wed, 26 Oct 2022 01:57:17 GMT

GET
H2 200 26_cloudy_day_night.png
ngw-static.franklyinc.com/assets/static/ 2 KB
2 KB 117ms
115ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/static/26_cloudy_day_night.png
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5986fbf89a06e3788ae62c05a8fbe38cac3034377a9602bdab3c651c7a19eb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Mar 2020 16:09:54 GMT
server: cloudflare
x-amz-request-id: PQWHJGRRZ992DXTM
etag: "febd94620a53d84f3d864c9cf5526544"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff90291a0f90dc-FRA
content-length: 1983
x-amz-id-2: GnnGJZzFJBnCMbRMipFPrM2m83LADJcOb3DB/UrfEntGbBoeldRtLwrF29pMleBfhL6a5FbXKjE=
expires: Wed, 26 Oct 2022 05:54:17 GMT

GET
H2 200 1HxTVSN.png
ngw-static.franklyinc.com/assets/10763/ 262 B
453 B 22ms
20ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/1HxTVSN.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
cf-cache-status: HIT
x-amz-request-id: 5H3C42FJ7B67KJ6S
age: 1315
content-length: 262
x-amz-id-2: RAu3cGvazSuqPlERVlGJsvxzzGQXHsGCEyRrSn0nvvqjle0mhNzILekE+LFodM2ETRLVdptTkkw=
last-modified: Tue, 05 Apr 2022 19:24:06 GMT
server: cloudflare
etag: "b3275baf43d3a9e28ba8e1856b5b342e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff90291a1190dc-FRA
expires: Thu, 26 Oct 2023 01:54:17 GMT

GET
H2 200 qX7G0Ix.png
ngw-static.franklyinc.com/assets/10763/ 267 B
488 B 19ms
17ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/qX7G0Ix.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
cf-cache-status: HIT
x-amz-request-id: 5H3F5YE4ZMKDFYJX
age: 1315
content-length: 267
x-amz-id-2: EizK6kXcnV0q4QzB8LAh2R/VU+zlvtWe2LMX3A/bnJ3jwHMopQJFz6g42NqrGGwDD8zA8VNSpiY=
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
etag: "7c93283255679646ceb48b0a09e528ce"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff90291a1290dc-FRA
expires: Thu, 26 Oct 2023 01:54:17 GMT

GET
H2 200 ENmisP2.png
ngw-static.franklyinc.com/assets/10763/ 262 B
430 B 20ms
19ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/ENmisP2.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
cf-cache-status: HIT
x-amz-request-id: 6BV8WJ991H96G6SW
age: 1315
content-length: 262
x-amz-id-2: EBvmYWtNVJCP+964cdFEFK6cjWfab2wPlceuhSgCrIn8QSy4gD8Uz3fGP3VkB7BtPt4ygL8c7Fo=
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
etag: "2181a1a027aad6f2c0a77442ffe37662"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff90291a1390dc-FRA
expires: Thu, 26 Oct 2023 01:54:17 GMT

GET
H2 200 2LRxrU9.png
ngw-static.franklyinc.com/assets/10763/ 267 B
459 B 21ms
20ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/2LRxrU9.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
cf-cache-status: HIT
x-amz-request-id: YFGYRDPJ8ZZ5CWH5
age: 1315
content-length: 267
x-amz-id-2: N822lvVeWfP5ByD+BZvmDjh0/m1lXWTB00WZxUqXqxPZ0zB2NqgRXQtZVUxjvauQ5C9wM9ldge8=
last-modified: Tue, 05 Apr 2022 19:24:07 GMT
server: cloudflare
etag: "3539134c74c2fa207b851387b14bf8db"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff90292a1590dc-FRA
expires: Thu, 26 Oct 2023 01:54:17 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 44ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wdfxfox34.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wdfxfox34.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 753 B
431 B 750ms
734ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1844615067968735&correlator=335916524285042&eid=31070233%2C44777188%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cnat-desktop%2Cwdfx%2Cweb%2Cweather&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=88x30&ifi=1&adks=187213358&didk=3836414952&sfv=1-0-38&prev_scp=wnsz%3D124&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie_enabled=1&abxe=1&dt=1666749257174&lmt=1666749257&dlt=1666749255337&idt=1786&adxs=1382&adys=44&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=88x0&msz=88x0&fws=512&ohw=0&ga_vid=1873124982.1666749257&ga_sid=1666749257&ga_hid=1941866568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f895dfafbf53b8f5fa1b290299e57eb233447ccf2d6cdbcaac6049d54190de86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 401
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 460ms
444ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1844615067968735&correlator=335916524285042&eid=31070233%2C44777188%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cloc-desktop%2Cwdfx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90&ifi=2&adks=4175600188&didk=1046141121&sfv=1-0-38&prev_scp=wnsz%3D41&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie_enabled=1&abxe=1&dt=1666749257180&lmt=1666749257&dlt=1666749255337&idt=1786&adxs=84&adys=175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=1432x0&msz=1432x0&fws=0&ohw=0&ga_vid=1873124982.1666749257&ga_sid=1666749257&ga_hid=1941866568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e6c14c611110d9ca3c61001034dbfb5fea2d805a618adc5ac173644f5bc1b681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8221
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 74 KB
35 KB 1015ms
999ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1844615067968735&correlator=335916524285042&eid=31070233%2C44777188%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cloc-desktop%2Cwdfx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=3&adks=2107240&didk=3836267697&sfv=1-0-38&prev_scp=wnsz%3D246&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie_enabled=1&abxe=1&dt=1666749257183&lmt=1666749257&dlt=1666749255337&idt=1786&adxs=84&adys=876&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=1072x20&msz=1072x0&fws=0&ohw=0&ga_vid=1873124982.1666749257&ga_sid=1666749257&ga_hid=1941866568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

6ca630acc442021067fcf0082bb1ab622587577f0f4b33257f45c925b1efcda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35442
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 275ms
259ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1844615067968735&correlator=335916524285042&eid=31070233%2C44777188%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cloc-desktop%2Cwdfx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=4&adks=3589786638&didk=1046141127&sfv=1-0-38&prev_scp=wnsz%3D43&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie_enabled=1&abxe=1&dt=1666749257186&lmt=1666749257&dlt=1666749255337&idt=1786&adxs=1164&adys=1007&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=352x0&msz=352x0&fws=0&ohw=0&ga_vid=1873124982.1666749257&ga_sid=1666749257&ga_hid=1941866568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

6108e672fd64937f1093d2c8c3d65106ed2ff8d4f8d2dd6ab2ddf215d615f316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10953
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
13 KB 622ms
607ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1844615067968735&correlator=335916524285042&eid=31070233%2C44777188%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cloc-desktop%2Cwdfx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=5&adks=1261434510&didk=3836416602&sfv=1-0-38&prev_scp=wnsz%3D346&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie_enabled=1&abxe=1&dt=1666749257188&lmt=1666749257&dlt=1666749255337&idt=1786&adxs=84&adys=2176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=1072x0&msz=1072x0&fws=0&ohw=0&ga_vid=1873124982.1666749257&ga_sid=1666749257&ga_hid=1941866568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f0ab8d38393cfe438c6a278745e276e96b3eef3a288db972feb95530b24290a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13454
x-xss-protection: 0
google-lineitem-id: 6084843041
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400723577
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E8B 6 KB
4 KB 96ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wdfxfox34.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:17 GMT
expires: Thu, 26 Oct 2023 01:54:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 can-autoplay.3.0.0-1.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 8 KB
2 KB 135ms
135ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/can-autoplay.3.0.0-1.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: FB0H2PH7309S8JR4
etag: W/"cee92fb89ab4f849569bd1354aeb4618"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ff90298bbf9c04-FRA
x-amz-id-2: B8RpHVnMYWc8iqHCtbEqkYpYcZgBkDfPyfG7UH+4UlUKEVmkU8dk/w2Je5vGn3tsBXtmflG6ZWE=
expires: Wed, 26 Oct 2022 01:59:17 GMT

GET
H2 200 one.js Show response
csp.azureedge.net/cdn/OneCol/ 138 KB
61 KB 174ms
8ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 22:43:11 GMT
server: Microsoft-IIS/10.0
etag: "1d8a39c948c0162"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 61870

GET
H2 200 19739256_G.jpg
wdfx.images.worldnow.com/images/ 6 KB
6 KB 142ms
139ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19739256_G.jpg?auto=webp&disable=upscale&width=180

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94ddde4f3df41ef02b08a889bb56fd90ad9470435159cc27f1bb9a1adf1017c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6285
cf-resized: internal=ok/h q=0 n=15 c=1+16 v=2022.10.4 l=6285
last-modified: Mon, 20 Jul 2020 13:50:24 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfH-eHryLCArNM31lKswJakw:51a3d245ae6d82ebe13e6ac028cab53a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902a89c6908b-FRA

GET
H2 200 23538527_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 32ms
30ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23538527_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666492378000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7925
cf-resized: internal=ok/r q=0 n=49 c=4+16 v=2022.10.4 l=7925
last-modified: Sun, 23 Oct 2022 06:32:59 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ_UGDutcYHj9sD2OctrBFQ:3735f9c74f0aa70c7cc6eecd73299060"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902a89c7908b-FRA

GET
H2 200 23536579_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 34ms
32ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536579_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398803000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8261
cf-resized: internal=ok/h q=0 n=7 c=17+16 v=2022.10.4 l=8261
last-modified: Sat, 22 Oct 2022 04:33:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf1ABno7LG6Qr_JeP26kPOFw:7a1752c7bd1d57fe09ae93db6b958529"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902a89c8908b-FRA

GET
H2 200 23522285_G.png
stacker.images.worldnow.com/images/ 16 KB
17 KB 31ms
29ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23522285_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666195627000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16690
cf-resized: internal=ok/h q=0 n=27 c=7+42 v=2022.10.4 l=16690
last-modified: Wed, 19 Oct 2022 20:07:09 GMT
cf-bgj: imgq:92,h2pri
server: cloudflare
etag: "cfqnnKfSXPbaZ3ZNp7zJULGA:10c7a9722e59986b3c276aaf52070a55"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902a89c9908b-FRA

GET
H2 200 23538528_G.jpg
cntsyncont.images.worldnow.com/images/ 2 KB
3 KB 35ms
33ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23538528_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666492479000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a2fc60091c50cbed19d697ea916e905d4c9174050ff6af1930b6ba87b65621b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2422
cf-resized: internal=ok/h q=0 n=4 c=3+8 v=2022.10.4 l=2422
last-modified: Sun, 23 Oct 2022 06:34:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfhuu5o20oBRXMGmz2WAkL-Q:0f70a64a63b9f9177817f1ac952ae41e"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902a89ca908b-FRA

GET
H2 200 23536594_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
6 KB 134ms
132ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536594_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398935000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c659dfc9a1b814dc3c5c6c4e7781dec352352f0975800f90c552b7bfbe27af

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6103
cf-resized: internal=ok/r q=0 n=30 c=8+18 v=2022.10.4 l=6103
last-modified: Sat, 22 Oct 2022 04:35:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfiB-GuHXL9CXS0USVHkd9YQ:77515ca2f29148e5da523ea11b21a182"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902a89cc908b-FRA

GET
H2 200 23532046_G.jpg
cntsyncont.images.worldnow.com/images/ 3 KB
3 KB 137ms
135ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23532046_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666316082000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3048149bb0d5ab4b5d709224e0216b715c7d0317a403a673408a915fde997477

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2660
cf-resized: internal=ok/m q=0 n=61 c=6+17 v=2022.10.4 l=2660
last-modified: Fri, 21 Oct 2022 05:34:43 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfGx_SC8zhNGR35smOV1LJIA:4644518b4a1da2f4d77a0d12837cb6cf"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902a89cd908b-FRA

GET
H2 200 23523191_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
6 KB 136ms
135ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23523191_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666222445000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca6d74cad633ecfab918aeba895c4ec22de204c136ddc7d9779d1a57ccd3b8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5907
cf-resized: internal=ok/r q=0 n=39 c=1+12 v=2022.10.4 l=5907
last-modified: Thu, 20 Oct 2022 03:34:06 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfBW8wOlwF1T2WIOweUHM6iQ:e08da9c6d30955ea6f2bd9ce63d7ecb6"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902a89ce908b-FRA

GET
H2 200 23499493_G.jpg
cntsyncont.images.worldnow.com/images/ 9 KB
10 KB 29ms
29ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23499493_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665797531000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9362
cf-resized: internal=ok/h q=1 n=12 c=8+14 v=2022.10.4 l=9362
last-modified: Sat, 15 Oct 2022 05:32:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfprW84uaruG_N6C6EyJ11_A:cdaf8cf9639796b81112c0342c38b503"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902ab9e4908b-FRA

GET
H2 200 23498073_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 28ms
27ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23498073_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665747135000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7340
cf-resized: internal=ok/h q=0 n=32 c=17+22 v=2022.10.4 l=7340
last-modified: Fri, 14 Oct 2022 15:32:17 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfSoNXPw48_6-id_E4wAAVAg:1e1f8085f5e6f7827db91f1eaa0453f2"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902ab9e8908b-FRA

GET
H3 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 2 KB
938 B 26ms
15ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 544398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ff902b09249bec-FRA
expires: Mon, 16 Oct 2023 01:54:17 GMT

GET
H3 200 container.html Show response
eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A830 6 KB
3 KB 34ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wdfxfox34.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:17 GMT
expires: Thu, 26 Oct 2023 01:54:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 23485935_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 27ms
26ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23485935_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665624698000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8024
cf-resized: internal=ok/r q=0 n=17 c=19+22 v=2022.10.3 l=8024
last-modified: Thu, 13 Oct 2022 05:31:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfkJbhmwlGYa8rFfywoAQS3A:d4a1bf597d0d1fc965c42753151f335c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902b7a4d908b-FRA

GET
H2 200 23477333_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 27ms
27ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23477333_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665509457000

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6885
cf-resized: internal=ok/h q=0 n=31 c=9+13 v=2022.10.3 l=6885
last-modified: Tue, 11 Oct 2022 21:30:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfsBOyQENXpj7YsNb7nr2T6Q:055cf492e00f3b5a5ef8e21cee83618d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff902b7a4e908b-FRA

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EBFE 624 B
974 B 56ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPoBEMaM84AEGO2bptQBMAE&v=APEucNXu_J7iyTLgcXyGbLcH4K3ncG19o4GM7CovGf1CU6MMr9XGpNuhBhCIsrRe0F7ovVyxYKW8HOqSmiO1PCtyObuhOXVPkYvy6eKF4wy_p_-QdtPFQPauJ3tkSi_wUWLAmQaD6lUpzfx--ICurDxStGGoRhH2-vSmda22C-HDS_kgyY3uODQ

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:17 GMT
expires: Wed, 26 Oct 2022 01:54:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A830 15 KB
11 KB 79ms
45ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BbeTw-fEZonJGGD9A6UjlepgBlBDuCYLxdLJxNhjHFI3CriqoC77gukKgFH04zKsk4_mEt98BMtpdsLZsR8_yLzCgAFQK4-vdhMs-2Wq7-sm0leTBxNxhpmTCn2xjBQktWevqsCB_Er3aQdqioRdEh2J8Wuy0_sDcAh0ooGBetF1ZMzuo&cry=1&dbm_d=AKAmf-CiE2lX3pu2pzR-pw1HKGcoaCuu9d0d_ckdokKLPmgWcn-HNA-mjXFkPVPmjeqEUwKyhW1e_JUGsqjEfVEI1cZ5dE_rbGDmY79LtYAmEEIYeP1Sj11KXsX-XvTip7d44dEUgkcZ7WzJ4V2gWISNE5xM5hv4P1Tu1CeoO_VskqayyF0U_cLJxKQlma_c36w6VjtsJrbzTD1of52YuhjmOculfuccNVHr_GFrz6jFrWQr9TWpv9QNg_yKo4408RD4muY-sMm1_KaPqdZ4HM0SFHjGXhtLUvtI5WaK2hjK-hI6UHkMpo5JSMcFkh_oOAWpea8pvXEMn4OxEBrQpkhuMGYqdv834GGrq_nJ4pyLpnkr0ceIUZ9lg_Txu_uVcbe_ON1ewQWwAmKGtlcSWyiCLpssnvldC6MW9aO0N9z3J1tprsERyJq1Zb1AaCPSmh6g9xcK_BrYQjoiPbvpyJcVYf-JWn8_zPRaVXKJXGV13wqL3Vw7hHJ9K7sU8NAthkbxSRAxXzk0487dkyIz5bRE6mPFN_jmKrDSBapUPsC4FjMxBR0oJEVx_QbDBMurVR6yKyZxqsq0-xEHbkbdOU9FHxOBFvVnUr_iZ--rqsCT0e08Nb9y1ApeZ7lq6CL1aeegGPnk07MzIV-875VeVzjE9XtGqMewe-GiZn6aDQVMNYBLVmfW0CKe_50UtcFrSbYCmq5wjngCFUgnEap82vYcRUvqvMBkZlGC9d-sVX8mDBjtUS7R3V_JNcaIJcqCIaRuRyzvOKHFYAflw6Y88yBXglVf4-IU-wUiEaivjh-m4bgmqyIKCHI3XzW8wvIdsenwavlZhaX15ldYZacGMF3JjDvTwF2lBQlc1jhq-uU4DzJtLTS4hXRTa2WFrtX61Ic0JJC0WCAt2hKa3ZgVSSPLEGOzRMQ7FUTCpHbZif34_Bk6mcAYKD1UgQ9-kdvQ7RK9L7aYJxo_xnE52JZ2pJlOBQsw4kZP3oTza5RWCgabt5H-j4-DGeKDTHymqOBnT7YmhOpgaPnh7R1bmVLxBRTFo6xMZRwCjppKFtejxt0KG_f0vRO2_LretnxUnZ1esY1WP0pHCPWt-DADJV13oseD-T1kSxgFZZkam299e4AC4tRZ_40Ftw3cLjL2abTeN9SvaQlPw3o9pewISs6-3WR1idGTc1DX9p8vPSY0y783M9PcdoABC-VVjlEFmFiSaRI_XD9-GrFMHeskwkmmg3QX8VkRZGeI--ZfcExrZ2lZWLC8uzw2GPfVsdVg5HkMCgd82oXKaaI889YOkwo7PL2v-BqRAcopfdigWAwOkBl_6UHUsaDyxugJGCRI50hvYHBFZ-Q1qfL8VAun8UCoJsOtgtSIA25s0Uw4-MhxuZBKjYzIX77l1zvjgsZpKTFx1t4_MkPPnege-EQZ9vZpxGU-NnHBOuMjkMMwK-CttuU3JYozyxTz_ww09QxygYOEqCd9avoO-sStDDZi9sD3zLdAruG_z80TWfO3Smni_7vr6aaeDSE4SCiK0VsWIfRW4oWCEWxc8lhoi2s2x9LrhXAaUotVUGuknLGqVF0vdXF0oBIUJeTpS5O54BIkW9zSrKa3Ugnc2anA-AWS2jNcFj2EweIYEtLGX4hO6bzlU58dOWHZgK3YHprV9OBZnKAZOghFUzbcoudGCVkuUWLPGKlwdDgFz0eAh7Q2IYlfBLOxMQsWLQrru_4XM5mCGqGFshIEH2s-btRC8gYLPhCvdyVugjAlZuA0EwZUw1A_-cnUx2uaxvVLUkV5P6ObkRVxPM349ZFLUWxdEZ0QBBA1vdp3KKRDYc-0biSjXYxtKc_L0uOTaIJAVEcYjtr1L6N1r1-xe4cB5JUm-yFVwW-GOi3avob6EGtVCXjrBaAkqSa9473b6mUUhZkDUAXD2oqctzlNsNAAHOkic2wA-Y4OpyaxLyPSNEcmOwyn6wSGUUCSa8HFs_jHIt07IiYzmaTggiBUK18zkxNyeegNAjy-x4vtTdPAfJmIfJ1P-cxnyB-KX50Gv2EXSHnGhvgSmBV-jyupiNaaXJY8mzKOXW3W739OD1MyYkxf6J8eJ1c9ZnsQsKI5uRCciK3fJTl_K4lIbXBqUdgcswNG6pPfVCZg1x2cCTwXY92_Ps9nOU-X0xX9Xf5LOT_TIbuZBDKCkR36VUos5MMmUjb8UsY3l-qMEqKUsOKH2jO9H1Idiyl6nrmSXd1J-WCb-E9PzdA-vU2HsplrYhrT4gkNLvz6oy00knSTtsDzOuKEpxgBG6a4SCFMa1FwoAd3bE0Hr0-jA--xpib186okJYaR5AeyI_ZvGTrKuOqfLNtWGovNr1f22VOp8xqyIWyrhi4BsSrAwvg69Z5mcSrjdc9XibrKSHe8_n7-jIFl5jSCBrPkO9OL6ierqvcf2vgfsfPbvxjfPYGgRc9B_vYJumrGvhrdqHVV7geb8GbeADoI2CZ2Q7ziHF5nrM7vkzDnGlG9eXujSUhPS6LHKfnBNOxDd3OKX21SPVX6Dk-FZM5IkVViWttw74U-DYEp0LkBUmc5xrI5a_XrqBk_c027Ua_aGBs-6CmGSm_rRkiKbDvfokDQJQG0Y0saXIKx-9acTJKu2uceNqLfsdMRCGLPuFNmWbzV2TBAwffIes-S0e7WP1yLiH4FPk2lIdbPt1Bfl4gChjJ9cbyRy5hP5_wnjVanhRkEaY8ahDMPnAtqC6F1XOGbzY_q3edxlJVgEsWw5l0JixIg4IXbunPM5HN4_Os7IN9BdgpzVCeJCSSQEn6RZOt3fFmJHg13eiXh9qpbVYJa7BvU00tJvftgMj6W79--J0roHtWiGqT0p0nXzvRPZ78IhfI-kMf4Ip8icCe5zTwf11H4S964vBtHWtiahXhz&cid=CAASKORo4EUjAHwo8UyksCDHccmAtE6TA7uuSC7d0botUKerLjrFIWO2h4g&rfl=1%2Chttps%253A%252F%252Fwww.wdfxfox34.com%252F%240

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb59e02698cc1d27d49dc4e4f8df20ec33edbfb31de8b1430eb0221dadeb568d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11265
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A830 42 B
494 B 77ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSUFm50fssTEU_bNNAjWKSu0QHs361sKqYToi2B4uXkt1V3clAxFbNMNbMY-LFzo_HO3VZnvWCYqQEXIA0UMkLah6ghYSEYzSdYPRK-AQJVjcU75k

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame A830 63 KB
23 KB 113ms
46ms Script
text/javascript 66.102.1.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXHZ01OYT-a_nyRII4IzIC6tkB9nBb_-0MjSr-LAH4iRUwe7SQ&d=CokBAKAmf-BWM1ad5z5DKWClTCaF4Qa1VoLvVisCQnMOorav7hxKZYVm7xLOA0OSREv3C8_uGi5wVLGU7L3arieJHDc0G-4vvJm8vTxNSLGHIivqKayUy-AmddIFUzqmaf7gc2AElj8tQgTMO_XCjEvG4VQtSZRQTrc8Wvkr7QF_fUQgEFY-4Ljq80ESyRMAoCZ_4Kq3sVAMzHPl8pM4j_XoGoAScTTJqL4Mf9uql79DeYQWBwhiYSuJfCwO1IdkUyi4f3Rjo8I6PVoetbJ8oOFPPuLFZKl1gc5g0Gsn0JWsM4fCwce9TX5PPdmqeW4fms7QoBpLb82FR2GPE6b8Rhcza8ZdW0KwxONEZFngtXGLJewGkEB4ztf-OXdHNgGby3u5PZnw2JJVuU8pRoHtpeSDRo934El8Fp6FAM5HEJWRPIsGLXwclpb9ZfdB9ibzzYlxXACueef_bcBhubJIO91-LSCg-lkNPMYaWscQX66NnCIcUMv_4myE0rjvwumuqf2TchuB_kvo1kKr0zwl7TkJtolNyVDiqetaNcCYf0y2Knxw-x_Y8oyRODEigq_-Azd8HRqZTb9cwH5yXF69GV-Ez5pE8deUkHG-k7WanYpl-AZdLKORH5v-mpvAIN8kPTrxa0lXyBylSNn7U1klEsLhdg7bJU9HtcjfGURVlMOv52pccfcQj-UmoLChavNT_jYr--P2slsPN8Obgl-n8WPRUUssn6NmaVLcI-i74zayv5Ut61VSWe9jIk8-OQeXMTNLX_A7-UKQse3DtYu49rUj6fwaiceVevOFX4TAU1RNeIof7t0aYDjuGPoBNlkmiTanZDzpXe_2f9Rl_jI6hQqA2c0U_7xzE1GNEA0pAjr2GYBrhjkuAOiRVOAt2sOXJnOrK_zEOhnfyn0xh6vMyqTdWkSssa23JJe8o5ZvsZsM0mX1Qn9177WFQVD6EpLfBYmF3YpD6s7IQ8_75guU9ZbVw9YLNzwfLsayondFUHHfswIrZ5cqHTgvj-N8V1Efa5MbTye0Cajp2HEV-UTar7_qil3TtJFCIY9sd_ZPE1Mtg204sZNtN_15hDyf420dOSVlRE6524eRaBE6R4MqawWlniYie1MAH68dncxcw97C5WCZ8rGTq5ni4XYuSOcpW-iVtedeDame8xAvaAaOcq4oWWKUmVhdEaFdALlr07Qt94Cg6AfomKoVtFmc7BC1rvmdspNfc6IIBm-Q9Tp8JIYlaIS_OcprS9AdgfpvlfRWnT4dfn-U_d-vtC_IBnikU9-wvT4E7ApRjCm0IVurhBppQMaQ_5OZ4UiVGqfvuS8thgHSv7j1_ccUNbzrjmczIKE5vKJYFV1QRInlDejUQ7pd_do-FMvsJad4ws31c3jMt4DB62wjw--ja_bQSXnWjY6yxpUFNNehx4hTPOKgce_aGB2f7Cbgu1Q5qfLhTaeyjROXy5u5e42JWtCOrgYFd2BRLzH-xJjprQmJHww4c4HI2zGPdGhZsVRKXW-HyzPiiw1z99IN0eL4pWGmyQf1pBkvlaBhQZKLVy4suilfqvS776p8PIKk8VK2TL1o86Ns4uhwqfib3CNTaTIk4fXWT1zjW0m8weyejLZ9eBq0t25wLodRAKrZaKvb2lKoCQQ5iXC35e1UU43YpxVJoeL2s3QfFQNhpZj_Vuphb99rYlv9nxr4nzJST7-Szggb5x3G8eMjH7fNi4MsEWq1S8LMM8XfDghJhR8jQcGXk-kZ56QUOEKmswecgoLm5kK1M_jAwHhLW-ZXTRFwrDGXJAOlSfjgDOE35vfFet9zHfCTnJ5sSZhshTMK8teGQLrGonfl8yt7nIR2eZy9XYsM36JhL9SZgcu4tH1DZT7IboMsbBNJlqwUDl8adIeLPEvg0yljgPTci-jS8yY9sQsmz_3LfGyG5W3OW6x-F9f8lGJhzcfxCg0CWcE09Amih-gAH0tyQp-z1sNetfMK2AZl2N_XMzYCk-sqiEcbb7G8IOVcTCvm5woxzXRt-PIfZOd-RFD0BjPCBvD_adm0Jbcz3elWbrzFzzVDpUTj6cTTuuilhOyOR55EbOc0W6pwgbqvN0nwlfGW6VasNJBgK-0W59WTaUG_g4EMmlthfpxftz-cfNV7lMsx04q-uhedqAp2utUckP5ocLzSoA4FHCHUHPL4WkUBsaiwlp9Nl6PXnzE_xsXgLyXq7l_mxomH5Bm2AJ_lwqDNKvCeMG6TEFbgVddxbUIWxkVH8mmVxVdcEJjXhpZ8WZbhW-a7cIITBvukxzali9yUif6ePxmerTv3mvhQsctQ5I_4bGeNlv_FHz42FeDGg4GQt7ZC-yHv7bemaigmE3-LnoHGLot1P76Azwv8v6WsqDeF8YptKCBgMr6djpQpPCuBhyPrd1rGzmCZjxviYdcPCDpoyaUxICw2mj1XpgR_Vctlf5qsjdNO3JWQzn9K_uj4cCd4SDLAc3e01Q0G4Fb_guowDCTk4VDCYGH5gibblJlhdd6JZSmbe2SvaJMVrWAXLAqLllpvmqMDkdixDwCh5AdvUnUZec-g30gYYD93DbUSkbvShNrKBl2oMtdxdGD05jwziZ8HMTpslW_QOkUxSHk8PtofXVXQGGQ7qB6Q5vafEvANtyOwsb8qE59o9bD2WD8bTkPywHMvjNPiNXY7__XlGOxxWeKKlzIiLsOUEEqjn1hF6s8F0iZfl89-y9gZqILKXwo0TbPbhO8WSaKIx_uDoGZBLzR953ago5CaAAALrqJzewgvFic8prC_eX8LE1mZ9GdfgIk8aTOOiRFbfV_0RMo1z6dIJNu2RL__oz3YXVpO8ayhlzR-3pFrFLhoT4I8D6KiN-LwyILq7faxAp3k5VC4IvEb7zXIpfnOIsKENeoksbYOjgre3NeXqvlVxBGEZLvVuOW-ie1YZTbpn_90qYOt0TvPKNVIwyKOI77bruW-qGdJo8UpAm--GUlS22Yd3CdQZwwTDpAXHliSQTL7st-k83jTSexojZUIplz0n5ncrh1sGltNH1qA7Oi22zxOyfazd4mU5yiSnvjKOR_vGFbSz3mUFztqxQW4vryJDgPVFEvZzEKLnHzH2HzlZ19JGpWStEDZFbNfXyM6lxFSy-dwQLLURF7fuaI1Z9Ipv1yG2auvRPs8dhUjQQXRHEC6jX4TO8tTpfdPw6Iiek-b50Wizmer_He5Hwqq5DhtVHLCAm6E-kBvbddApbkJ2dJjlG5S7sPTpKMnAz4yHEXHr7O3_A4tH43LWi8r3OS_xTFUEF0qUPHm4SI2DwH-ZZWdpJi6DkQEjlPHgiRN-BmOp0a0SerQePhJ0k72yMcNQvG99RqcSpTAK__SeSFjAMV5uqvhgfJysj6pduuPoGlgt4VmasvHKt0rWPIRpdogbBjxT9MCuLCyUuouqitDndsK-t0xavXiUSVZ5Gj0tVmuEfrJbokbGNBWwxT4Cc5ATMPLyF7Uf-rlcJkboaOWVGuSGWE6rwK3jCOX4Mks30aJfIQabMIYeoSdJ9HNgL58LfQaLAgAEijkaOBFIwB8KPFMpLAgx3HJgLROkwO7rkgu3dG6LVCnqy46xSFjtoeIYAE&cry=1

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f155.1e100.net

Software

cafe /

Resource Hash

960b94c60e7eb0308835eeb253ef5d0855aa219df2ac368dd664d0346234200e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22271
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1193850/66084803/ Frame A830 46 KB
12 KB 133ms
32ms Script
application/javascript 34.247.139.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1193850/66084803/skeleton.js?bidurl=https://www.wdfxfox34.com/
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.139.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-139-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dd738317b1a43be4bdb7da39911dc1e6daae5f6e487f88ed0e04c30bd9735a56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame A830 3 KB
1 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame A830 17 KB
8 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A830 0
0 42ms
18ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCcCLMzIJAITRoY243X33wgMoq2IejTMcr4Qy83Ac7_4DlaoVrlZtOaRJcxXSYwelBDgpY2mVitrO9vyqnIUaS_sdJ1A
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A830 152 KB
46 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:17 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 33ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:53:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 01:54:17 GMT

GET
H/1.1 200
OK G6XoX46Pz02aWQQ7HIDAfg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 41 KB
42 KB 698ms
162ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/G6XoX46Pz02aWQQ7HIDAfg.medium.jpg
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0558b0023c1c4ef9ad3c1948f9cf1c889992b6038dc9dd482b75caad94339ad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:17 GMT
Last-Modified: Fri, 02 Jul 2021 01:09:51 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: RN+R/d0ApyTnvQzWUD2oQg==
ETag: 0x8D93CF6180F7A8F
Content-Type: application/octet-stream
x-ms-request-id: f83e998a-c01e-0034-08dd-e80e79000000
x-ms-version: 2009-09-19
Content-Length: 42081

GET
H/1.1 200
OK 586d643d-55b6-4ba2-a548-b9a45fead3b9.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 34 KB
35 KB 699ms
162ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/586d643d-55b6-4ba2-a548-b9a45fead3b9.medium.png
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fe8437cd5a7ada22f5a5991fd0747060211bd514e36f6d41820a68c90c57c633

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:17 GMT
Last-Modified: Sun, 20 Nov 2016 14:00:43 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: AdUghhWaScvgUA0ClW5O/A==
ETag: 0x8D4114D9E887B4C
Content-Type: image/png
x-ms-request-id: 9b65df88-001e-0004-07dd-e8b0b6000000
x-ms-version: 2009-09-19
Content-Length: 35301

GET
H/1.1 200
OK CKs1Ze673kaCA84Zzv-_WA.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 209 KB
210 KB 704ms
162ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/CKs1Ze673kaCA84Zzv-_WA.medium.png
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 57a62640952523260df08a98c8d7f794e2e9cb17d6d81f4a10cf3958237b628e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:18 GMT
Last-Modified: Fri, 02 Sep 2022 07:12:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: i8csDHyRslEC5Umo4ZED7Q==
ETag: 0x8DA8CB27070DBC5
Content-Type: application/octet-stream
x-ms-request-id: fbe5a003-001e-0082-59dd-e87c0f000000
x-ms-version: 2009-09-19
Content-Length: 214406

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK k2SWYB2frU-kRXzW6U27tw.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 26 KB
27 KB 1017ms
162ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/k2SWYB2frU-kRXzW6U27tw.medium.jpg
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 673a628d04deb21b0ab7a9b2b87765a64766c897979cc1b3c89c8961c9d7db11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:18 GMT
Last-Modified: Tue, 26 Jul 2022 23:24:19 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: X4CNMuXJrQJVdtvIglrOOA==
ETag: 0x8DA6F5DF769688A
Content-Type: application/octet-stream
x-ms-request-id: f83e9a0e-c01e-0034-7add-e80e79000000
x-ms-version: 2009-09-19
Content-Length: 26759

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
19ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wdfxfox34.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wdfxfox34.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 352ms
352ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1844615067968735&correlator=2629609146674435&eid=31070233%2C44777188%2C676982961%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22676109897%2Cnat-external%2Ceviesays%2Cfrankly%2Cwdfx&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=6&adks=358730519&didk=2642323952&sfv=1-0-38&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wdfxfox34.com&sc=1&cookie=ID%3Da56a82eb9305ae3a-22a0343b57ce0064%3AT%3D1666749257%3AS%3DALNI_MZXcuxzrk5Rk9QvleION6XMoGMUaw&gpic=UID%3D00000b7870d6a23a%3AT%3D1666749257%3ART%3D1666749257%3AS%3DALNI_MZZS1JeVOlzqTiBSA_q4Eehs2k_lw&abxe=1&dt=1666749257587&lmt=1666749257&dlt=1666749255337&idt=1786&adxs=1190&adys=1775&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wdfxfox34.com%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=1873124982.1666749257&ga_sid=1666749257&ga_hid=1941866568&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c4cf5d14169ced3930821323216932179f6c69401b252451b6a12e141e405a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10095
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wdfxfox34.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EBFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOW1heTi0t7bhhUheIhrpUw&google_cver=1

43 B
766 B

15ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOW1heTi0t7bhhUheIhrpUw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPoBEMaM84AEGO2bptQBMAE&v=APEucNXu_J7iyTLgcXyGbLcH4K3ncG19o4GM7CovGf1CU6MMr9XGpNuhBhCIsrRe0F7ovVyxYKW8HOqSmiO1PCtyObuhOXVPkYvy6eKF4wy_p_-QdtPFQPauJ3tkSi_wUWLAmQaD6lUpzfx--ICurDxStGGoRhH2-vSmda22C-HDS_kgyY3uODQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOW1heTi0t7bhhUheIhrpUw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EBFE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iTSTW6X7d1S7Aj-fJ.ewAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1&google_hm=2

43 B
766 B

11ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPoBEMaM84AEGO2bptQBMAE&v=APEucNXu_J7iyTLgcXyGbLcH4K3ncG19o4GM7CovGf1CU6MMr9XGpNuhBhCIsrRe0F7ovVyxYKW8HOqSmiO1PCtyObuhOXVPkYvy6eKF4wy_p_-QdtPFQPauJ3tkSi_wUWLAmQaD6lUpzfx--ICurDxStGGoRhH2-vSmda22C-HDS_kgyY3uODQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EBFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEO2xGkdXoRJ3R30oDz_Gjqo&google_cver=1

43 B
1010 B

22ms
14ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEO2xGkdXoRJ3R30oDz_Gjqo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPoBEMaM84AEGO2bptQBMAE&v=APEucNXu_J7iyTLgcXyGbLcH4K3ncG19o4GM7CovGf1CU6MMr9XGpNuhBhCIsrRe0F7ovVyxYKW8HOqSmiO1PCtyObuhOXVPkYvy6eKF4wy_p_-QdtPFQPauJ3tkSi_wUWLAmQaD6lUpzfx--ICurDxStGGoRhH2-vSmda22C-HDS_kgyY3uODQ

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:17 GMT
AN-X-Request-Uuid: 8e8770f3-4e51-474e-a1ee-ea693761139a
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEO2xGkdXoRJ3R30oDz_Gjqo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBFE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D

170 B
188 B

43ms
32ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:17 GMT
AN-X-Request-Uuid: b5b0bfab-d878-4e86-aef5-021eb0f18742
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 24ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wdfxfox34.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 111833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:50:24 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A830 41 KB
15 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BbeTw-fEZonJGGD9A6UjlepgBlBDuCYLxdLJxNhjHFI3CriqoC77gukKgFH04zKsk4_mEt98BMtpdsLZsR8_yLzCgAFQK4-vdhMs-2Wq7-sm0leTBxNxhpmTCn2xjBQktWevqsCB_Er3aQdqioRdEh2J8Wuy0_sDcAh0ooGBetF1ZMzuo&cry=1&dbm_d=AKAmf-CiE2lX3pu2pzR-pw1HKGcoaCuu9d0d_ckdokKLPmgWcn-HNA-mjXFkPVPmjeqEUwKyhW1e_JUGsqjEfVEI1cZ5dE_rbGDmY79LtYAmEEIYeP1Sj11KXsX-XvTip7d44dEUgkcZ7WzJ4V2gWISNE5xM5hv4P1Tu1CeoO_VskqayyF0U_cLJxKQlma_c36w6VjtsJrbzTD1of52YuhjmOculfuccNVHr_GFrz6jFrWQr9TWpv9QNg_yKo4408RD4muY-sMm1_KaPqdZ4HM0SFHjGXhtLUvtI5WaK2hjK-hI6UHkMpo5JSMcFkh_oOAWpea8pvXEMn4OxEBrQpkhuMGYqdv834GGrq_nJ4pyLpnkr0ceIUZ9lg_Txu_uVcbe_ON1ewQWwAmKGtlcSWyiCLpssnvldC6MW9aO0N9z3J1tprsERyJq1Zb1AaCPSmh6g9xcK_BrYQjoiPbvpyJcVYf-JWn8_zPRaVXKJXGV13wqL3Vw7hHJ9K7sU8NAthkbxSRAxXzk0487dkyIz5bRE6mPFN_jmKrDSBapUPsC4FjMxBR0oJEVx_QbDBMurVR6yKyZxqsq0-xEHbkbdOU9FHxOBFvVnUr_iZ--rqsCT0e08Nb9y1ApeZ7lq6CL1aeegGPnk07MzIV-875VeVzjE9XtGqMewe-GiZn6aDQVMNYBLVmfW0CKe_50UtcFrSbYCmq5wjngCFUgnEap82vYcRUvqvMBkZlGC9d-sVX8mDBjtUS7R3V_JNcaIJcqCIaRuRyzvOKHFYAflw6Y88yBXglVf4-IU-wUiEaivjh-m4bgmqyIKCHI3XzW8wvIdsenwavlZhaX15ldYZacGMF3JjDvTwF2lBQlc1jhq-uU4DzJtLTS4hXRTa2WFrtX61Ic0JJC0WCAt2hKa3ZgVSSPLEGOzRMQ7FUTCpHbZif34_Bk6mcAYKD1UgQ9-kdvQ7RK9L7aYJxo_xnE52JZ2pJlOBQsw4kZP3oTza5RWCgabt5H-j4-DGeKDTHymqOBnT7YmhOpgaPnh7R1bmVLxBRTFo6xMZRwCjppKFtejxt0KG_f0vRO2_LretnxUnZ1esY1WP0pHCPWt-DADJV13oseD-T1kSxgFZZkam299e4AC4tRZ_40Ftw3cLjL2abTeN9SvaQlPw3o9pewISs6-3WR1idGTc1DX9p8vPSY0y783M9PcdoABC-VVjlEFmFiSaRI_XD9-GrFMHeskwkmmg3QX8VkRZGeI--ZfcExrZ2lZWLC8uzw2GPfVsdVg5HkMCgd82oXKaaI889YOkwo7PL2v-BqRAcopfdigWAwOkBl_6UHUsaDyxugJGCRI50hvYHBFZ-Q1qfL8VAun8UCoJsOtgtSIA25s0Uw4-MhxuZBKjYzIX77l1zvjgsZpKTFx1t4_MkPPnege-EQZ9vZpxGU-NnHBOuMjkMMwK-CttuU3JYozyxTz_ww09QxygYOEqCd9avoO-sStDDZi9sD3zLdAruG_z80TWfO3Smni_7vr6aaeDSE4SCiK0VsWIfRW4oWCEWxc8lhoi2s2x9LrhXAaUotVUGuknLGqVF0vdXF0oBIUJeTpS5O54BIkW9zSrKa3Ugnc2anA-AWS2jNcFj2EweIYEtLGX4hO6bzlU58dOWHZgK3YHprV9OBZnKAZOghFUzbcoudGCVkuUWLPGKlwdDgFz0eAh7Q2IYlfBLOxMQsWLQrru_4XM5mCGqGFshIEH2s-btRC8gYLPhCvdyVugjAlZuA0EwZUw1A_-cnUx2uaxvVLUkV5P6ObkRVxPM349ZFLUWxdEZ0QBBA1vdp3KKRDYc-0biSjXYxtKc_L0uOTaIJAVEcYjtr1L6N1r1-xe4cB5JUm-yFVwW-GOi3avob6EGtVCXjrBaAkqSa9473b6mUUhZkDUAXD2oqctzlNsNAAHOkic2wA-Y4OpyaxLyPSNEcmOwyn6wSGUUCSa8HFs_jHIt07IiYzmaTggiBUK18zkxNyeegNAjy-x4vtTdPAfJmIfJ1P-cxnyB-KX50Gv2EXSHnGhvgSmBV-jyupiNaaXJY8mzKOXW3W739OD1MyYkxf6J8eJ1c9ZnsQsKI5uRCciK3fJTl_K4lIbXBqUdgcswNG6pPfVCZg1x2cCTwXY92_Ps9nOU-X0xX9Xf5LOT_TIbuZBDKCkR36VUos5MMmUjb8UsY3l-qMEqKUsOKH2jO9H1Idiyl6nrmSXd1J-WCb-E9PzdA-vU2HsplrYhrT4gkNLvz6oy00knSTtsDzOuKEpxgBG6a4SCFMa1FwoAd3bE0Hr0-jA--xpib186okJYaR5AeyI_ZvGTrKuOqfLNtWGovNr1f22VOp8xqyIWyrhi4BsSrAwvg69Z5mcSrjdc9XibrKSHe8_n7-jIFl5jSCBrPkO9OL6ierqvcf2vgfsfPbvxjfPYGgRc9B_vYJumrGvhrdqHVV7geb8GbeADoI2CZ2Q7ziHF5nrM7vkzDnGlG9eXujSUhPS6LHKfnBNOxDd3OKX21SPVX6Dk-FZM5IkVViWttw74U-DYEp0LkBUmc5xrI5a_XrqBk_c027Ua_aGBs-6CmGSm_rRkiKbDvfokDQJQG0Y0saXIKx-9acTJKu2uceNqLfsdMRCGLPuFNmWbzV2TBAwffIes-S0e7WP1yLiH4FPk2lIdbPt1Bfl4gChjJ9cbyRy5hP5_wnjVanhRkEaY8ahDMPnAtqC6F1XOGbzY_q3edxlJVgEsWw5l0JixIg4IXbunPM5HN4_Os7IN9BdgpzVCeJCSSQEn6RZOt3fFmJHg13eiXh9qpbVYJa7BvU00tJvftgMj6W79--J0roHtWiGqT0p0nXzvRPZ78IhfI-kMf4Ip8icCe5zTwf11H4S964vBtHWtiahXhz&cid=CAASKORo4EUjAHwo8UyksCDHccmAtE6TA7uuSC7d0botUKerLjrFIWO2h4g&rfl=1%2Chttps%253A%252F%252Fwww.wdfxfox34.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
H3 200 container.html Show response
eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 310A 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wdfxfox34.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:17 GMT
expires: Thu, 26 Oct 2023 01:54:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A830 106 KB
38 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Origin: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 08:38:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame A830 8 KB
3 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXHZ01OYT-a_nyRII4IzIC6tkB9nBb_-0MjSr-LAH4iRUwe7SQ&d=CokBAKAmf-BWM1ad5z5DKWClTCaF4Qa1VoLvVisCQnMOorav7hxKZYVm7xLOA0OSREv3C8_uGi5wVLGU7L3arieJHDc0G-4vvJm8vTxNSLGHIivqKayUy-AmddIFUzqmaf7gc2AElj8tQgTMO_XCjEvG4VQtSZRQTrc8Wvkr7QF_fUQgEFY-4Ljq80ESyRMAoCZ_4Kq3sVAMzHPl8pM4j_XoGoAScTTJqL4Mf9uql79DeYQWBwhiYSuJfCwO1IdkUyi4f3Rjo8I6PVoetbJ8oOFPPuLFZKl1gc5g0Gsn0JWsM4fCwce9TX5PPdmqeW4fms7QoBpLb82FR2GPE6b8Rhcza8ZdW0KwxONEZFngtXGLJewGkEB4ztf-OXdHNgGby3u5PZnw2JJVuU8pRoHtpeSDRo934El8Fp6FAM5HEJWRPIsGLXwclpb9ZfdB9ibzzYlxXACueef_bcBhubJIO91-LSCg-lkNPMYaWscQX66NnCIcUMv_4myE0rjvwumuqf2TchuB_kvo1kKr0zwl7TkJtolNyVDiqetaNcCYf0y2Knxw-x_Y8oyRODEigq_-Azd8HRqZTb9cwH5yXF69GV-Ez5pE8deUkHG-k7WanYpl-AZdLKORH5v-mpvAIN8kPTrxa0lXyBylSNn7U1klEsLhdg7bJU9HtcjfGURVlMOv52pccfcQj-UmoLChavNT_jYr--P2slsPN8Obgl-n8WPRUUssn6NmaVLcI-i74zayv5Ut61VSWe9jIk8-OQeXMTNLX_A7-UKQse3DtYu49rUj6fwaiceVevOFX4TAU1RNeIof7t0aYDjuGPoBNlkmiTanZDzpXe_2f9Rl_jI6hQqA2c0U_7xzE1GNEA0pAjr2GYBrhjkuAOiRVOAt2sOXJnOrK_zEOhnfyn0xh6vMyqTdWkSssa23JJe8o5ZvsZsM0mX1Qn9177WFQVD6EpLfBYmF3YpD6s7IQ8_75guU9ZbVw9YLNzwfLsayondFUHHfswIrZ5cqHTgvj-N8V1Efa5MbTye0Cajp2HEV-UTar7_qil3TtJFCIY9sd_ZPE1Mtg204sZNtN_15hDyf420dOSVlRE6524eRaBE6R4MqawWlniYie1MAH68dncxcw97C5WCZ8rGTq5ni4XYuSOcpW-iVtedeDame8xAvaAaOcq4oWWKUmVhdEaFdALlr07Qt94Cg6AfomKoVtFmc7BC1rvmdspNfc6IIBm-Q9Tp8JIYlaIS_OcprS9AdgfpvlfRWnT4dfn-U_d-vtC_IBnikU9-wvT4E7ApRjCm0IVurhBppQMaQ_5OZ4UiVGqfvuS8thgHSv7j1_ccUNbzrjmczIKE5vKJYFV1QRInlDejUQ7pd_do-FMvsJad4ws31c3jMt4DB62wjw--ja_bQSXnWjY6yxpUFNNehx4hTPOKgce_aGB2f7Cbgu1Q5qfLhTaeyjROXy5u5e42JWtCOrgYFd2BRLzH-xJjprQmJHww4c4HI2zGPdGhZsVRKXW-HyzPiiw1z99IN0eL4pWGmyQf1pBkvlaBhQZKLVy4suilfqvS776p8PIKk8VK2TL1o86Ns4uhwqfib3CNTaTIk4fXWT1zjW0m8weyejLZ9eBq0t25wLodRAKrZaKvb2lKoCQQ5iXC35e1UU43YpxVJoeL2s3QfFQNhpZj_Vuphb99rYlv9nxr4nzJST7-Szggb5x3G8eMjH7fNi4MsEWq1S8LMM8XfDghJhR8jQcGXk-kZ56QUOEKmswecgoLm5kK1M_jAwHhLW-ZXTRFwrDGXJAOlSfjgDOE35vfFet9zHfCTnJ5sSZhshTMK8teGQLrGonfl8yt7nIR2eZy9XYsM36JhL9SZgcu4tH1DZT7IboMsbBNJlqwUDl8adIeLPEvg0yljgPTci-jS8yY9sQsmz_3LfGyG5W3OW6x-F9f8lGJhzcfxCg0CWcE09Amih-gAH0tyQp-z1sNetfMK2AZl2N_XMzYCk-sqiEcbb7G8IOVcTCvm5woxzXRt-PIfZOd-RFD0BjPCBvD_adm0Jbcz3elWbrzFzzVDpUTj6cTTuuilhOyOR55EbOc0W6pwgbqvN0nwlfGW6VasNJBgK-0W59WTaUG_g4EMmlthfpxftz-cfNV7lMsx04q-uhedqAp2utUckP5ocLzSoA4FHCHUHPL4WkUBsaiwlp9Nl6PXnzE_xsXgLyXq7l_mxomH5Bm2AJ_lwqDNKvCeMG6TEFbgVddxbUIWxkVH8mmVxVdcEJjXhpZ8WZbhW-a7cIITBvukxzali9yUif6ePxmerTv3mvhQsctQ5I_4bGeNlv_FHz42FeDGg4GQt7ZC-yHv7bemaigmE3-LnoHGLot1P76Azwv8v6WsqDeF8YptKCBgMr6djpQpPCuBhyPrd1rGzmCZjxviYdcPCDpoyaUxICw2mj1XpgR_Vctlf5qsjdNO3JWQzn9K_uj4cCd4SDLAc3e01Q0G4Fb_guowDCTk4VDCYGH5gibblJlhdd6JZSmbe2SvaJMVrWAXLAqLllpvmqMDkdixDwCh5AdvUnUZec-g30gYYD93DbUSkbvShNrKBl2oMtdxdGD05jwziZ8HMTpslW_QOkUxSHk8PtofXVXQGGQ7qB6Q5vafEvANtyOwsb8qE59o9bD2WD8bTkPywHMvjNPiNXY7__XlGOxxWeKKlzIiLsOUEEqjn1hF6s8F0iZfl89-y9gZqILKXwo0TbPbhO8WSaKIx_uDoGZBLzR953ago5CaAAALrqJzewgvFic8prC_eX8LE1mZ9GdfgIk8aTOOiRFbfV_0RMo1z6dIJNu2RL__oz3YXVpO8ayhlzR-3pFrFLhoT4I8D6KiN-LwyILq7faxAp3k5VC4IvEb7zXIpfnOIsKENeoksbYOjgre3NeXqvlVxBGEZLvVuOW-ie1YZTbpn_90qYOt0TvPKNVIwyKOI77bruW-qGdJo8UpAm--GUlS22Yd3CdQZwwTDpAXHliSQTL7st-k83jTSexojZUIplz0n5ncrh1sGltNH1qA7Oi22zxOyfazd4mU5yiSnvjKOR_vGFbSz3mUFztqxQW4vryJDgPVFEvZzEKLnHzH2HzlZ19JGpWStEDZFbNfXyM6lxFSy-dwQLLURF7fuaI1Z9Ipv1yG2auvRPs8dhUjQQXRHEC6jX4TO8tTpfdPw6Iiek-b50Wizmer_He5Hwqq5DhtVHLCAm6E-kBvbddApbkJ2dJjlG5S7sPTpKMnAz4yHEXHr7O3_A4tH43LWi8r3OS_xTFUEF0qUPHm4SI2DwH-ZZWdpJi6DkQEjlPHgiRN-BmOp0a0SerQePhJ0k72yMcNQvG99RqcSpTAK__SeSFjAMV5uqvhgfJysj6pduuPoGlgt4VmasvHKt0rWPIRpdogbBjxT9MCuLCyUuouqitDndsK-t0xavXiUSVZ5Gj0tVmuEfrJbokbGNBWwxT4Cc5ATMPLyF7Uf-rlcJkboaOWVGuSGWE6rwK3jCOX4Mks30aJfIQabMIYeoSdJ9HNgL58LfQaLAgAEijkaOBFIwB8KPFMpLAgx3HJgLROkwO7rkgu3dG6LVCnqy46xSFjtoeIYAE&cry=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:55:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame A830 30 KB
11 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:40 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7AC6 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 73958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 87CF 624 B
299 B 40ms
22ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNVWt1dA3sE4ZfVOG7SGo_yNyqqLcaO-CuoXbLVh7oSv5nK_2WNGCTYZZstWPxeDWdi4P1nKvyjcDM0aiwYNq0uwiVnxWfrqbaiPGT_5BYQnWCRYmr14cUzS31o3Om02YVJ-xczatKUQ0EzubS4S_AwoBmiKn-KmbzZBuSQJRUvrc7vkfUk

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:17 GMT
expires: Wed, 26 Oct 2022 01:54:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 310A 82 KB
34 KB 62ms
45ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqpVDRxaeoZT4QOIF9pBYXEK51hrLOg5kE2CODUS0ltsP6Flf1ZDQb6UutPCHmejtsDiJEOCh1sGKCYfv7QP_ftaSXfg&cry=1&dbm_d=AKAmf-CgBf44dIArZUf1elOvc3am2ss1N0vJS2Zp2W0r8VGN33x2dVwVFaTu39kJ9Sahgg22x_g7scxMouppePLy_oqmOgRCGkxxM5BLYtPKahgwjewvNaNsxsCVeMjKJMKYHr2h1mOVwzeve3LnLqOiK215_8ahIMe7TGgQ1QgpGSzNulmCTDnysHQbiOLubjRyfjiPGMPiTIVj8e1sWLFoskwF0c-_mXFL-227bfJGHbQ6KpMt241-Nc_acvBGgrEPNUjstZgU5HyX4jHFdKcBjZYmafoBpeZHuoqiNcN6-8GFIk4oSIQwufpIs46LhYTn8Z6WstfYLfGq-Bf9HCIMDUKo29_T4JMU8DYOhqpbtYk9W2DRoRfuMz4oAVsvXNxCl-4FhfnGUiVJsNUpMB7X7fU4ngeoH-p2cCR4tpFtsevglcQoVwxk588AIXJg24yey_77hdoApT8DQvIH8qx5rvp7RgL25ytb0fxizMkLvXKoXc3MvNa_2_t2s_qg846vDLAP3_5DnU2B0PdI43Hpmu_nND-4JJN1XRg-hXOcFOh_Z_xxFGkYCJbBT5O7_G75_X7rKYuzsTy52iJR4BUDLE2wDnXqRkdRG28w2YHAnQnfApuHreaRX8jm-cthrVJaD8S862eN-e9d0mQkzoGUnvBlVkrvOXQRP0g6qP1OKzjspwFtOA8DyBUgWrHoas7c9J2S3CJG5VtNNiVuyUduxbTBisf9HCGYiZ7MLT5nv9uShCDa-fDniltU6SzYone3e5nH5jZbKmtVJS6joOHGLm6MfOK6ym8vLuRD7vD_Yx_37SBO9hjIMVdOnH5hWZXZaPZuQLab4Uc5qfnaolZd-XaCdbkKfjKU49GK073PPu9AunmppUo6fYm-q6JmFX-UCQeLQoxg9lt6mBOcfLPThdNzicg4z3usn342qlu9XKYK9yGnqXoFEmhf7Uq4WP5m4674jZF0W5p8ChzJowGntO6ksW55430s0wcqfe8XbEvvhyjRqRcN5yL6_n5eZzDfcMTxxHNGz0uGWW6tJVXS-qo0rDpnC-PPP4jLXpJi3GygbNu7dJic0wLJ_nbKHeaaJ21ZB5zZN51d3gAO1XyvBeoDPspTpkQ7TOWRNMnzDDqilNB0XiWpxBgN4g5lfSW1f35zKjjxBGYhP6EdCmUkcCnC-wD6T3ZaOxepwfZiiuSaMVUA06wTUomumR_8SuRvMt-5bpxpp9TT-xhXi4p86Rl7yWOzNv6EVDVEDimXEoaiq6Ej3L4yBIQ_qGfmYO6DaARmDJGpnWqIYGqA6qiUNTNCLRQ1tvw99gjQQHKa8Tgw0_gDUHXTmZI5dHSACmxs86fzgNJ9DCmvp8k8uZ9pdRcBpp7vlOzA93rQUuqaEb47haQHtT0QlGQreClntHlBeA8xDrFLxFtOXciKblsFcjVimpShB26A4CvmfLvL99_U9uTJzl87Lk5uj7cvdES0XbNGDslo--Gbk3Jeof3PyQrYSuEFQxLqwwt0BdgVMc3FV2Xu9urfJd8gKSF5N4h4QxdUt6L2GgR58YV4CaWohQDGZ4k2znAeUR1cQNkrZD3Gz9l0ylEgZl3w9Ko2lgyHF7WJ-2hZ9FjeZqvAMFBpg29oTbzit7c7sDnlGgXFhH-bBOJnDg3U33cjsWdS_-qSeKRlZUu9mOgN1Qm-LBv89I-6BtBWbXQgsSSupwUHJU5gTM5EtEzj7kDyDdTsxlPWgWcjdVTGAK5vIzdVVu0OpNckXsyKyj8LZ7hwD6DUQB18ujgXn9HVquq29-dDnZ8_HthsEKexfTP6g63wiByK7W93Z9mPEZ0x-yybHp8UvWuejndOp6F-0yZTDSsOhWUq42uRL2gvOsL_k51d8_0-LhMOX2SXxzM1bMuuifVXNMC3XC0rTfQF3IommGlh6Hkl0DnuKlzW7g0M1RQg0mzA9u7ha452Pe7PvA1qrq11yfxyC2ZQer2kqCIIKU_FRsz82l9Yc1fRA5_FbTJEtr6w5MyZlSCpt0ZErt6iOeEv7STN0qoFC-jnkmxq_IrukLYqPNXTA_fjmI4qeErZm65bMiTg0ysToMJJfxf5gtTV4DtNh8hvDGT-r2GepdxTObD27N-XQhWD9QcBx98WPWWesywJOgdozQzpvdAp4xASxoHh5NcwGuaUiCShb1gBjecBT7SWfgT_D8Uez1dYPsklq8hqroUkphyvZlf7Dc7bXgEIat8x7kJk6zZBgw1bgFjtMBCgA2V15JGwDgSL6NyS9_N433ZBdDP61Vn3RCWX1R0eLhDOR6r_kCndGstA9M0vQu7GBHicsob3OP0Y6PHJvzcbRjNi2ATRa9HVk0NMNVpHb5MdxVjNbB_CwfYb5kZofxpksED7Nri1jOjyuuqOPkaQ1Q2XQrOonvbq_ibxrTL8vMklNQPTBhmL6y_FQSnCcIky_Mr5Xha0F31Snkq1hZPKA5zGHxTnG_OwHaXl9kwrJ-YWW2q_ooQFLvELImGBNksfzUqgxxl0EcV-9zhGyRTk4qNAaCgVypEFTuY9NVvUqb8DAvk4RwtyvrFqhVbKt-e36q93WOFYCF0ZsLDjgejf1Wd1HC3CPRO_Wxez1p8frk1KY67KHYUiL9QeXyBBxWq4gcE7zHUPoXyFJUw92jZ-SG3-B7Wlw9GMp_thLogWYhit9ATdwr2ps5vXHWaYDgy_Im35wNAhYO-PAnXghhAv1UouMje5ulHEPfONHvYkd0KNGYyh0JCfGAU3TZST1vqO5oWiaOrGpfBWZrti5ilFTLEkM5RKYnZhJGoUCsWOsUab0BLp0obbf2Guf522Iw3CF9an-HG03IY-5T8oWWt3s80f7OcNrCtim3vYqtMcdf4HF4zGMY8Z5Yxjwtntn4Mx5YKYvIQOWZLonUyzNVyjUBtbhOqM0lUilVEtqpPa050xJiNLi25hfzguoeYiL989ErPZcMxzSAkbWd0Gug7NF4HDqJxVoz03KZcCkymJkbo0CIkMDrh5oqBdkIkmwJobsJhayXRkz2KdhIAM3DPvn9_4YbIQcXOwHVuDXRoVuSLD4v4umGDCUx3OHRB02YaDVzLTaetM-au2GnvnSiojJjMzh2zB-3qD1RnVcwu9rplIM0zFqDwH2Cbpe0dc9V8lRLjKB6O4rwBEYHIFw9TNUFb9mYnulETDjCPO5r_3hsezKMkZGQDclLXcqWjDTjZBKYdNTT2t_itnLxTB1GtRbwe6RLQM9BwvpQzPRYdrnaag1nIC0l_YSI8VH77MiGDxqRMWKf6XCeCxmtQ1cQKfpo60n-vOqdZONdU5eQnf-9g6WRs_52worTErGE4UuoHNgUmoJIeZ8NARORhfZGBPCrCYfd7dl7LlpRU_lR5rFh288ns&cid=CAASJ-RoyPhMcUGO_iGGEz0Ua7kEJzBDaP_PiI0ba17gWtgQ9_dJCVW_NQ&rfl=1%2Chttps%253A%252F%252Fwww.wdfxfox34.com%252F%240

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

663dc441949fc1cfcf5f42f2ab5835e0438bcc11f304a62001b13c566ea1b7f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34519
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 310A 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8J95e8Qd4T7yI9whz8OaJChfoLWUQlZyFbLW9Lwn0qQykGig4y45PgIQrBSRfyoNsjbsxRJkwps1-cm3lGV8mpIr2MQcwrxOGDcNUPRSfqCi8loo

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 310A 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 310A 17 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 310A 0
0 37ms
18ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTITq0NWpgJWLgMjOv7QyIiyvf658Yyb8UefTqFHBRSeO0TPqIu1yc8odbRZYC9RifOnZIS3EAH52YB2l0E75dpKMqOFw
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 310A 152 KB
46 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:17 GMT

GET
H2 200 main.19.8.358.js Show response
static.adsafeprotected.com/ Frame A830 195 KB
60 KB 63ms
8ms Script
application/javascript 2600:9000:214f:9a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.358.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1193850/66084803/skeleton.js?bidurl=https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da42947db2dbc8b734af5c4824cc9d4b7dcf3c3e239ea97734c635124dbdd2f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:05:15 GMT
x-amz-version-id: 0sn4_UL9l8bkgP3Aut8sG_7WwLSS70Jz
content-encoding: gzip
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 614943
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 17:05:47 GMT
server: AmazonS3
etag: W/"85e0b2aa9650a8cf76c0baf4d5352463"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 3-e4G4_6kdThCT-dftRcJMl_tUCnxgfa6X4gi6Eq2hLybQ_-lixE3g==

GET
DATA 200
OK truncated
/ Frame A830 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fab29c6db78f7b0055ef867fd206334b8e1e8178acbb498e74c75bc928d77bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 87CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNVWt1dA3sE4ZfVOG7SGo_yNyqqLcaO-CuoXbLVh7oSv5nK_2WNGCTYZZstWPxeDWdi4P1nKvyjcDM0aiwYNq0uwiVnxWfrqbaiPGT_5BYQnWCRYmr14cUzS31o3Om02YVJ-xczatKUQ0EzubS4S_AwoBmiKn-KmbzZBuSQJRUvrc7vkfUk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 87CF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iTSTW6X7d1S7Aj-fJ.ewAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1&google_hm=2

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNVWt1dA3sE4ZfVOG7SGo_yNyqqLcaO-CuoXbLVh7oSv5nK_2WNGCTYZZstWPxeDWdi4P1nKvyjcDM0aiwYNq0uwiVnxWfrqbaiPGT_5BYQnWCRYmr14cUzS31o3Om02YVJ-xczatKUQ0EzubS4S_AwoBmiKn-KmbzZBuSQJRUvrc7vkfUk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxPw_ZFXGJLln7PerQIwbQ&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 87CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIwLhQ2hViLAR7jny_yP9II&google_cver=1

43 B
1010 B

14ms
14ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIwLhQ2hViLAR7jny_yP9II&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNVWt1dA3sE4ZfVOG7SGo_yNyqqLcaO-CuoXbLVh7oSv5nK_2WNGCTYZZstWPxeDWdi4P1nKvyjcDM0aiwYNq0uwiVnxWfrqbaiPGT_5BYQnWCRYmr14cUzS31o3Om02YVJ-xczatKUQ0EzubS4S_AwoBmiKn-KmbzZBuSQJRUvrc7vkfUk

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:17 GMT
AN-X-Request-Uuid: 45e2a17f-d1d2-4fb9-926e-cc8e55ae96e7
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIwLhQ2hViLAR7jny_yP9II&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87CF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D

170 B
188 B

31ms
30ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:17 GMT
AN-X-Request-Uuid: e8a10715-53b1-49ce-b22e-c58f5c53f10b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AC6 36 KB
16 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 09:38:27 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4808050399242289082/MR_300x250/ Frame 7700 46 KB
15 KB 23ms
7ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4808050399242289082/MR_300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bde350617f854641906a76f90a18eb9a882d9593fef80f234a2b49e59edfee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 82252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 14860
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 03:03:25 GMT
expires: Wed, 25 Oct 2023 03:03:25 GMT
last-modified: Thu, 20 Oct 2022 08:16:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A830 0
575 B 88ms
46ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssS2TBGnBap7EswfDJi7eWXijZDnQZ28Inrxq3Bz2qiC5kPGMO-QoAysVMjcN-hkpl79Vu_dnRXWrzDv-XOeJl2SLcbmY3650BLN-2cGS5cpO2wXvftCWp-NtsjZIcWP08x8x3QC2Q7raLxtLpmGnWRCq039ms&sai=AMfl-YTmFDBaAbA2DeHsV-55BPgLQKqPX4U2L0DET4U0bCVP3MkKdTcjznvG4qdFqiQ0LmiRNWO8w_M3dz-2zKsyK0HSeG5FeM6GFTGfJVFqYKPtStFhMLOFkGx-25MOjw0k7GC8mQ&sig=Cg0ArKJSzG4WK861IAE2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=106&cbvp=1&cstd=102&cisv=r20221020.35679&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 310A 106 KB
37 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Origin: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 08:38:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 310A 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqpVDRxaeoZT4QOIF9pBYXEK51hrLOg5kE2CODUS0ltsP6Flf1ZDQb6UutPCHmejtsDiJEOCh1sGKCYfv7QP_ftaSXfg&cry=1&dbm_d=AKAmf-CgBf44dIArZUf1elOvc3am2ss1N0vJS2Zp2W0r8VGN33x2dVwVFaTu39kJ9Sahgg22x_g7scxMouppePLy_oqmOgRCGkxxM5BLYtPKahgwjewvNaNsxsCVeMjKJMKYHr2h1mOVwzeve3LnLqOiK215_8ahIMe7TGgQ1QgpGSzNulmCTDnysHQbiOLubjRyfjiPGMPiTIVj8e1sWLFoskwF0c-_mXFL-227bfJGHbQ6KpMt241-Nc_acvBGgrEPNUjstZgU5HyX4jHFdKcBjZYmafoBpeZHuoqiNcN6-8GFIk4oSIQwufpIs46LhYTn8Z6WstfYLfGq-Bf9HCIMDUKo29_T4JMU8DYOhqpbtYk9W2DRoRfuMz4oAVsvXNxCl-4FhfnGUiVJsNUpMB7X7fU4ngeoH-p2cCR4tpFtsevglcQoVwxk588AIXJg24yey_77hdoApT8DQvIH8qx5rvp7RgL25ytb0fxizMkLvXKoXc3MvNa_2_t2s_qg846vDLAP3_5DnU2B0PdI43Hpmu_nND-4JJN1XRg-hXOcFOh_Z_xxFGkYCJbBT5O7_G75_X7rKYuzsTy52iJR4BUDLE2wDnXqRkdRG28w2YHAnQnfApuHreaRX8jm-cthrVJaD8S862eN-e9d0mQkzoGUnvBlVkrvOXQRP0g6qP1OKzjspwFtOA8DyBUgWrHoas7c9J2S3CJG5VtNNiVuyUduxbTBisf9HCGYiZ7MLT5nv9uShCDa-fDniltU6SzYone3e5nH5jZbKmtVJS6joOHGLm6MfOK6ym8vLuRD7vD_Yx_37SBO9hjIMVdOnH5hWZXZaPZuQLab4Uc5qfnaolZd-XaCdbkKfjKU49GK073PPu9AunmppUo6fYm-q6JmFX-UCQeLQoxg9lt6mBOcfLPThdNzicg4z3usn342qlu9XKYK9yGnqXoFEmhf7Uq4WP5m4674jZF0W5p8ChzJowGntO6ksW55430s0wcqfe8XbEvvhyjRqRcN5yL6_n5eZzDfcMTxxHNGz0uGWW6tJVXS-qo0rDpnC-PPP4jLXpJi3GygbNu7dJic0wLJ_nbKHeaaJ21ZB5zZN51d3gAO1XyvBeoDPspTpkQ7TOWRNMnzDDqilNB0XiWpxBgN4g5lfSW1f35zKjjxBGYhP6EdCmUkcCnC-wD6T3ZaOxepwfZiiuSaMVUA06wTUomumR_8SuRvMt-5bpxpp9TT-xhXi4p86Rl7yWOzNv6EVDVEDimXEoaiq6Ej3L4yBIQ_qGfmYO6DaARmDJGpnWqIYGqA6qiUNTNCLRQ1tvw99gjQQHKa8Tgw0_gDUHXTmZI5dHSACmxs86fzgNJ9DCmvp8k8uZ9pdRcBpp7vlOzA93rQUuqaEb47haQHtT0QlGQreClntHlBeA8xDrFLxFtOXciKblsFcjVimpShB26A4CvmfLvL99_U9uTJzl87Lk5uj7cvdES0XbNGDslo--Gbk3Jeof3PyQrYSuEFQxLqwwt0BdgVMc3FV2Xu9urfJd8gKSF5N4h4QxdUt6L2GgR58YV4CaWohQDGZ4k2znAeUR1cQNkrZD3Gz9l0ylEgZl3w9Ko2lgyHF7WJ-2hZ9FjeZqvAMFBpg29oTbzit7c7sDnlGgXFhH-bBOJnDg3U33cjsWdS_-qSeKRlZUu9mOgN1Qm-LBv89I-6BtBWbXQgsSSupwUHJU5gTM5EtEzj7kDyDdTsxlPWgWcjdVTGAK5vIzdVVu0OpNckXsyKyj8LZ7hwD6DUQB18ujgXn9HVquq29-dDnZ8_HthsEKexfTP6g63wiByK7W93Z9mPEZ0x-yybHp8UvWuejndOp6F-0yZTDSsOhWUq42uRL2gvOsL_k51d8_0-LhMOX2SXxzM1bMuuifVXNMC3XC0rTfQF3IommGlh6Hkl0DnuKlzW7g0M1RQg0mzA9u7ha452Pe7PvA1qrq11yfxyC2ZQer2kqCIIKU_FRsz82l9Yc1fRA5_FbTJEtr6w5MyZlSCpt0ZErt6iOeEv7STN0qoFC-jnkmxq_IrukLYqPNXTA_fjmI4qeErZm65bMiTg0ysToMJJfxf5gtTV4DtNh8hvDGT-r2GepdxTObD27N-XQhWD9QcBx98WPWWesywJOgdozQzpvdAp4xASxoHh5NcwGuaUiCShb1gBjecBT7SWfgT_D8Uez1dYPsklq8hqroUkphyvZlf7Dc7bXgEIat8x7kJk6zZBgw1bgFjtMBCgA2V15JGwDgSL6NyS9_N433ZBdDP61Vn3RCWX1R0eLhDOR6r_kCndGstA9M0vQu7GBHicsob3OP0Y6PHJvzcbRjNi2ATRa9HVk0NMNVpHb5MdxVjNbB_CwfYb5kZofxpksED7Nri1jOjyuuqOPkaQ1Q2XQrOonvbq_ibxrTL8vMklNQPTBhmL6y_FQSnCcIky_Mr5Xha0F31Snkq1hZPKA5zGHxTnG_OwHaXl9kwrJ-YWW2q_ooQFLvELImGBNksfzUqgxxl0EcV-9zhGyRTk4qNAaCgVypEFTuY9NVvUqb8DAvk4RwtyvrFqhVbKt-e36q93WOFYCF0ZsLDjgejf1Wd1HC3CPRO_Wxez1p8frk1KY67KHYUiL9QeXyBBxWq4gcE7zHUPoXyFJUw92jZ-SG3-B7Wlw9GMp_thLogWYhit9ATdwr2ps5vXHWaYDgy_Im35wNAhYO-PAnXghhAv1UouMje5ulHEPfONHvYkd0KNGYyh0JCfGAU3TZST1vqO5oWiaOrGpfBWZrti5ilFTLEkM5RKYnZhJGoUCsWOsUab0BLp0obbf2Guf522Iw3CF9an-HG03IY-5T8oWWt3s80f7OcNrCtim3vYqtMcdf4HF4zGMY8Z5Yxjwtntn4Mx5YKYvIQOWZLonUyzNVyjUBtbhOqM0lUilVEtqpPa050xJiNLi25hfzguoeYiL989ErPZcMxzSAkbWd0Gug7NF4HDqJxVoz03KZcCkymJkbo0CIkMDrh5oqBdkIkmwJobsJhayXRkz2KdhIAM3DPvn9_4YbIQcXOwHVuDXRoVuSLD4v4umGDCUx3OHRB02YaDVzLTaetM-au2GnvnSiojJjMzh2zB-3qD1RnVcwu9rplIM0zFqDwH2Cbpe0dc9V8lRLjKB6O4rwBEYHIFw9TNUFb9mYnulETDjCPO5r_3hsezKMkZGQDclLXcqWjDTjZBKYdNTT2t_itnLxTB1GtRbwe6RLQM9BwvpQzPRYdrnaag1nIC0l_YSI8VH77MiGDxqRMWKf6XCeCxmtQ1cQKfpo60n-vOqdZONdU5eQnf-9g6WRs_52worTErGE4UuoHNgUmoJIeZ8NARORhfZGBPCrCYfd7dl7LlpRU_lR5rFh288ns&cid=CAASJ-RoyPhMcUGO_iGGEz0Ua7kEJzBDaP_PiI0ba17gWtgQ9_dJCVW_NQ&rfl=1%2Chttps%253A%252F%252Fwww.wdfxfox34.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:55:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 310A 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:40 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7700 57 KB
23 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4808050399242289082/MR_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4808050399242289082/MR_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 01:54:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0E51 0
0 45ms
44ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyG9fkrDPmUOhi3oZeYeZtwa1dzmU1rKMJXYVEO7Sb-1wXYQhTSA3yfq3U2GygcMokEjpfVlo0M7iZ4RRapezoN5Hbb4k6tQ9b9d0OBhnjlBezt5DqZgO7nDnJt6cZamqRj2zZj1NU3JkMX5RJh9MPxPVpobK-8h6TyrqDB_ei6P6k5j6bfhIAwOD-KT0lTnLnRnw7DGCb01_aryDoIWBeK_o1bJzoGu8cdCrJeu6YuS4KL5krErXBAhvCAZtGes64-1rGIkCJxivRQtz72v3Nrfct8flMbGVH-X-I8d1-KNVQA-aJoX-MI67SrBitw5PX2H1fczLiF_9uu5T1OHg8ICpxl6THSoVhB0-lLtMpxoV2&sai=AMfl-YSarVLd7EjC_O1F7p8yVcXAi8Kdr98rSYfZQ2x66g_-akjMaWXHh9BW1PiA9dhDIjyg_5p7-iFZxV_1CFxRmTAyIqauh4ozMB_Qp-mG830RhQc3XiT1F9gZBnsZpuSnryPL3w&sig=Cg0ArKJSzKBwivMr2FyOEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 0E51 3 KB
1 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E51 152 KB
46 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:17 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 0E51 8 KB
4 KB 100ms
8ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138400723577&splc=/43459271/loc-desktop/wdfx/web/homepage&adu=21957033208&unit=728x90&btreg=6084843041138400723577&btadsrv=6084843041138400723577&ctx=19955922&cmp=DV451308
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:54:17 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 14:24:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80e87b37ebe6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 6817686048859179149
tpc.googlesyndication.com/simgad/ Frame 0E51 399 KB
399 KB 22ms
20ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6817686048859179149

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8ccda5a81c56c18831f5aa90492d71cdd5bcefe1b31cd24b5034bd95cb7f0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 23:36:07 GMT
x-content-type-options: nosniff
age: 526690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 408465
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 13:44:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Oct 2023 23:36:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0E51 0
0 21ms
19ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJ2UnijX91E2MGLXQIjlbW1BVZp14ir_lEDevZTQXjULCDgDCWQMoZm3QQBkNGe3MY9Yjwd1jqONjGy2Dz8YGHXUKP7w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 0E51 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 026fb0433bda36da5bd8cff595b3038e678cfb223ac88d8e0574fe263842322b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 310A 41 KB
15 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
DATA 200
OK truncated
/ Frame 310A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f80c5a66e08c5cbf80323292dc237ee1f74266629dcb384b6850d2a69573d37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 mr.jpg
s0.2mdn.net/sadbundle/4808050399242289082/MR_300x250/ Frame 7700 31 KB
31 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4808050399242289082/MR_300x250/mr.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4808050399242289082/MR_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e38e70c5bbfbce6252896b6282550de04391bd6341899d4236a7714f9baef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4808050399242289082/MR_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 05:36:31 GMT
x-content-type-options: nosniff
age: 73066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31505
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:16:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 05:36:31 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/ Frame 98EF 6 KB
2 KB 15ms
7ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22947163b9b9ad637680638f412b4f356f77c159281bf9da45afbf07b79f26dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 473615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1926
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 14:20:42 GMT
expires: Fri, 20 Oct 2023 14:20:42 GMT
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 310A 0
27 B 73ms
53ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstezawjre1Beyw8tE9CSW-qrvtN9c89O9XKmx6AHejaBV9qjJ3glp571yXPX3nYbxmb420TFeLJo1b81wONEeH8m-j_4_8vdmDa3s7VF_LqFYmYNjAHeb-wwwKiQ6vpVK3csq5ZcWXQi1OnNKK3p0kTDsVh-L1lhbM9CokpvNdu8rCJbWr0aKsLfe9xB_bDZYwHoNO3wPdo7EAuNvAPmOSyrwGoqBc9aSdXRLXStaY9q66FMYyGVUrKxgvd_pi9sbItHq93-GbnVVWD4DsFTDG0NSucS8xVYT0UdyPEgW1xqVSH8UeTd3tuNHYjThGDl2-1NHArkMqds6B_4WRnp6XqZkmpUUWdlm8ouKLm5quPgXtzRLxy9m7B8ylb0sNy_ZPUg43DyRt0lPK6DaPDh1F3Ja8lt5PHxwCRLcSnXlqCKCI6l0WHIPNXrUmb-DaUVmySTvXZp6fS5Pgk9Y_rZR0hu_G_31dgAZsa3pgHH5vXORatZwO34saXbRdEQ3pWjdtnlVAA4mEUBrSGUQ7COM07Fnn6OMCb38tkh_49IlJ9E3JhV-OtDdv7cQ5IrG9Zt9j81uz3pDnf2evDqD1GwKQKTy1eGOtbjiTO0CutortVca4oQVJrffLCteg5VUpCJnCJxq0jfTNM6xPJN-EKi3UPEIa_7PT5ZEnKkervFzKCGmPX4xJEt-4ROmVjVxISstcYqMo0_7MQoCGeMCXeKpD-8bi_6ez6UehOVEYKhDReLS-3ZCYaXci0JHfNyGdLl0o6nHC2xMazDqyL9gNmFMg6lyQMKhTo8e81OGgbNj9N0huxFj6sfs2OrgcUO2vppWUNjAuaAwNC4Tj6eAbzInPhsAoIdoJYNbJ4pzBIhfLbeZYrnyhaCVjC4UaD_NgEh4ZfaGm8fvtombxurpcKdjCkEHY5a949NUJID5-PO3gw2UBi4wch2YSTBN2ETodvrUOZBZPcM4v1a3kX50w0EIZmwwrdxcLQiLu73qmop1itLxKv4fOAaICwpPHheFzzuN8zs9UfXdPYVLn2mfsKj1mWJOS-DEjDEaLfFEXsnjqgadkLRP0IIMWOorkK-og92LCrYdAuArPu_80N3mAR7H5gJ6Pbw1AYmZ7KeOwXBneWnIrCnz-s8Ro6mVtEJghd4Wzd9hdtSIGgENW8i80mVonB0IeyenCfM-46e6sbcWOIe-4OiYerM84GS-DJN7A8qonusnFtk446_tDzAPMiFq6_1mINGQP8h9ebnr9vuSrxgJEio1TJtZU_f5aVsYTTP0U5FCSVuIqSHsox5u5k60I5LGTJYeYoxN8KE9iniVFeHq0&sai=AMfl-YTdzwBSWSvqXl820u0_8KPuwNFKvV0EOHTnVkveXzt0BESVYY3zDHMQ_DQ0N-9F4_WU6VS-pZwjlJ7FlpAo3TkZ99Jc-3lHexPXVeeN3SjXiyJfmt5wX5daZDIBOsAKo9YDo-1fZVs7xa4OS9OLMYu5aNCMdcL2HgFbOOq98E-Vl89arnSJ8J5l2BuESQs5Mj3gZ5Pfh93S9xoNSWgSoWY_5DeBHlv4BJtN&sig=Cg0ArKJSzO-Vokg9SiF0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=128&cbvp=1&cstd=126&cisv=r20221020.11933&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 01:54:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame A830
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1193850/66084803/skeleton.js?bidurl=https://www.wdfxfox34.com/&adsafe_url=https%3A%2F%2Fwww.wdfxfox34.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.wdfxfox...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

8ms
8ms

Script
application/javascript

2600:9000:214f:9a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 10108399
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: i4kV1zMEasuKT9d1UL5uRTkIB5Ch9OLyS80l3a9SdORn-1Gz6LwgJQ==

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:17 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame B484 91 KB
23 KB 8ms
7ms Script
application/javascript 2600:9000:214f:9a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2974681
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: H2pGojz30RuxovcDhE0Rjae2x1KhA0H205f-itz6aK2_LpIQkl20jA==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2695 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 73958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5521 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wdfxfox34.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:17 GMT
expires: Thu, 26 Oct 2023 01:54:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0E51 0
0 61ms
43ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuBaoB4zGKm8arDWa2KF91TtazV6MDxWV0GxGj3b1zn4oJxJNSgO_L4bo6AOxJHsA393kSS3Te2XyE2ZFxpQAUqCJxjF0LVPZ4v6UbGFNDsZViz9I91sEzxzumcGHZMAJ0mVSPc8fkXoglGEVFpi6tAZUV0JP8lxXHQI-1OpoNd1ECd4vWJ-zB9eqdbps-5jsU0jZ3oJIk2PBxGAPYslf1TiI7LL1T4svufKSjqaGVtiHXxLqcFujPg8roV9VuH7IRXOIIx_I6mF4PMLSX_aKKHgPnBZxpxqy_6fmzqsLd1kVpbcdJBrNz-jQAVxjOo0C2pBzCLvjtEDzsQAbLHgPCqzbR67FV&sai=AMfl-YRKvRnzniwUilOrFPDzPyWHnBjV0Vx2mX7_oR561vhdNd3Z__Nigs-GYmagpB3xFH9dGYUJBQyKBnUZKaorVMTKqs1V6bbLp4HZhP9--EMTv7w3oyJEQm4fqz-cjONm3NuuJg&sig=Cg0ArKJSzMa6XY6b31aJEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:54:18 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 98EF 60 KB
24 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 01:54:18 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/js/ Frame 98EF 2 KB
781 B 8ms
7ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5100861fd6684233f69a0869bc6cdc8890357945fef4efdac9c176748da0af9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 22:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359596
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 752
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 22:01:02 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A830 43 B
215 B 332ms
92ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1193850&asId=6979b58d-6ac2-637f-76c8-5e014fd9271f&tv=%7Bc:s6VoYX,pingTime:-3,time:322,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:236%7D,%7Bpiv:0,vs:o,r:l,t:321%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:322,n:321,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:236,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B99~300.250%5D%7D%7D,%7Bsl:o,t:321,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlky1FT+11%7C12*.1193850-66084803%7C121%7C1221%7C123%7C131%7C132%7C14,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:237%7D&br=c
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A830 43 B
215 B 330ms
93ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1193850&asId=6979b58d-6ac2-637f-76c8-5e014fd9271f&tv=%7Bc:s6VoYY,pingTime:-6,time:323,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:323,n:321,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:236,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B99~300.250%5D%7D%7D,%7Bsl:o,t:321,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlky1FT+11%7C12*.1193850-66084803%7C121%7C1221%7C123%7C131%7C132%7C14,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:237%7D&tpiLookup=ao:www.wdfxfox34.com*&br=c
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A830 0
26 B 46ms
46ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssS2TBGnBap7EswfDJi7eWXijZDnQZ28Inrxq3Bz2qiC5kPGMO-QoAysVMjcN-hkpl79Vu_dnRXWrzDv-XOeJl2SLcbmY3650BLN-2cGS5cpO2wXvftCWp-NtsjZIcWP08x8x3QC2Q7raLxtLpmGnWRCq039ms&sai=AMfl-YTmFDBaAbA2DeHsV-55BPgLQKqPX4U2L0DET4U0bCVP3MkKdTcjznvG4qdFqiQ0LmiRNWO8w_M3dz-2zKsyK0HSeG5FeM6GFTGfJVFqYKPtStFhMLOFkGx-25MOjw0k7GC8mQ&sig=Cg0ArKJSzG4WK861IAE2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=364&vt=11&dtpt=258&dett=3&cstd=102&cisv=r20221020.35679&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements3130.js Show response
cdn.doubleverify.com/ Frame AED7 545 KB
105 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3130.js
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:54:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 11:48:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e9d655d5e6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106973

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A830 43 B
216 B 295ms
92ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1193850&asId=6979b58d-6ac2-637f-76c8-5e014fd9271f&tv=%7Bc:s6VoZy,pingTime:-2,time:359,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:48,bdZ:209,beA:235,beZ:236,mfA:454,cmA:455,inA:456,inZ:460,prA:460,prZ:466,si:472,poA:473,poZ:488,cmZ:488,mfZ:488,loA:559,loZ:561,ltA:594,ltZ:595,mdA:237,mdZ:307%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:236%7D,%7Bpiv:0,vs:o,r:l,t:321%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:359,n:321,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:236,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B99~300.250%5D%7D%7D,%7Bsl:o,t:321,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlky1FT+11%7C12*.1193850-66084803%7C121%7C1221%7C123%7C131%7C132%7C14,idMap:12*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:237,sinceFw:121,readyFired:true%7D&br=c
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 95EA 624 B
297 B 23ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY5v2bvQEwAQ&v=APEucNWdfvXSdrkjDqUYyaN90ZOY4EX2jbKoiqkIZEZ84rntTrVsQppEj6W0NKH-m5AQ6rYFYNXpVc0C0DC_z-qwbD8VQGFLahFsmMk_h_U86bYf49xVGtPFLfuX7yBRL_I4dsSLj2h0FxYZMttK8D0dpjq0ORNhdqY1EfbOTysOdNEt5WU0sbM

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5521 86 KB
35 KB 75ms
71ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5_SiY1Jgw1Bq_TlHghmNoQ_xAgaDWKYfussXalIRPzuecyUKEe_vB_2i1QGutIOax6cNDyujUxDv2kQdPKxJK0_8TKwT9rA4IqiLDE2eocLJgbUEimS-b63vS-y5JEZ_pG5iBpFER1ljhzFWJeQ7ZZUiNdSiCJWZPgjEhortZcSVWsE0&dbm_d=AKAmf-A6b0aysGOv4ewTdL4zuGPcvxhJwYQ0K1jLZ3RtaOofw2PxWBopXEM1v6o3rw8CZJi96TS9MtzoBSk7QKCAaW3o8EmSwNo2_kJaHiCztW4fyi2RjMgWt7GARpZGvTVp5pS_xC3Cgnuh3qQVg0GdW879xu4Vm2A5EHPa3KRC-lNLeizXpErKq_3dM8-NguzFcEEnuPRMKv1JQZqKt1ULUYNskhdI1Pf6Uu8KFCXeC971tf6kq1HwNI1ZhI2j82-b6XonO_o91MpKJm6CrLN0Z6UCetOWg9PiwtluRdsXOar2r28ChRyiJ_iDohCP8gVEK4MryT3ORr4VSDIqPIcPgoxMNbYDtE2itn2Lw_B2hKH4HfKB-S6xEOsfsarajd5DaPHLM8QFlfgiuodG2D-CfdN4rB1RCiN9_4pDySIzO5RHv21VB72_BzpGoj_HzY6TxFKEcb1RefrsxZKBKJthDeggqFvtEJtRoOFwdSenlADYGPGanfHYwvS0o_HNv5PIBbATe7OSIVw6O4OEnkXYB__b9V4E1ZxTUVARtziEkKkElJhxPcrQxkij0pO1wVQSKLs-WJFkB7wS9L4gJhYvV38nI0NzN7TeHFnKzIPtIva9UEkNDf5u6RqsRoKXqD7gWyWX4pN4omrcxUatZu_u4HDw-RZmDgpbmwHOVvGNrTYYmV2RIz9OGVXR1ZaZRhcEYGWmQ8cb4zX1gc5dk1BS8iTxV-Vgz7LAvGNYhhXRvD7EDWyOm_tDw_z0znTaB6DkorQ4ymADPe1yLB5FT9QfCUdqFBGPh0uBjrROTuf6N5AaDFddsm9lkK_8P1diE-60sKFupg62m3DSXK-kV4BP0lUvxy9fYpJgKDkIa2dmuAaZpC15HS8n_EGIjCfjU1pHSsFcQ0NLaONK3Ag888d34L9ER2rEWTshiR1YKywmAh84Clu68GjCCypj900P9BiijAiW7E1NwtonmN3vf_Tj-EIROPPd-o0iJv2NQS-oMXvHQ_7tIsBWycSYiNDSRBwl1zPVn1vLamMtGpSjrp3DADKvXkssGaAQ7LpLjtGfSPOPsHMbPAcy_oSssrwdObXkf8maPmSD7Oe1hBPitWHIO7uhJ_hJ2tP-_CPxijcGuQtaAVNyoksmZ6yWKUKZlAU3JAOR-sHP2rKEz7Z86ziOhAkI3rQ0T8WLIzX9XemHdRmBNs4OwND3YD45gS5jy5PzSaCLKvn3uJzNEkZDL8n8oyws_e44_ZAQpeSGTjj8GhSaqsCgHH8S1kWNHS5OyYnaIUc-oWZ62bv_1S36qS-gMc5Ep6Qf2LcGcUy-a6aU2hSMLnL8u3SdTzgxtzNRccuvf1QmvSA7FGi87JjyKsLm-kxHzggpEllcd-KYMswh562ZYapWJ-mMxuvzWxXphx7fXf2nnCmM4J0hrGC4xK4HmEBAspnBqt_p84SL5J-m5SJCF7bUw6NXrF5EUm8tvK5kp1W3NxDWTfPzIypb1YU8mEp8d6eTe-BhuePhrsf2bjm5QVoYubYtIg3ko8cElGiLB8SQgXm6cm7YjroEFUbWWPPGZBHGlhxtkX89wAtLP9tihKNn-jftybtATCFxEGyiZ2t0PvnAJt04MitsZIV84t3rOb19yxAHzcCAx6XNmXpD3htO9wp8yTmZ0sj6GYzOJgWlTXBJ5bvxTU343qG3_-JMn0JIpS7LbAAPqVPwwXvb8Qo98OBl39XJKgXG6nUSZWlHgFAI6KnMyvMks6jiGssu2N6IM9wJNTeKjQUSLdmAAS2hFZkRuzyBEONDfb69gAWBp9eVnxtrCUnBMTU3qwpmZSCv5uKkqeJrwpRWUIef-9Jrs9bt4xguCmthJhKqewvytf8jbwy2l25l_nWgfWZC5I9UWV-L7KCG9HknBfjHiFyYjkr0dy-y_OikYoR8UfrNpz6Wxg4WugVUSjPF7oADE0xZbxv9huFWkrrac3ETIZwLU0nUMKM1fCj8HOP_wWXJUPC90eDgvwhWIeKNWs3tZdCXHV2HV7EqGfXTuL_K3w3uxx_FRYJklXrfoOgbhPMaewjITuVk02r98mkNX98rb94HhZWPx2YKtrh_GqU99jrkdzuxeSrrS7ZE1Ut8pVwszk2pJ0xYwh0NmMKmdxrLg7-sHAjaz-ikDNOO1y3hV3BNtcCezZysbPm0cp4DpF3RiZX8RLirBia4iMnmrEVgrftTdrW7ZhvttExnFOsw3qABkCJWe7WrArxgvChRUCZUThwjduj5sWG34BKcQsJEdVHuGep2Y_K0wDbhFJPa2UuhbXMdmEewhF0waJpEyHbgL2_Xo3nW99MCY-zudIJ9vtadlEbsGjaIJdekobPviLZ_JC4mKAYYz0jfU3-y0s1KYxLzZLheEUXZe_QtTqhlrpQBckw2PWPfyFAFk1sAsc9qYYtPBM-slO2BlrvsYEKlAci4PSavNtm-O6IEqruzWwKBTDQMXl77XQGiuG4DSHn9Ryn34VYpj0MmKY2luvpTo9f8AeqOBs93kyGsI1TMV4LtdZWrg0tSoFZiEZJQnylPse-Axi_zJWtB1BpEr0ihQHHcKqS8jO-IEi3JPAD0UPJLzmgYlVnGDHRQG7Mhk_njvgvkD8EjWV0ibBPNR9XRwhoX-3XZw9MYu9NY3cWvPMjVHNcNLQExxXgBAh4FupigG0bXHwHPF1THGzCI3op34JHm76LDImAPYPm1dNAt0jIbkBiwqEmDXqM6UknIPS_vwEOk0WpLo8EuermeYzRmqYaeT6nCzlYyJo_e1O0qvno7pINkjKtgADbQ79IckBZlNQkUc-d7aA8v_5aLYx0-wDzPnnvGFuXl7UaC7T8mD1AuM2TECuffSc2VGKQ_0lSGF-PfDJjUhv6W1-2r0xH3xTKEb9_dTKeth81GJe48HJVcIIJNMNlCI454FRt8LNcv7sgp5ZcVcFEd0TicT41CbWXFd0xBgLMfrjPi-XPkTWuoctS-89_BB-SywnKjp9J4YHAj33sXpmQHHXzlSQlh0tv6QuAaKnzdE-wg4CgUNXvuvyRokE9UZyt1wUooXBdJK8HX3AfIojDfutUisDMq5vBHidWSFSjZB-VUaO0Rk-6NYEnRNaBCplIgQaEKuFvsQI5NJdUR5AuOn3drCmP5LEL2qfbSadqIckvZ2_IUbO4t6aYME5k82JQa0GINaIYjx58a_Yc8eTlwbDmGyXIZAUUTP5x6uVr7HZguGRLfPEA7VDF619unm7xCrfDQM3-Gg4f59tuK8Vk2jKSTOXazaNzSH8E6EgtOAcDkfClcRTDcWA&cid=CAASJeRoH_CE77HTdPBzst8ID-qUqTeL7QTTj62OipKdX8ZmyFB7TGg&rfl=1%2Chttps%253A%252F%252Fwww.wdfxfox34.com%252F%240

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc816dcbd0d2dc5933a188c0f874ef3698faf2055b31257a60d674ff3094f289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35732
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5521 42 B
63 B 44ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGB2xoBlUKg_LqEhWY4XAIEHSvMutJJDHLjf12vBR3eBJPzq84rfLgmYGrC_SSAgk9h61KkaI6D27dFpEMwb9DY-friXU3rUWQUVmi7_vufglKvqE

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 5521 47 KB
13 KB 36ms
32ms Script
application/javascript 34.247.139.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=18513647035&pubId=1&placementId=396820198&adsafe_par&bundleId=&dealId=&bidurl=https://www.wdfxfox34.com/
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.139.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-139-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 166f9bd5d8c93bdfc91002d46927dc2b45fb013ce0ae5fcc09eef85bb52631b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 5521 3 KB
1 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 5521 17 KB
7 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5521 0
0 20ms
17ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRK2TKpJxCVNll3yiNhSm1mlWI5zyP3gFeHtMIsVu2OpcALbSD8tap9_qiOZpCQPzlNkri_D6h1aix_zlrCiIZOuO_9tA
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5521 152 KB
46 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:18 GMT

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2695 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 09:38:27 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 95EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHzt_MTC0HW17bU7VDwvws&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHzt_MTC0HW17bU7VDwvws&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY5v2bvQEwAQ&v=APEucNWdfvXSdrkjDqUYyaN90ZOY4EX2jbKoiqkIZEZ84rntTrVsQppEj6W0NKH-m5AQ6rYFYNXpVc0C0DC_z-qwbD8VQGFLahFsmMk_h_U86bYf49xVGtPFLfuX7yBRL_I4dsSLj2h0FxYZMttK8D0dpjq0ORNhdqY1EfbOTysOdNEt5WU0sbM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHzt_MTC0HW17bU7VDwvws&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 95EA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iTSTW6X7d1S7Aj-fJ.ewAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHzt_MTC0HW17bU7VDwvws&google_cver=1&google_hm=2

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHzt_MTC0HW17bU7VDwvws&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY5v2bvQEwAQ&v=APEucNWdfvXSdrkjDqUYyaN90ZOY4EX2jbKoiqkIZEZ84rntTrVsQppEj6W0NKH-m5AQ6rYFYNXpVc0C0DC_z-qwbD8VQGFLahFsmMk_h_U86bYf49xVGtPFLfuX7yBRL_I4dsSLj2h0FxYZMttK8D0dpjq0ORNhdqY1EfbOTysOdNEt5WU0sbM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHzt_MTC0HW17bU7VDwvws&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 95EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGFrUHYg5HJ4eeFPQvZjOrg&google_cver=1

43 B
1010 B

15ms
14ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGFrUHYg5HJ4eeFPQvZjOrg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY5v2bvQEwAQ&v=APEucNWdfvXSdrkjDqUYyaN90ZOY4EX2jbKoiqkIZEZ84rntTrVsQppEj6W0NKH-m5AQ6rYFYNXpVc0C0DC_z-qwbD8VQGFLahFsmMk_h_U86bYf49xVGtPFLfuX7yBRL_I4dsSLj2h0FxYZMttK8D0dpjq0ORNhdqY1EfbOTysOdNEt5WU0sbM

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:18 GMT
AN-X-Request-Uuid: 8f50d8db-128a-40e0-b936-c33d2e872ba6
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGFrUHYg5HJ4eeFPQvZjOrg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95EA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D

170 B
188 B

21ms
20ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:18 GMT
AN-X-Request-Uuid: a714f850-4271-4ec7-b29c-9fa79d0fa755
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTkxODM4ODQ5NDYxMjcxNg%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 310A 0
26 B 45ms
45ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstezawjre1Beyw8tE9CSW-qrvtN9c89O9XKmx6AHejaBV9qjJ3glp571yXPX3nYbxmb420TFeLJo1b81wONEeH8m-j_4_8vdmDa3s7VF_LqFYmYNjAHeb-wwwKiQ6vpVK3csq5ZcWXQi1OnNKK3p0kTDsVh-L1lhbM9CokpvNdu8rCJbWr0aKsLfe9xB_bDZYwHoNO3wPdo7EAuNvAPmOSyrwGoqBc9aSdXRLXStaY9q66FMYyGVUrKxgvd_pi9sbItHq93-GbnVVWD4DsFTDG0NSucS8xVYT0UdyPEgW1xqVSH8UeTd3tuNHYjThGDl2-1NHArkMqds6B_4WRnp6XqZkmpUUWdlm8ouKLm5quPgXtzRLxy9m7B8ylb0sNy_ZPUg43DyRt0lPK6DaPDh1F3Ja8lt5PHxwCRLcSnXlqCKCI6l0WHIPNXrUmb-DaUVmySTvXZp6fS5Pgk9Y_rZR0hu_G_31dgAZsa3pgHH5vXORatZwO34saXbRdEQ3pWjdtnlVAA4mEUBrSGUQ7COM07Fnn6OMCb38tkh_49IlJ9E3JhV-OtDdv7cQ5IrG9Zt9j81uz3pDnf2evDqD1GwKQKTy1eGOtbjiTO0CutortVca4oQVJrffLCteg5VUpCJnCJxq0jfTNM6xPJN-EKi3UPEIa_7PT5ZEnKkervFzKCGmPX4xJEt-4ROmVjVxISstcYqMo0_7MQoCGeMCXeKpD-8bi_6ez6UehOVEYKhDReLS-3ZCYaXci0JHfNyGdLl0o6nHC2xMazDqyL9gNmFMg6lyQMKhTo8e81OGgbNj9N0huxFj6sfs2OrgcUO2vppWUNjAuaAwNC4Tj6eAbzInPhsAoIdoJYNbJ4pzBIhfLbeZYrnyhaCVjC4UaD_NgEh4ZfaGm8fvtombxurpcKdjCkEHY5a949NUJID5-PO3gw2UBi4wch2YSTBN2ETodvrUOZBZPcM4v1a3kX50w0EIZmwwrdxcLQiLu73qmop1itLxKv4fOAaICwpPHheFzzuN8zs9UfXdPYVLn2mfsKj1mWJOS-DEjDEaLfFEXsnjqgadkLRP0IIMWOorkK-og92LCrYdAuArPu_80N3mAR7H5gJ6Pbw1AYmZ7KeOwXBneWnIrCnz-s8Ro6mVtEJghd4Wzd9hdtSIGgENW8i80mVonB0IeyenCfM-46e6sbcWOIe-4OiYerM84GS-DJN7A8qonusnFtk446_tDzAPMiFq6_1mINGQP8h9ebnr9vuSrxgJEio1TJtZU_f5aVsYTTP0U5FCSVuIqSHsox5u5k60I5LGTJYeYoxN8KE9iniVFeHq0&sai=AMfl-YTdzwBSWSvqXl820u0_8KPuwNFKvV0EOHTnVkveXzt0BESVYY3zDHMQ_DQ0N-9F4_WU6VS-pZwjlJ7FlpAo3TkZ99Jc-3lHexPXVeeN3SjXiyJfmt5wX5daZDIBOsAKo9YDo-1fZVs7xa4OS9OLMYu5aNCMdcL2HgFbOOq98E-Vl89arnSJ8J5l2BuESQs5Mj3gZ5Pfh93S9xoNSWgSoWY_5DeBHlv4BJtN&sig=Cg0ArKJSzO-Vokg9SiF0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=354&vt=11&dtpt=226&dett=3&cstd=126&cisv=r20221020.11933&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 txt1@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 98EF 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt1@2x.png

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4468223874313a873a77cc4df05012c88768cba0c577f9962e162bbf014d7e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 14:17:12 GMT
x-content-type-options: nosniff
age: 473826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2563
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 14:17:12 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 98EF 2 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/logo.svg

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 14:20:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473618
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 14:20:40 GMT

GET
H3 200 bg1@2x.jpg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 98EF 33 KB
33 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/bg1@2x.jpg

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e722aa73c0477c0c2bcd367c93dfdf7338e70e62b9e6acc4ed1cdd804e61108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 14:17:12 GMT
x-content-type-options: nosniff
age: 473826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33919
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 14:17:12 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame AED7 694 B
700 B 207ms
12ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=97&ttfrms=24&brid=3&brver=106.0.5249.119&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH57I7%40Ibc%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH57I7%40Ibc%5D4%40%3ETar9EEADTbpTauTauHHH%5DH57I7%40Ibc%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=11&ddur=104&uid=1666749258182306&jsCallback=dvCallback_1666749258182451&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.wdfxfox34.com%2F&fwc=0&fcl=443&flt=1&fec=925&fcifrms=5&brh=2&sdf=2&dvp_epl=154&noc=4&nav_pltfrm=Win32&ctx=19955922&cmp=DV451308&btreg=6084843041138400723577&btadsrv=6084843041138400723577&adsrv=104&unit=728x90&seltag=1&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138400723577&splc=/43459271/loc-desktop/wdfx/web/homepage&adu=21957033208&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=7294792919.325279&dvp_tukv=563329684734.5745&dvp_uuid=256939850857.4875&dvp_tuid=10331838208
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: a760eac775225e6c4455d998c1e7b48e048c509ada10e4b52edc8e9e5b052e48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:18 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/25/2022 01:54:18

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_whirs&c=sf&s=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B7D9 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wdfxfox34.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:17 GMT
expires: Thu, 26 Oct 2023 01:54:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5521 170 KB
59 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Origin: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55899
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 10:22:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 5521 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5_SiY1Jgw1Bq_TlHghmNoQ_xAgaDWKYfussXalIRPzuecyUKEe_vB_2i1QGutIOax6cNDyujUxDv2kQdPKxJK0_8TKwT9rA4IqiLDE2eocLJgbUEimS-b63vS-y5JEZ_pG5iBpFER1ljhzFWJeQ7ZZUiNdSiCJWZPgjEhortZcSVWsE0&dbm_d=AKAmf-A6b0aysGOv4ewTdL4zuGPcvxhJwYQ0K1jLZ3RtaOofw2PxWBopXEM1v6o3rw8CZJi96TS9MtzoBSk7QKCAaW3o8EmSwNo2_kJaHiCztW4fyi2RjMgWt7GARpZGvTVp5pS_xC3Cgnuh3qQVg0GdW879xu4Vm2A5EHPa3KRC-lNLeizXpErKq_3dM8-NguzFcEEnuPRMKv1JQZqKt1ULUYNskhdI1Pf6Uu8KFCXeC971tf6kq1HwNI1ZhI2j82-b6XonO_o91MpKJm6CrLN0Z6UCetOWg9PiwtluRdsXOar2r28ChRyiJ_iDohCP8gVEK4MryT3ORr4VSDIqPIcPgoxMNbYDtE2itn2Lw_B2hKH4HfKB-S6xEOsfsarajd5DaPHLM8QFlfgiuodG2D-CfdN4rB1RCiN9_4pDySIzO5RHv21VB72_BzpGoj_HzY6TxFKEcb1RefrsxZKBKJthDeggqFvtEJtRoOFwdSenlADYGPGanfHYwvS0o_HNv5PIBbATe7OSIVw6O4OEnkXYB__b9V4E1ZxTUVARtziEkKkElJhxPcrQxkij0pO1wVQSKLs-WJFkB7wS9L4gJhYvV38nI0NzN7TeHFnKzIPtIva9UEkNDf5u6RqsRoKXqD7gWyWX4pN4omrcxUatZu_u4HDw-RZmDgpbmwHOVvGNrTYYmV2RIz9OGVXR1ZaZRhcEYGWmQ8cb4zX1gc5dk1BS8iTxV-Vgz7LAvGNYhhXRvD7EDWyOm_tDw_z0znTaB6DkorQ4ymADPe1yLB5FT9QfCUdqFBGPh0uBjrROTuf6N5AaDFddsm9lkK_8P1diE-60sKFupg62m3DSXK-kV4BP0lUvxy9fYpJgKDkIa2dmuAaZpC15HS8n_EGIjCfjU1pHSsFcQ0NLaONK3Ag888d34L9ER2rEWTshiR1YKywmAh84Clu68GjCCypj900P9BiijAiW7E1NwtonmN3vf_Tj-EIROPPd-o0iJv2NQS-oMXvHQ_7tIsBWycSYiNDSRBwl1zPVn1vLamMtGpSjrp3DADKvXkssGaAQ7LpLjtGfSPOPsHMbPAcy_oSssrwdObXkf8maPmSD7Oe1hBPitWHIO7uhJ_hJ2tP-_CPxijcGuQtaAVNyoksmZ6yWKUKZlAU3JAOR-sHP2rKEz7Z86ziOhAkI3rQ0T8WLIzX9XemHdRmBNs4OwND3YD45gS5jy5PzSaCLKvn3uJzNEkZDL8n8oyws_e44_ZAQpeSGTjj8GhSaqsCgHH8S1kWNHS5OyYnaIUc-oWZ62bv_1S36qS-gMc5Ep6Qf2LcGcUy-a6aU2hSMLnL8u3SdTzgxtzNRccuvf1QmvSA7FGi87JjyKsLm-kxHzggpEllcd-KYMswh562ZYapWJ-mMxuvzWxXphx7fXf2nnCmM4J0hrGC4xK4HmEBAspnBqt_p84SL5J-m5SJCF7bUw6NXrF5EUm8tvK5kp1W3NxDWTfPzIypb1YU8mEp8d6eTe-BhuePhrsf2bjm5QVoYubYtIg3ko8cElGiLB8SQgXm6cm7YjroEFUbWWPPGZBHGlhxtkX89wAtLP9tihKNn-jftybtATCFxEGyiZ2t0PvnAJt04MitsZIV84t3rOb19yxAHzcCAx6XNmXpD3htO9wp8yTmZ0sj6GYzOJgWlTXBJ5bvxTU343qG3_-JMn0JIpS7LbAAPqVPwwXvb8Qo98OBl39XJKgXG6nUSZWlHgFAI6KnMyvMks6jiGssu2N6IM9wJNTeKjQUSLdmAAS2hFZkRuzyBEONDfb69gAWBp9eVnxtrCUnBMTU3qwpmZSCv5uKkqeJrwpRWUIef-9Jrs9bt4xguCmthJhKqewvytf8jbwy2l25l_nWgfWZC5I9UWV-L7KCG9HknBfjHiFyYjkr0dy-y_OikYoR8UfrNpz6Wxg4WugVUSjPF7oADE0xZbxv9huFWkrrac3ETIZwLU0nUMKM1fCj8HOP_wWXJUPC90eDgvwhWIeKNWs3tZdCXHV2HV7EqGfXTuL_K3w3uxx_FRYJklXrfoOgbhPMaewjITuVk02r98mkNX98rb94HhZWPx2YKtrh_GqU99jrkdzuxeSrrS7ZE1Ut8pVwszk2pJ0xYwh0NmMKmdxrLg7-sHAjaz-ikDNOO1y3hV3BNtcCezZysbPm0cp4DpF3RiZX8RLirBia4iMnmrEVgrftTdrW7ZhvttExnFOsw3qABkCJWe7WrArxgvChRUCZUThwjduj5sWG34BKcQsJEdVHuGep2Y_K0wDbhFJPa2UuhbXMdmEewhF0waJpEyHbgL2_Xo3nW99MCY-zudIJ9vtadlEbsGjaIJdekobPviLZ_JC4mKAYYz0jfU3-y0s1KYxLzZLheEUXZe_QtTqhlrpQBckw2PWPfyFAFk1sAsc9qYYtPBM-slO2BlrvsYEKlAci4PSavNtm-O6IEqruzWwKBTDQMXl77XQGiuG4DSHn9Ryn34VYpj0MmKY2luvpTo9f8AeqOBs93kyGsI1TMV4LtdZWrg0tSoFZiEZJQnylPse-Axi_zJWtB1BpEr0ihQHHcKqS8jO-IEi3JPAD0UPJLzmgYlVnGDHRQG7Mhk_njvgvkD8EjWV0ibBPNR9XRwhoX-3XZw9MYu9NY3cWvPMjVHNcNLQExxXgBAh4FupigG0bXHwHPF1THGzCI3op34JHm76LDImAPYPm1dNAt0jIbkBiwqEmDXqM6UknIPS_vwEOk0WpLo8EuermeYzRmqYaeT6nCzlYyJo_e1O0qvno7pINkjKtgADbQ79IckBZlNQkUc-d7aA8v_5aLYx0-wDzPnnvGFuXl7UaC7T8mD1AuM2TECuffSc2VGKQ_0lSGF-PfDJjUhv6W1-2r0xH3xTKEb9_dTKeth81GJe48HJVcIIJNMNlCI454FRt8LNcv7sgp5ZcVcFEd0TicT41CbWXFd0xBgLMfrjPi-XPkTWuoctS-89_BB-SywnKjp9J4YHAj33sXpmQHHXzlSQlh0tv6QuAaKnzdE-wg4CgUNXvuvyRokE9UZyt1wUooXBdJK8HX3AfIojDfutUisDMq5vBHidWSFSjZB-VUaO0Rk-6NYEnRNaBCplIgQaEKuFvsQI5NJdUR5AuOn3drCmP5LEL2qfbSadqIckvZ2_IUbO4t6aYME5k82JQa0GINaIYjx58a_Yc8eTlwbDmGyXIZAUUTP5x6uVr7HZguGRLfPEA7VDF619unm7xCrfDQM3-Gg4f59tuK8Vk2jKSTOXazaNzSH8E6EgtOAcDkfClcRTDcWA&cid=CAASJeRoH_CE77HTdPBzst8ID-qUqTeL7QTTj62OipKdX8ZmyFB7TGg&rfl=1%2Chttps%253A%252F%252Fwww.wdfxfox34.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:55:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 5521 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1844615067968735&vrg=2022102001&nw_id=43459271%5C%2C22676109897&nslots=6&eid=31070233%2C44777188%2C676982961%2C31069564&pub_url=https%3A%2F%2Fwww.wdfxfox34.com%2F&qid=COfsrevk_PoCFdSQ_QcdBhIBmQ&iu=%2F43459271%2C22676109897%2Floc-desktop%2Fwdfx%2Fweb%2Fhomepage&e=512&ret=728x90&req=970x90%7C728x90&bm=0&efh=1&stk=0&ifi=6

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AC6 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDqsTSZNYY-7JI-KZlQeLkIKoAgAAAAA4AeAEAg&bg=!e3ileDzNAAaaxvStusY7ACkAdvg8WrYUiiJXoBC6DVLrkgZV-eqSbvFb9TEEE-S8p90kLXT6dNPuxwIAAAGCUgAAAANoAQeZAvXOpJUEzN-__WKFaN4hiZo8tcX3KLosOzP4DTkWJoU2s3lBWCkGO6p1jqHrmTB6lB5mVkTAhfk6Ip3Ixm5PIPkxae-4kAr1YG4PDXU_kBG6N6HGmUevgGyrp51lUuGOWXeFG6TVDhL7dHAd28JwmB8rJk0jNVK1P3fE_v_oNMlUcvp_6I0GPOksBdyzPkUjC5XPhL19CN91dDLO5sg3spVTKKeIYba4owqJP5ESgvJRKjYaXG5ddK6ZpSKSu0cFBpfK4lImT5qiy5hXpd6pou1NE-qXv87sqQ9GzR5faFQ6EGCKewPq72wvf5odi9WDMVC6kEgx2SP8QmWjrGP0d5aeTcXDS8o208ivEN8MixSj0cDkczelsGkjz6BucEeYBjuFPIYZRKRB9gJdQSwfWVwZ-6wxUDkYBSfYq7WOjj0_bQ5jdGg69cG0VWxuf3yFWHhQl6AuRjKZk6SvbAsNPBD6oPQ_-ucM8A6uLYOzBKsPZlE9w8VtNH09BFvv8nCruHXHMx9dpX7S0PYSm7Mdt5IPzT7hkEZcQjciXqjgnUhvIY9KIYpCmD5ZQ9H9rNSCF6z2rA_2M25uRd88_w1f9HKqMKDTjtsT5Hpg2oEVMnFiCWAZNnPEV-konirOxVijwOIsGuoK-he9aNAj_3h3MWdm0ynOjDs0l3LGWz-2-BRFcUkPDMYq0CgRO2_xlLoZjqv53oImZKgrpAACoWuofziy0lXSTIBKZEu5y-kWRj9GjS5COdanPpn19GprwA50z87YRDzWMX2_TbDgBheY--ky2Gocy95Izg4XAYmKGOPR8XgY-A6M-QhCRe44AZwGeCZDpqBk7tO3LbV9dBcfrKSgY5YjstRsBlLPAlJ_lLuJ_BPkSAMn5qYlofHkbBQpcKyYS5qc7zT93Qj4gpBbaniqHoShM8ekTZ9JoZkQRrLrtLE6SLSYd0fTD5vFB84Oy5W_hIO3AdTH5tt_ZT1GFsyHI-ALMewdP-TwHRJqoImWJ2732Lgd

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DA2C 640 B
318 B 21ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNXd6XAloI0hhqeOw2IvePZneD7lZAK7wpkcnDgnsg3w9D0Py3txfTf8W7UPrUtt7dsm7NXlV-EPfg_Sk23A_8HJSO5OMjjHvxvwZ7rR9hp6zcEtSLjaC2kHRfNt6EbaCywF6VHPEYvOP7jHiLvhNbJaXBsTn6f76oYyexDvJc0JXDdiqsI

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:18 GMT
expires: Wed, 26 Oct 2022 01:54:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame B7D9 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 17:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 17:55:58 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame B7D9 6 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:59:26 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B7D9 0
27 B 53ms
53ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGjycQ6gK8nlfdzS61oglit5hOwVUYLgWalJ0otEWq6A0gxJommndIZv2QbCUZXpg_4UzGKp93okB9avgu9TlL2ehLVZpFnhjm2J_jm65MfD26kFQl4l2p5dIpDd4qOBzLIJQuSJubzPCpwvb-nkb-xfzBLDLIIeqREuoIxGiFo0qZXqR5TB5tAfipubg-5RPdA0WqjlvOc4jg_0K0H09H5jgUlTmxrfLCBBbbnCNab3b9ErVX6tdreaCFxyx5el3fZ56Dd4w5LfH6PRF5rNQr-i63HHFCG60HKmNYO0ziPVKxB6k2kc8PHB-H070Eeiy0-XVFsA3vn16U4JNuV-t2QrteFNoYp7y8RKuEZLDoJVAJQxfstcRGOatDrsQo7PiqK0k0QH80-bp2kVscxg8pAdSEYRtPP48GtuebMf4fPXCM729j-6UOFF5LLYmIWZXu_e5JcIDRgsVfHPwzxj4ivN1ShHE_7Od4RAW1WGpj1Jjg04DclFF0HnE5WbF-0W_SdzkxGRfm8Eg7jB8Onomo5Kp_2VTdaTIcPbvJaUnpm3CXOMh4I6PdSDlWWieOtCPQWSxV7F9ujVu5PzefWE4PT8jfojtORiv1KTryI0IrbdvLVYQtkh4oN2ej_ytE6gWX7Ra2mfaXEbv06uDXOhMczvATileHLa0fGXofu-kbFfSfCtDVASgPzxdFSDDzyoFoJDwvU2DWSNbg83VLrdey_LHw-0gh7kfIjf_q4D2k-YFFV-fu7i_USMl2KEpqMxXYyWg0lDrpg9fOGv7Rq8CM1WPVrLjXLQUkQZ8vhfhuxFT-3Exzg_zttDADbKC4uIVaX7MocYJBKnfF5ij0ga5osEZkwMrPRkYqcqSIXIMKkvDprzfZNKHC38vXyfBEFB1JahLzp4p6s-aFlgPiQrFbWxdP1Q3CeBG8IqH0PcxvSxpasjdwA1OM6W3QXfqHFeKViVo2bsWOQMCjMk4k0fvR1KhG6FJuvJFZFMrq5BYgRlwVeK7SkfG-m9vqmHOQZeaakKLuKqcZf0b0kW8FimoGqB1u8PPKCMc0pYMUujH_nNhsz45531qN17MUpc0hL_e0EC4_DpRN2smD7Vrano5ycM9y64y7qihCHAR-xqIItjZ3IJmBqpNQyGOK8X140l3HQZ3QI3E96YjLfJnQv9FIc-oR3kPyZ7NbBz5XFASnaPo2aVam4vCFIYbWk8R_Ue-nurbQyuVTXKpX3MNYfbpbcPXJjq48PXuN3aOqxBDfWlnUcYM233DTZkJjPgwAbu6R8Ftwhg&sai=AMfl-YRkNB7A9mlYka7xQAoGjeNhKBu_aL4sMskeG23sKYLqwGaEsCv2BBuY8dxzbWof_ypX6pksnh74t2Tjhgl75SGa4vayJ3AVEVoGm9OX6cZe2-n3fNUiAxXq3TU2fa1vIYXdYgpXf8Hz5UKFCoeYYCKt4kR5tcxlXRRMzbZbioXZFPRjptStOGpqScywVHwERYWxQAgap5F84OmZDCaeQ09t4aUPizk-XgJ6cKCrJmLZr5wd3XB6QX4KzBEY6aa-SzjethxEGi7nz1gVa4_IY2W0vnV6DGwvTUjC7pz5lURJz8zbE20Vgub_Cw9-QY2m2QNLL_jQJCaPfNIFr5-PEm3aBEb-cPVao_dm_lGg3EGgMgBvkzE-rkXbnGhqULqWcE5zKIFkxAzJoqSW4cjeNFt-UrO5wDBl&sig=Cg0ArKJSzH6ELa11nx12EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221020.41538&adurl=

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B7D9 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7D9 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DOnb94ZP94OuyhqcIW4zmi7lqJGgD0l_nEiYrCJVMNwDkY-F74EuJjZyyFMJxVH1nVcPQTPOCloMISQkKpGsWpeXP4lUGh8IFP3j_BbkK7IF_6J7U

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame B7D9 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame B7D9 17 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B7D9 0
0 18ms
17ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRTyTSvFiRbXws1ceew9OIK3T-u55d05vYwSml_geVCsyfGI4TFvjtrwq9YIePEB8gkODppKaU3icehWMEatxBg-TFqtA
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7D9 152 KB
46 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:18 GMT

GET
H3 200 10339273490624487321
s0.2mdn.net/simgad/ Frame B7D9 40 KB
40 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10339273490624487321

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1aa5c86352e48d6415ab98b5bfc01024bd68462615cc0793d90aba2e07533ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 07:39:54 GMT
x-content-type-options: nosniff
age: 152064
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40685
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 12:38:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 07:39:54 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3968893158595306590/ Frame B833 1 KB
620 B 15ms
15ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60bb66a4066547ae8ab6db3ca66053088fd5b5215d6ced7acfe2bac1842b6327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 592
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:18 GMT
expires: Thu, 26 Oct 2023 01:54:18 GMT
last-modified: Mon, 25 Apr 2022 12:26:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5521 0
27 B 52ms
52ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvs9gRPy-B3NrEEomez30tf1Oke77R5lkGh7XneG8xu40AtBtQxCKvamElkdwXG3CgRvmGQY5ZccIW-QrZLnzcRBnqQRZGq6DqFItSTkrKf2rNwRT_jc2si4PA9Ho0ZHjD_jDA6s80oUEQOUuDa4uso6Ui1bZszS6BO8m-ZGyBspjvkMy2Gu-gwzGCjOfg8F_Mq9EJJHXsT2PDqK6zQXlpd7JjoednKq104MMwAQvSl2-bcJzWBGCaoegnABKJWFwcpm1ZYWHnovAdLMKK6o5dEYHYfJl_dd3O2543pQFTQKdraS44nnAQX_9brUpFeOBbOgIhRujgXhH2P10uOyIlTQ9CTmM0qdccqwY0UCZ4jfPwhi_Cbps35KdWfG4Y2ClvRG2lbFOJUgVzpdtE3dcokNqlF-R30CDEZRXFXEZ5j1a1ewJJHzmF_176YITZy14P9CCRTfXRvJEgLqD4lAeFEahDWL7SbaHqZ9uwJUeWv7frjnpUR3IPcK03BN6dXlBi_xhfGdkWIa0StYzF1412i81pikCmvLSDWIwAfmzwMzP6nC2LUgoFWb_Ofgg3iRDWgVrxgDZRT2kCmYUHgyQba_n8IdNliuX5y1kSju1ys066-jcdtHzJowJ0t3UgeLweLti91Pyp7-aO5xnV9sVyEga5G4YXsvBPibOwYsFCOqgHNSuGt7NEABuhKScCOfEN_mtspiWc6rj3yvhe4CFzYUq-DXtuCYrTYF7XArR9TCLwT0tcqOP4ucAA-fhGtC8i-geaeReGyioyIqlPLUQhbDrXWUO127dm-pEgF50c-9xzuzeL1vfu5xA30WjvKCycf0cxMdYGt_oDgdxu2D0knS7HKbiPoMglt3TGy7HunuOd38FwF-CcQXbRJho8GrJiCcLJciyu3a6DiKDLiu61pdaLic4vm3Nr6AGh9xTSDYPwVNjUbvMLdchD6QT0muhfRcD7TjTIwSEmX56_ghaUfLr1qc6XwHLqPS0sMapEzFZ8c6NHgHKjDlOw54aGUzg_ElqacA8XO80JK_zuuPSqBAkCDS-eouB0aUejrZYc7T-hOidJ4GlohKL-sFLY0bSt_YuzCoMuVFOUUbUuAu8mMV_vOVt9A3ULWbDhlx7H0DcBw-HXDmBde9f41yWVGRxuHEUBAcD5T2GhKL7dirK9Ot4_Tk1uaJlgGnz9E_fgvTX42vyDZ_Y1RsRgYJjCyQ6PLHEQBiWjrUuNTo7w12zJWezY8vgebB6Q8DZ99EzbAbPjrO0phYSVLDnIEWi-xGnUnehyz2P5oGqEk6vbql9tftU-wpCt3djm1TIRd6e3Cw4Q39aBsQ7HdvUvSVS83hg&sai=AMfl-YQiGAvp1QgUErWyNXyt8Svst2jhYzE2fDMa9Zet6r1Q9E6WNhUNzRcp0IEtUYr_lREFHDGyIly1_QCNAEMUAPCV4C59PQ11dUJOwJcKTduDT4TaFBfuxE4LCP6Qo9xJlOyDOOXZZ9Nlji3rsKpXl7vNR0lRlaZDHPGGrFem7HhjJUu5dK4IpbOhBYStKqOM59yWflJjE0sTeGuzpc5yGfT00sPjkQ&sig=Cg0ArKJSzL4JXIkGepS-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=79&cbvp=1&cstd=75&cisv=r20221020.51042&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 5521 60 B
60 B 310ms
240ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=162826336&extPm=322783823&gdpr_consent=&gdpr=

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:54:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 26 Okt 2022 01:54:18 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1119
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame DA2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJx1m781rzZ0_utoOT67B10&google_cver=1

43 B
61 B

25ms
15ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJx1m781rzZ0_utoOT67B10&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNXd6XAloI0hhqeOw2IvePZneD7lZAK7wpkcnDgnsg3w9D0Py3txfTf8W7UPrUtt7dsm7NXlV-EPfg_Sk23A_8HJSO5OMjjHvxvwZ7rR9hp6zcEtSLjaC2kHRfNt6EbaCywF6VHPEYvOP7jHiLvhNbJaXBsTn6f76oYyexDvJc0JXDdiqsI
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJx1m781rzZ0_utoOT67B10&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame DA2C 43 B
304 B 39ms
16ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNXd6XAloI0hhqeOw2IvePZneD7lZAK7wpkcnDgnsg3w9D0Py3txfTf8W7UPrUtt7dsm7NXlV-EPfg_Sk23A_8HJSO5OMjjHvxvwZ7rR9hp6zcEtSLjaC2kHRfNt6EbaCywF6VHPEYvOP7jHiLvhNbJaXBsTn6f76oYyexDvJc0JXDdiqsI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame DA2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEPlEi4DAxPOJJZzjRQ7DuXA&google_cver=1

23 B
172 B

34ms
33ms

Image
image/gif

23.11.239.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEPlEi4DAxPOJJZzjRQ7DuXA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNXd6XAloI0hhqeOw2IvePZneD7lZAK7wpkcnDgnsg3w9D0Py3txfTf8W7UPrUtt7dsm7NXlV-EPfg_Sk23A_8HJSO5OMjjHvxvwZ7rR9hp6zcEtSLjaC2kHRfNt6EbaCywF6VHPEYvOP7jHiLvhNbJaXBsTn6f76oYyexDvJc0JXDdiqsI
Protocol: H2
Server: 23.11.239.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-239-181.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Wed, 26 Oct 2022 01:54:18 GMT
pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEPlEi4DAxPOJJZzjRQ7DuXA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame DA2C 23 B
172 B 82ms
33ms Image
image/gif 23.11.239.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2y0AIQltjbAhjN4s3WATAB&v=APEucNXd6XAloI0hhqeOw2IvePZneD7lZAK7wpkcnDgnsg3w9D0Py3txfTf8W7UPrUtt7dsm7NXlV-EPfg_Sk23A_8HJSO5OMjjHvxvwZ7rR9hp6zcEtSLjaC2kHRfNt6EbaCywF6VHPEYvOP7jHiLvhNbJaXBsTn6f76oYyexDvJc0JXDdiqsI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.11.239.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-239-181.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Wed, 26 Oct 2022 01:54:18 GMT
pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B7D9 0
26 B 47ms
46ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5521 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
H2 200 main.19.8.358.js Show response
static.adsafeprotected.com/ Frame 5521 195 KB
60 KB 7ms
7ms Script
application/javascript 2600:9000:214f:9a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.358.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=18513647035&pubId=1&placementId=396820198&adsafe_par&bundleId=&dealId=&bidurl=https://www.wdfxfox34.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da42947db2dbc8b734af5c4824cc9d4b7dcf3c3e239ea97734c635124dbdd2f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:05:15 GMT
x-amz-version-id: 0sn4_UL9l8bkgP3Aut8sG_7WwLSS70Jz
content-encoding: gzip
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 614944
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 17:05:47 GMT
server: AmazonS3
etag: W/"85e0b2aa9650a8cf76c0baf4d5352463"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: fPOp_jBLGK4WSvdSZRr9vpdCQSIqMRrb26F_ImhQHf0l_wgdhdez8g==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D0C2 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 21:03:57 GMT
etag: 48472445140208031
expires: Wed, 26 Oct 2022 21:03:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5521 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2697fa665e55ced77d318c8af7b007e53571873ea7efd8f2512d6fe3de5c8dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B833 118 KB
40 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 17:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 17:25:10 GMT

GET
H3 200 preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B833 64 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16579
x-xss-protection: 0
last-modified: Mon, 12 Feb 2018 18:09:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 01:54:18 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B833 112 KB
38 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 01:54:18 GMT

GET
H3 200 de_DE_polite.js Show response
s0.2mdn.net/creatives/assets/2377528/ Frame B833 87 KB
27 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27518
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 13:34:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 01:58:23 GMT

GET
DATA 200
OK truncated
/ Frame B7D9 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3649f22c1f7eff0a25bc399f1b176b4d419be577f48970432347be9ea84fd0a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 55BB 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 73959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A830 43 B
215 B 93ms
92ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1193850&asId=6979b58d-6ac2-637f-76c8-5e014fd9271f&tv=%7Bc:s6Vp5s,pingTime:-10,time:725,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666749258446%7C%7C1df0e3acfec4f4478d9886dc84a1e8d6%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C439f33f22415f406e949c0955eae232e%7C%7C73f7fcd91a800e6167c184b332034a8b%7C%7C95395b26bf70030c0f9cc2dba2b7bf7c%7C%7Cc710f9228b1fe8141daa6711e93079a0%7C%7C8c4a62325ed65713acc2a3cabbdff826%7C%7C1663701684,im:%7Bimprf:%7Bttecl:590,ecd:103,tsecr:61%7D%7D%7D
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4A14 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 73959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D0C2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKKh6l8QxGgunvSeezx2CsQ&google_cver=1&google_push=AZmPxg-F8gg0VtZFfyxm7W0wluC53MMub9GO6vPZ7a3Fso0Nk6DD26CLgKQFS0caDt9mvcomr5jvrQcBBNFttwWDTRqtC2bpFtSx&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKKh6l8QxGgunvSeezx2CsQ&google_cver=1&google_push=AZmPxg-F8gg0VtZFfyxm7W0wluC53MMub9GO6vPZ7a3Fso0Nk6DD26CLgKQFS0caDt9mvcomr5jvrQcBBNFttwWDTRqtC2bpFtS...

43 B
410 B

178ms
169ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKKh6l8QxGgunvSeezx2CsQ&google_cver=1&google_push=AZmPxg-F8gg0VtZFfyxm7W0wluC53MMub9GO6vPZ7a3Fso0Nk6DD26CLgKQFS0caDt9mvcomr5jvrQcBBNFttwWDTRqtC2bpFtSx&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-F8gg0VtZFfyxm7W0wluC53MMub9GO6vPZ7a3Fso0Nk6DD26CLgKQFS0caDt9mvcomr5jvrQcBBNFttwWDTRqtC2bpFtSx%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75ff9032c973bb5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3061
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKKh6l8QxGgunvSeezx2CsQ&google_cver=1&google_push=AZmPxg-F8gg0VtZFfyxm7W0wluC53MMub9GO6vPZ7a3Fso0Nk6DD26CLgKQFS0caDt9mvcomr5jvrQcBBNFttwWDTRqtC2bpFtSx&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-F8gg0VtZFfyxm7W0wluC53MMub9GO6vPZ7a3Fso0Nk6DD26CLgKQFS0caDt9mvcomr5jvrQcBBNFttwWDTRqtC2bpFtSx%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75ff9031a80bbb5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0C2
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOtCMovo_GPwtOxyowVwTno&google_cver=1&google_push=AZmPxg8vjmWwgo58glZ_lhzr6ZZ8IW7m581GrIyr6mU_XYxGrI32W-Bv_kFKtjEVLrvNKgPsVx3ogjdEkijj0S7e...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_ZwOawegQnqxGB8UYNmjsQ2&google_push=AZmPxg8vjmWwgo58glZ_lhzr6ZZ8IW7m581GrIyr6mU_XYxGrI32W-Bv_kFKtjEVLrvNKgPsVx3ogjdEkijj0S7edMrJUDLOMECn

170 B
188 B

24ms
24ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_ZwOawegQnqxGB8UYNmjsQ2&google_push=AZmPxg8vjmWwgo58glZ_lhzr6ZZ8IW7m581GrIyr6mU_XYxGrI32W-Bv_kFKtjEVLrvNKgPsVx3ogjdEkijj0S7edMrJUDLOMECn

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 26 Oct 2022 01:54:18 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_ZwOawegQnqxGB8UYNmjsQ2&google_push=AZmPxg8vjmWwgo58glZ_lhzr6ZZ8IW7m581GrIyr6mU_XYxGrI32W-Bv_kFKtjEVLrvNKgPsVx3ogjdEkijj0S7edMrJUDLOMECn
x-host: tde-deliveryengine-production-7496bf5f48-6688s
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0C2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHg1aeZa_j7qZYbV2-aCCpA&google_cver=1&google_push=AZmPxg8hfRwQlf6JDwhR-mo41CH4hley30cVw82iEHaXdPJMx4fxN6qcJRgnNPsj0sn3YTewb6B...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPWkgyUVUtNi1FRE4=&google_push=AZmPxg8hfRwQlf6JDwhR-mo41CH4hley30cVw82iEHaXdPJMx4fxN6qcJRgnNPsj0sn3YTewb6BYy-JCSGkZUd_OVy9IWL6ycZs7

170 B
188 B

22ms
21ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPWkgyUVUtNi1FRE4=&google_push=AZmPxg8hfRwQlf6JDwhR-mo41CH4hley30cVw82iEHaXdPJMx4fxN6qcJRgnNPsj0sn3YTewb6BYy-JCSGkZUd_OVy9IWL6ycZs7

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlPWkgyUVUtNi1FRE4=&google_push=AZmPxg8hfRwQlf6JDwhR-mo41CH4hley30cVw82iEHaXdPJMx4fxN6qcJRgnNPsj0sn3YTewb6BYy-JCSGkZUd_OVy9IWL6ycZs7
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0C2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEh0tGuErCoHw5CRyBoBsqM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEh0tGuErCoHw5CRyBoBsqM&google_hm=Y1iTSTW6X7d1S7Aj_fJ-ewAADTUAAAAB&google_nid=index&google_push=AZmPxg-sNXEtfVfjobIuPHIo8WtjDuHrHTQ3O...

170 B
188 B

21ms
21ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEh0tGuErCoHw5CRyBoBsqM&google_hm=Y1iTSTW6X7d1S7Aj_fJ-ewAADTUAAAAB&google_nid=index&google_push=AZmPxg-sNXEtfVfjobIuPHIo8WtjDuHrHTQ3O50S9v0s4HFrnXI8q8gF5ZBO47vFQjeje3hjd6g11kbO9dStGIuVMe1vbT9AU9ND

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEh0tGuErCoHw5CRyBoBsqM&google_hm=Y1iTSTW6X7d1S7Aj_fJ-ewAADTUAAAAB&google_nid=index&google_push=AZmPxg-sNXEtfVfjobIuPHIo8WtjDuHrHTQ3O50S9v0s4HFrnXI8q8gF5ZBO47vFQjeje3hjd6g11kbO9dStGIuVMe1vbT9AU9ND
cache-control: no-cache
cf-ray: 75ff9031ad785b7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0C2
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDxwEkl5FciQnBUZSpEQ9Gc&google_cver=1&google_push=AZmPxg9DSQ0_9UETVOM6egMqHDR6kJx5-bOwHcWgTWEYELO-oK_kt7JE_UZGAifIQBuzn_DIqzSdX1-FzhuI0BOBF3-QS83BEbVJ
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9DSQ0_9UETVOM6egMqHDR6kJx5-bOwHcWgTWEYELO-oK_kt7JE_UZGAifIQBuzn_DIqzSdX1-FzhuI0BOBF3-QS83BEbV...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUxODc1NzE3MzkwODA0MTM5NDE4OA%3D%3D&google_push=AZmPxg9DSQ0_9UETVOM6egMqHDR6kJx5-bOwHcWgTWEYELO-oK_kt7JE...

170 B
188 B

20ms
20ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUxODc1NzE3MzkwODA0MTM5NDE4OA%3D%3D&google_push=AZmPxg9DSQ0_9UETVOM6egMqHDR6kJx5-bOwHcWgTWEYELO-oK_kt7JE_UZGAifIQBuzn_DIqzSdX1-FzhuI0BOBF3-QS83BEbVJ

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUxODc1NzE3MzkwODA0MTM5NDE4OA%3D%3D&google_push=AZmPxg9DSQ0_9UETVOM6egMqHDR6kJx5-bOwHcWgTWEYELO-oK_kt7JE_UZGAifIQBuzn_DIqzSdX1-FzhuI0BOBF3-QS83BEbVJ
date: Wed, 26 Oct 2022 01:54:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame D0C2 0
45 B 161ms
21ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFJwkf2at8IGr_a_14zFLe0&google_cver=1&google_push=AZmPxg_SK_OURUigcpJLoLwR78UF6KfaLOSuBVRwzu_PKhZd5l7BrOBSPv-tMIes7SfXmDg_PYKa6t8VspuoBL3GHSCVPp6J5-nx
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:17 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0C2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMZntW2Rmsw0j0vBaX-wx_4&google_cver=1&google_push=AZmPxg-66wq6p5bhEraW33Ki2J5_o4v64AM1D2Qcf1OFpXGn1GaaayaINwVC-hH2blng2Pv70F...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMZntW2Rmsw0j0vBaX-wx_4&google_cver=1&google_push=AZmPxg-66wq6p5bhEraW33Ki2J5_o4v64AM1D2Qcf1OFpXGn1GaaayaINwVC-hH2blng2Pv70F...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10TjJJZjV0RTJ1R2FtYTQ2aDFCaUowNVF4MDRxZ3h2WH5B&google_push=AZmPxg-66wq6p5bhEraW33Ki2J5_o4v64AM1D2Qcf1OFpXGn1GaaayaIN...

170 B
188 B

21ms
20ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10TjJJZjV0RTJ1R2FtYTQ2aDFCaUowNVF4MDRxZ3h2WH5B&google_push=AZmPxg-66wq6p5bhEraW33Ki2J5_o4v64AM1D2Qcf1OFpXGn1GaaayaINwVC-hH2blng2Pv70FYZM2-UrTJ6knSEuHW5ouWMkmdRkg

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10TjJJZjV0RTJ1R2FtYTQ2aDFCaUowNVF4MDRxZ3h2WH5B&google_push=AZmPxg-66wq6p5bhEraW33Ki2J5_o4v64AM1D2Qcf1OFpXGn1GaaayaINwVC-hH2blng2Pv70FYZM2-UrTJ6knSEuHW5ouWMkmdRkg
date: Wed, 26 Oct 2022 01:54:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D0C2 0
12 B 18ms
18ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LpmMFOyaTMxmd5xtkb-yYTkOOhDmdyvZE0r3QnBypBMzf6Aa-aFZRcSD5lIe_Jvxcn0BIiyQ

Requested by

Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js Show response
pagead2.googlesyndication.com/bg/ Frame 55BB 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15944
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 22:34:24 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B833 7 KB
6 KB 40ms
24ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae3d71e67516d2105e99b71b4ed39be30bc80b4bfb19c0332c649c1eb3f43822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5801
x-xss-protection: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame EA37 91 KB
23 KB 8ms
7ms Script
application/javascript 2600:9000:214f:9a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2974682
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Zr32ZNYMySNl1LgWmw5Itjt_lN_FLKl5CiT6u63QXPOgVhkQ_poQYA==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 5521 43 B
216 B 35ms
34ms Image
image/gif 34.247.139.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=18513647035&pubId=1&placementId=396820198&adsafe_par&bundleId=&dealId=&bidurl=https://www.wdfxfox34.com/&adsafe_url=https%3A%2F%2Fwww.wdfxfox34.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.wdfxfox34.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Feb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Feb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7e718cd7-d3b3-4aaf-34c8-f8543c444ef8,c:s6Vp7d,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-qfz85,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:187,mot:0,app:0,maw:0,fm:tlky1Qe+11%7C121%7C122%7C123%7C124%7C131%7C132%7C133%7C141%7C15*.925113%7C151%7C152%7C153%7C154%7C161%7C162,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:193,oid:1a18bc7f-54d1-11ed-9403-e2be5aeb7a71,v:19.8.358,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.139.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-139-125.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5521 0
26 B 45ms
44ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvs9gRPy-B3NrEEomez30tf1Oke77R5lkGh7XneG8xu40AtBtQxCKvamElkdwXG3CgRvmGQY5ZccIW-QrZLnzcRBnqQRZGq6DqFItSTkrKf2rNwRT_jc2si4PA9Ho0ZHjD_jDA6s80oUEQOUuDa4uso6Ui1bZszS6BO8m-ZGyBspjvkMy2Gu-gwzGCjOfg8F_Mq9EJJHXsT2PDqK6zQXlpd7JjoednKq104MMwAQvSl2-bcJzWBGCaoegnABKJWFwcpm1ZYWHnovAdLMKK6o5dEYHYfJl_dd3O2543pQFTQKdraS44nnAQX_9brUpFeOBbOgIhRujgXhH2P10uOyIlTQ9CTmM0qdccqwY0UCZ4jfPwhi_Cbps35KdWfG4Y2ClvRG2lbFOJUgVzpdtE3dcokNqlF-R30CDEZRXFXEZ5j1a1ewJJHzmF_176YITZy14P9CCRTfXRvJEgLqD4lAeFEahDWL7SbaHqZ9uwJUeWv7frjnpUR3IPcK03BN6dXlBi_xhfGdkWIa0StYzF1412i81pikCmvLSDWIwAfmzwMzP6nC2LUgoFWb_Ofgg3iRDWgVrxgDZRT2kCmYUHgyQba_n8IdNliuX5y1kSju1ys066-jcdtHzJowJ0t3UgeLweLti91Pyp7-aO5xnV9sVyEga5G4YXsvBPibOwYsFCOqgHNSuGt7NEABuhKScCOfEN_mtspiWc6rj3yvhe4CFzYUq-DXtuCYrTYF7XArR9TCLwT0tcqOP4ucAA-fhGtC8i-geaeReGyioyIqlPLUQhbDrXWUO127dm-pEgF50c-9xzuzeL1vfu5xA30WjvKCycf0cxMdYGt_oDgdxu2D0knS7HKbiPoMglt3TGy7HunuOd38FwF-CcQXbRJho8GrJiCcLJciyu3a6DiKDLiu61pdaLic4vm3Nr6AGh9xTSDYPwVNjUbvMLdchD6QT0muhfRcD7TjTIwSEmX56_ghaUfLr1qc6XwHLqPS0sMapEzFZ8c6NHgHKjDlOw54aGUzg_ElqacA8XO80JK_zuuPSqBAkCDS-eouB0aUejrZYc7T-hOidJ4GlohKL-sFLY0bSt_YuzCoMuVFOUUbUuAu8mMV_vOVt9A3ULWbDhlx7H0DcBw-HXDmBde9f41yWVGRxuHEUBAcD5T2GhKL7dirK9Ot4_Tk1uaJlgGnz9E_fgvTX42vyDZ_Y1RsRgYJjCyQ6PLHEQBiWjrUuNTo7w12zJWezY8vgebB6Q8DZ99EzbAbPjrO0phYSVLDnIEWi-xGnUnehyz2P5oGqEk6vbql9tftU-wpCt3djm1TIRd6e3Cw4Q39aBsQ7HdvUvSVS83hg&sai=AMfl-YQiGAvp1QgUErWyNXyt8Svst2jhYzE2fDMa9Zet6r1Q9E6WNhUNzRcp0IEtUYr_lREFHDGyIly1_QCNAEMUAPCV4C59PQ11dUJOwJcKTduDT4TaFBfuxE4LCP6Qo9xJlOyDOOXZZ9Nlji3rsKpXl7vNR0lRlaZDHPGGrFem7HhjJUu5dK4IpbOhBYStKqOM59yWflJjE0sTeGuzpc5yGfT00sPjkQ&sig=Cg0ArKJSzL4JXIkGepS-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=301&vt=11&dtpt=222&dett=3&cstd=75&cisv=r20221020.51042&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2695 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8ghwSZNYY-LtLJOm9u8Px5Kp6AcAAAAAOAHgBAI&bg=!6Oul66_NAAaaxvStusY7ACkAdvg8WnD1wZkaVShqgwLjcEMVhyzavKWCDjVUCuGJCoujlZDzUw-N8AIAAAEPUgAAAAJoAQeZAwx_yypF_aiqrjPGEvmZo-js8n4MNG3uiFLpmYo1MtIEyYGgN95e4P8i1XPXqZD3m-d6qFeE4mPMez_GHkA2xpRarl097NQnvoquMILTdSLp6TL_Kp3PZ7wmUHQDTN9mBqb1kap4Kget8XcvPDsW7cv6HkgI-op4NveEOhfkd_08TgIRU2vLs9AlLU-LbxSNAweMgpjQ2DHRqX6fXndWxoHuHoFoGLkePFKHPa5z7F-SHlAE3WXdD0WPbINSWhMSNHNdAiKH0645_uYmLmn2UXEEvnzGC-fwPpfX_WZx-POAnL1P-93X0lWVw7UMD93Avp20cicyaKr_gKKfIjdbUb1TnTZRb8lkH5oGvlEDNnKKRoNnE0AJnOm2xE2d0Y_gXJYefCFlG_yor-9Awp_NN5_-mnIzcPcgyiIk78lLcLC7p2fCIHJHisg6k_3Ty2K5Enf2JDqx3HeYN0monp9Mms_0mdVE3NAfsGVMdpzvqzDkNxR_aLYo3ZU-509GZESlkUPkrWavk5fF2_22FT03ybSR1nLy9c4DeXKe8d3fsAiov7b3fRr1jotJNmcLeXaC3hRu7BU_ovnfXKpgF_xDm1rsNspr1ZlzeTpp8yJtxkyMYS2cJT5uuUDU5YOtsWWAVXDIG7hO-spBZZD-ygVVkBFE9Ke_D0df5vAxDTuc6kArylYF6oYkcILyARYP_QlYA62IPt-cBLD5HHBYuKcibybO6Xd4hFvZEiTKaGtI7oXbHR2XoLrw3qlLpth4KyB1rn51-YOpG6ErcbUugQ_fdd1vlH1SabcvXx_u8ab1WsUkquQB5kdTMQtcKobzRW2VQE-0roeZ6nv6FJULaXuPaa1x6_Y7QLloAugdafQk7Iqc-_XE5bcBlMotsnBzAgHfHBiSQi2oXiAML78m1nGOiGBPANmkwrRjNQrTDKcTxyFl9Y17cjuwl6T_LRUz6bkGeG6-NwO9H6rDye8RMl_7GANSkR0t7LOLJ7O70-TB01J1QS0D2WOklqm2r--UR8aY_BRH7w6lCun7M9oC_Io

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A14 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 09:38:27 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5521 43 B
215 B 94ms
92ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=7e718cd7-d3b3-4aaf-34c8-f8543c444ef8&tv=%7Bc:s6Vp7q,pingTime:-3,time:206,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:193%7D,%7Bpiv:0,vs:o,r:l,t:206%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:206,n:206,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:193,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B18~1,0~0%5D,as:%5B18~300.250%5D%7D%7D,%7Bsl:o,t:206,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tlky1Qe+11%7C121%7C122%7C123%7C124%7C131%7C132%7C133%7C141%7C15*.925113%7C151%7C152%7C153%7C154%7C161%7C162,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:194%7D&br=c
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5521 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=7e718cd7-d3b3-4aaf-34c8-f8543c444ef8&tv=%7Bc:s6Vp7r,pingTime:-6,time:207,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:208,n:206,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:193,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B18~1,0~0%5D,as:%5B18~300.250%5D%7D%7D,%7Bsl:o,t:206,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tlky1Qe+11%7C121%7C122%7C123%7C124%7C131%7C132%7C133%7C141%7C15*.925113%7C151%7C152%7C153%7C154%7C161%7C162,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:194%7D&tpiLookup=ao:www.wdfxfox34.com*&br=c
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5521 43 B
215 B 93ms
92ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=7e718cd7-d3b3-4aaf-34c8-f8543c444ef8&tv=%7Bc:s6Vp7N,pingTime:-2,time:229,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:354,beZ:355,mfA:541,cmA:542,inA:542,inZ:543,prA:543,prZ:545,si:548,poA:548,poZ:554,cmZ:554,mfZ:554,loA:562,loZ:563,ltA:583,ltZ:583,mdA:355,mdZ:365%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:193%7D,%7Bpiv:0,vs:o,r:l,t:206%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:229,n:206,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:193,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B18~1,0~0%5D,as:%5B18~300.250%5D%7D%7D,%7Bsl:o,t:206,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B23~0%5D,as:%5B23~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tlky1FT+11%7C12.1193850-66084803%7C121%7C122%7C123%7C124%7C131%7C132%7C133%7C141%7C15*.925113%7C151%7C152%7C153%7C154%7C161%7C162,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:194,sinceFw:35,readyFired:true%7D&br=c
Requested by: Host: eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
URL: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B833 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:18 GMT

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D0F 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 09:38:27 GMT

GET
H3 200 300x250_NH_D_LA_Wall-Flower.jpg Show response
s0.2mdn.net/creatives/assets/2373736/ Frame B833 25 KB
25 KB 8ms
7ms XHR
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2373736/300x250_NH_D_LA_Wall-Flower.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68185fdaf9503460ff9b1fbbd0124feb9b8a982321382876310ce96b5e50d544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:49:39 GMT
x-content-type-options: nosniff
age: 279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25606
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 11:54:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 02:04:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1844615067968735&vrg=2022102001&nw_id=43459271%5C%2C22676109897&nslots=6&eid=31070233%2C44777188%2C676982961%2C31069564&pub_url=https%3A%2F%2Fwww.wdfxfox34.com%2F&qid=CLzbyuvk_PoCFYTnuwgdcb4FgA&iu=%2F43459271%2C22676109897%2Floc-desktop%2Fwdfx%2Fweb%2Fhomepage&e=512&ret=728x90&req=728x90&bm=0&efh=1&stk=0&ifi=6

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55BB 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBbvwSZNYY_ySOITP7_UP8fyWgAgAAAAAOAHgBAI&bg=!TE-lTwvNAAaaxvStusY7ACkAdvg8Wo_chBY7qTEbLJeRQ8XrvHbnAn30pguYWnz8OTqhzWp7Bv_9lgIAAACdUgAAAANoAQcKAKsfHWRBNCrXUyNEU7TAnzVfxMJWgubXBruuvVEUMJAirGtqzi1An3JwauhMpJGzpIGSoEvALsrsrc9l4OCLb87LxqmRTCq3pHnPTUpvWm5_s6549FQ5ufbkRjItQHFJeRHBGP2Zl-Jhq40Jdrp2eBsp9XUZPyWFYjJYITZsaKWRe78c8E8jdu2w3vxl0C9dAfnuh0SqUpXUoabmFwE8E-gFhCKmMSo5JIZMbLuZAuybvmkvd-7mYOs838hSQWUSXPLqY-jzA2U2cpnovugx6h8jUJSCz-_Dd3FxaW-pcdH0tnlb0BeupjkpeLEyleB1ip3ko1ncxB6-BIqX7-9j7ZSzVStC5gzYVDqZuMoRS9yrP0uYsHiCb8fVbe-JpbnqHRLjcXJEqTxAEj71JH9KDbHS3dXCnXY4hJueL5ll4Icy_8K5c5MFmJiwsEo1YF8YG9a5pGDYzVei0RzGQ2ttJa44bnhBXJKQ-RUWo9wr8QgiE88n4rrELxTcMCibACgAz7OwG25UY1WoaVPlJMtLQqQ-i3xnfK1I_3U0nCGEtmcheK2jBVud2bjAxXrye-xA8BgWXmx3VmPZblmlBEUBdYbb4uXTiGxX9FAxcJWvBobUNMifQN8Ftx9YVbfG1WyONDTZ2AcpbKgCZnHoLgIGSulKymgR9bqLc6_GHy3W1NW6_aD5vDOgrz_yYTNyYNE5pfo5_lITSuJTAkcFybrtfZLCacJQnSX_E_hG7c3vs8BUfhi85r-Vb9Y-vHYrM89uTt0H4rxbSFqU7ccRosPre9MtdpBPu-Oa5-DgCMcdl9MKIuAHhHI8CGIiyOn2pLXaeU7aa6uq98MGk-1z0i2d9XtXBYfgu5J3_mB7rEJl_Rj3lCOicm4a-ZIlsG3mEiC3QZ9qff6cxmN2Vra3M2k0V8iViwnizqMOWGS39vVgs4_6cvWUBBKRw9PYZtm6azGvZOAA-bub0f0j4b73tl9UHzifhJE3lotyQrpu5YRGS8rSGvHW8k2ahMNja1pQYg5WOwK2cbzxA0XatmpjVjToA7hTF8C5zNwb_iAagcgvrqLNDeKoJws4rP6rOWjBF0ZH4ftTv2b2K90KzRIq7vtzjDw1KBDo0AmdMupackylBmRw4Cd1DiyHT__dAW2D1Er00hrRJMJWQq94YfuevitFhcewsFDtjEPZ5DbFx-XBKEW5KoZ7MbQFyEqmtZ_yUdKdtpsv8o8d6ywMq5TU

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 2353ccc9-7553-4511-b43a-4c017c39690d
https://s0.2mdn.net/ Frame B833 25 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://s0.2mdn.net/2353ccc9-7553-4511-b43a-4c017c39690d
Requested by: Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68185fdaf9503460ff9b1fbbd0124feb9b8a982321382876310ce96b5e50d544

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 25606
Content-Type: image/jpeg

GET
H3 200 de_DE_imageanimation_NH_D_LA_Wall-Flower_300x250.js Show response
s0.2mdn.net/creatives/assets/2987685/ Frame B833 40 KB
23 KB 8ms
8ms XHR
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2987685/de_DE_imageanimation_NH_D_LA_Wall-Flower_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b446e5ef15f90b630f8ec1d3a2bd5be60d41104395d24e5f264ac161c05c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23717
x-xss-protection: 0
last-modified: Tue, 10 May 2022 07:49:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 02:06:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A14 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZ2RtSpNYY8fHBrOP9u8PpMuc6AcAAAAAOAHgBAI&bg=!EhGlEVXNAAaaxvStusY7ACkAdvg8WhibXv0NDpbwbS6nAD6OLpoLvrP4BbuFO5xSlZ97Uy4c7YxfkQIAAACaUgAAAAVoAQcKACytIU7khu0YrrsWqebooM92qbECMEtAPxdHCxw9oogK5C0v06TNVLmFq2jqt5kC9pdy4sPqdLP6CosG6B7fSMtd8yrInw71x6bPreCV5Q555IRv0MxbpzRUFDpM0E7GaGVXaPBZtrMS4eeEYTcvZwQ-8DtzxEXQmI8nWfEQQhhlHsz_C1oqzwmwjt9OLA2mN7ILaNaaRjm1ZoxDnwMO-wUcd6sqKZnw6vh6Vo8jwOC4w-tM_iApxFvugPn1xi0ofEaxWlCrOFP2_EnHjziDy9cm6B0iSb26vgZlLF9MP5Ky5K9qkSraSgZj0bsFnPv1Xacvjn1N5cZfiWmXHlb9aZ-5BJaqRQ61itcIxrcX42O38OoH-TSwxQkCITpdfwE4ZeUF7lW3qC02FmhWKHQ6EwB9YfkxYE3KFLVN28W-WD5KzXbtsVPq6eciQoIl0FYVxc3mzBcBWDJJb7ebS2uktUGYqLgcOkNBl_B7glDuACXDGtQ_Vw3Ojl1eqskfPygWGp_a6SeB2C1325idAyV77Xel247RdYiVqWPaBCvpxthbtfS4u5FiOVihGMjr3NPVbvb4v-gIKzdfENq7E5tnc1TD9HBiuuNKCLkbNMnzhnBaARnCQzwTMfseU6Xs_kLBAAQfloU76xqW-rVOfKIFuYBWa85OlRS5Led30SmnHrvrPOBq6GJ24u4Rk55ZP1r7w3QZwWI-fURXB54nMn4_otj7VB1m_lEsfPXVQFi7SkXivDJ3HY8IziqyWk-CsKoU0wC8lKlualVAIs64RHkpeuMg3iXSE5qIfK9gJjPTYjNwoZRSXH_EhZoBXbb03Cz4PbSVmXyHxXU_fcFCRtLlaR-WBvbRUpusEpNcaea4woPdxEdjITh9UeeaTB6-Sp3oD0StbOr5c0zyLYbo2t0OIGbIaT9JZT4OQh72lMQMDaK4wo6CB9ztfOxIgFFhdaNBJz3404CZS6QIpBXt98whNkwDwaYKnRWuBZvjQRWvxrEZwWFZb-H6BNCxGMX2twMC9AbIoQfQQMaB8rcRtm868I8i-WVZa1ylIGvqyGKm-40gfKnhMUtc

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js-animation_de_DE_imageanimation.js Show response
s0.2mdn.net/creatives/assets/3389262/ Frame B833 66 KB
18 KB 8ms
7ms XHR
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3389262/js-animation_de_DE_imageanimation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=kMDNJr2LLu&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18063
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 17:53:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 01:58:18 GMT

GET
H2 200 NH_D_LA_Wall-Flower;strtype=2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMIx5TW6-T8-gIVs4f9Bx2kJQd9EAAYACDgkNJNQhMItJq56-T8-gIV8Iv9Bx3HNQUV;stragg=1;&timestamp=1666749258901;str=LH/NULL/822/amadeusBestPrice/ Frame 5521 42 B
494 B 88ms
43ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIx5TW6-T8-gIVs4f9Bx2kJQd9EAAYACDgkNJNQhMItJq56-T8-gIV8Iv9Bx3HNQUV;stragg=1;&timestamp=1666749258901;str=LH/NULL/822/amadeusBestPrice/NH_D_LA_Wall-Flower;strtype=2

Requested by

Host: www.wdfxfox34.com
URL: https://www.wdfxfox34.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 310A 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGmliPF3OqRNXacLoaKolK0P5bMUV7oGoltaspTyCg0OCQRWCONd67fuK_hIqkofxug15DmUhUZaqPr3wHD8I_UiNHoI-H2_ucR-VV-nBkVQdPLd9EPvM2so_N5-zoJpZrhcbAZOo&sai=AMfl-YRHHvtHnOBxvofj3UIeNJRzkV1zeiUo07l0ZXWqlU1W4LH9Vm2jy1R2FhulvV06BXUbr7nMrSUjeUR1m0hz8Yg3GWVfR3r0huMgTwHZgJeKnOHxK-1bfGyiAHs-3755kw&sig=Cg0ArKJSzCA1dfgS-FslEAE&cid=CAASJ-RoyPhMcUGO_iGGEz0Ua7kEJzBDaP_PiI0ba17gWtgQ9_dJCVW_NQ&id=lidar2&mcvt=1004&p=160,436,250,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4175600188&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666749257669&rpt=224&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B833 16 KB
16 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 19476095_G.png
wdfx.images.worldnow.com/images/ 74 KB
74 KB 185ms
184ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19476095_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6482868787584faf639dd9a889bf59012bc890d1d1db7eec589b4afbb4e62d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 75464
cf-resized: internal=ok/h q=0 n=22 c=52 v=2022.9.0 l=75464
last-modified: Mon, 08 Jun 2020 15:04:32 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfgPoyEgRJIi208-eMatT4lA:f9eff51d0deb5b205d0daccb71009286"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90350fbf908b-FRA

GET
H2 200 19476097_G.png
wdfx.images.worldnow.com/images/ 144 KB
145 KB 136ms
135ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19476097_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cd7482bf991eb7dc9fb12dcdac98dc8dde2ed1c80617eece7e00ced675b8d08

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 147702
cf-resized: internal=ok/h q=0 n=29 c=44 v=2022.9.0 l=147702
last-modified: Mon, 08 Jun 2020 15:04:36 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfPyQQOWOIgdEm4XZ4c320oQ:0fdf37cf3c8081d207780dfbb62fabaa"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90350fc0908b-FRA

GET
H2 200 22945485_G.png
wdfx.images.worldnow.com/images/ 36 KB
37 KB 160ms
159ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/22945485_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aba0898cc082764163436c0641733c4fef4b744ee7327fcafecedc6a86991272

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 37119
cf-resized: internal=ok/h q=0 n=20 c=10+55 v=2022.10.4 l=37119
last-modified: Tue, 05 Jul 2022 13:27:26 GMT
cf-bgj: imgq:93,h2pri
server: cloudflare
etag: "cfR7NEXtLBWAcAzHluP6Am4A:e0a51ececd9ecf1c36eedf3abbb23cf5"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90350fc3908b-FRA

GET
H3 200 style.css
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/ Frame 98EF 1 KB
455 B 7ms
7ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2839f1dce2b8c92dd91e190d455db355178099f3bbbc6d43198f8362c6c7cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 14:20:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473618
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 14:20:41 GMT

GET
H3 200 txt2@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 98EF 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f181af14f12dac7a849b77afc979988f505cc0e59a2161efee33c95671a34aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 14:17:13 GMT
x-content-type-options: nosniff
age: 473826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2605
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 14:17:13 GMT

GET
H3 200 txt3@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 98EF 3 KB
3 KB 10ms
8ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt3@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42e6f6a2f5fd69061f40d3b8353e65c29cb1d65caf641255d9ef040865763bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 14:17:13 GMT
x-content-type-options: nosniff
age: 473826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2903
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 14:17:13 GMT

GET
H3 200 disclaimer@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 98EF 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/disclaimer@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ba3370f00f19c52fae5a7f78df5d6b70dda1e81e7549944bc42a3247d90756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 14:17:13 GMT
x-content-type-options: nosniff
age: 473826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1713
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 14:17:13 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 98EF 2 KB
1 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 14:20:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473618
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 14:20:41 GMT

GET
H3 200 bg2@2x.jpg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 98EF 32 KB
32 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/bg2@2x.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

075c6e12a4b52e9cb3e68815f5fccdf234062d1b41aae94271547c016572ae79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 14:17:13 GMT
x-content-type-options: nosniff
age: 473826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32877
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 14:17:13 GMT

GET
H3 200 legals@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 98EF 6 KB
6 KB 12ms
11ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/legals@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba64c8489b418d2356b12fd052f0eb0f6a81ae7a3ce9d6ceb55941edafc223d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 14:17:13 GMT
x-content-type-options: nosniff
age: 473826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6340
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 14:17:13 GMT

GET
H2 200 22952504_G.png
wdfx.images.worldnow.com/images/ 34 KB
34 KB 135ms
133ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/22952504_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

673b562e94e3300d5b7b56d23b5efe8d020e4bf997c01d486032308a408ecad2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 34663
cf-resized: internal=ok/m q=0 n=140 c=6+86 v=2022.10.4 l=34663
last-modified: Wed, 06 Jul 2022 15:18:57 GMT
cf-bgj: imgq:73,h2pri
server: cloudflare
etag: "cfMDkd84C_MhkjRFN6ns2Epw:3236ecd8296782eb71f52d397b2a5af8"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9036b89b908b-FRA

GET
H2 200 22966030_G.png
wdfx.images.worldnow.com/images/ 68 KB
68 KB 128ms
127ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/22966030_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92c0a369d1f53e9d9a1d269c92168a05605605e83c4030e50861ae42f45d2176

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 69262
cf-resized: internal=ok/r q=0 n=30 c=33 v=2022.8.4 l=69262
last-modified: Fri, 08 Jul 2022 15:57:07 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfuv67sSBDX8-H11BDNoAV3g:c181afbc7b4931129ed39ba4b40dbff1"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9036b89c908b-FRA

GET
H2 200 23010109_G.png
wdfx.images.worldnow.com/images/ 39 KB
40 KB 130ms
129ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/23010109_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ff22f5016ae32a579105d44e94d8910dfa94de4f78690e713657f3db0238bc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 40296
cf-resized: internal=ok/h q=0 n=16 c=7+121 v=2022.10.4 l=40296
last-modified: Mon, 18 Jul 2022 15:04:41 GMT
cf-bgj: imgq:78,h2pri
server: cloudflare
etag: "cf8EBJmT53NC-5EDS0_TC4vw:eb658cff30664ae78e63e8b800c2598b"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9036b89e908b-FRA

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B7D9 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0wMO-_NBAPi7-s_MotASMK-JE34UDYDuO62HVoYhwX3Z7Ydv1mAR6F_imlhKgboV9yVXa9SqJs_2HL-RMzCJp17dkwxn0pMWlGgkpObPnwxO43ob3dP87YDKjoymOX58UnZq6CXQ&sai=AMfl-YRyFB1xL2WJ8umrYk0CgqE9WwjNfMGbk2KOicGu0gkDcUit_8UOBNshs3x4bXfebj-guDcYHNxgSeAhjasKa5D-AjoRmeWthp3ZIOycMaZuTSquRC-nzji4tZkawEX9LiI&sig=Cg0ArKJSzNQePHO_pg6CEAE&cid=CAASKORouu-GQ9jWO_6LMugzTCiCTmJtRc5of4SQpEHf6nacVWtFQQe149Y&id=lidar2&mcvt=1000&p=990,256,1080,984&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2107240&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666749258229&rpt=192&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5521 43 B
215 B 93ms
93ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=7e718cd7-d3b3-4aaf-34c8-f8543c444ef8&tv=%7Bc:s6VpuH,pingTime:-10,time:1649,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666749258446%7C%7C1df0e3acfec4f4478d9886dc84a1e8d6%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C439f33f22415f406e949c0955eae232e%7C%7C73f7fcd91a800e6167c184b332034a8b%7C%7C95395b26bf70030c0f9cc2dba2b7bf7c%7C%7Cc710f9228b1fe8141daa6711e93079a0%7C%7C8c4a62325ed65713acc2a3cabbdff826%7C%7C1663701684,sca:%7Bspg:6979b58d-6ac2-637f-76c8-5e014fd9271f%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:20 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 845 B
619 B 503ms
502ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=36312

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2327df199a647818d5dc9942d279019364526c9cf8544385ea090208deb95538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-length: 461
x-xss-protection: 1; mode=block
x-response-time: 376ms
server: cloudflare
etag: W/"34d-DXo76vfbqr3fT42YQg56tluOjXQ"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff903bb85c9a2d-FRA
expires: Wed, 26 Oct 2022 01:57:20 GMT

GET
H2 200 27_mostlycloudy_night.png
ngw-static.franklyinc.com/assets/static/ 2 KB
3 KB 115ms
115ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/static/27_mostlycloudy_night.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646f822b200d3945414f6d39a6218348f33974446ae17193bfaf2c8e1fd8bb4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:20 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Mar 2020 16:10:12 GMT
server: cloudflare
x-amz-request-id: FF888945TZKXGH5X
etag: "c7510f3ec8473a041c7d6030355ac287"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff903bcf4190dc-FRA
content-length: 2470
x-amz-id-2: deCDKtnRQjOyHhi62REHNPSTm1XI5b6Zeg/GMJhif5w4lnaYxRVdFZ9eQbq6alcsGGJynhMD06o=
expires: Wed, 26 Oct 2022 05:54:20 GMT

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame AED7 0
229 B 27ms
10ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=489b9468101d49cfbb9ef8bd4c1ce15d&gdpr=&gdpr_consent=&vdur=208&eoid=11&msrjs=3130&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=104&tetms=6&msltms=20&vltms=208&sei=289&vetms=102&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=8648&msrcannum=4&ismms=33&isumms=33&nvr=2&isgmmims=33&isgmv4mims=33&elmtp=3&isbxdms=3036&b0=3226&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&dvp_mvpw=device-width&lftb=3226&sftb=3226&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=32&dvp_hdnAd=0&dvp_dpr=1&ttfurm=3333&cbust=1666749261494848
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:21 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 10/25/2022 01:54:21

GET
H2 200 19476097_G.png
wdfx.images.worldnow.com/images/ 963 KB
964 KB 122ms
122ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19476097_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad9e40b3682589e214f920da9c0d8fef932ec1df16d69bdce9d3d49a9e9c166b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wdfxfox34.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:22 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 985853
cf-resized: internal=ok/m q=0 n=118 c=212 v=2022.9.6 l=985853
last-modified: Mon, 08 Jun 2020 15:04:36 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfy_twT_mVyUReXe05rZN_LQ:0fdf37cf3c8081d207780dfbb62fabaa"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90475aae908b-FRA

GET
H2 200 resources Show response
www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 854 B
614 B 399ms
398ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wdfxfox34.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=36330

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9afd891bbeb1f7675d308104248cc15462b99cd49900eea1384be25c8f986723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wdfxfox34.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-length: 464
x-xss-protection: 1; mode=block
x-response-time: 257ms
server: cloudflare
etag: W/"356-LZHQzQb/RiLRTwTTVrTKJ/TavUA"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff904e7b369a2d-FRA
expires: Wed, 26 Oct 2022 01:57:23 GMT

Verdicts & Comments Add Verdict or Comment

387 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wdfxfox34.com/	1970-01-20 16:35:09	Name: _ga_6YXLQLNYFR Value: GS1.1.1666749256.1.0.1666749256.0.0.0
.wdfxfox34.com/	1970-01-20 16:35:09	Name: _ga Value: GA1.1.1873124982.1666749257
www.wdfxfox34.com/	1970-01-20 16:35:09	Name: _lang Value: en
.wdfxfox34.com/	1970-01-20 16:35:09	Name: _ga_frankly Value: GA1.2.1873124982.1666749257
.wdfxfox34.com/	1970-01-20 07:00:35	Name: _ga_frankly_gid Value: GA1.2.843262309.1666749257
.wdfxfox34.com/	1970-01-20 06:59:09	Name: _dc_gtm_UA-82494642-222 Value: 1
www.wdfxfox34.com/	1970-01-20 16:35:09	Name: _ga Value: GA1.1.1873124982.1666749257
www.wdfxfox34.com/	1970-01-20 07:00:35	Name: _gid Value: GA1.1.962486807.1666749257
.casalemedia.com/	1970-01-20 15:44:45	Name: CMID Value: Y1iTSTW6X7d1S7Aj-fJ.ewAA
.casalemedia.com/	1970-01-20 09:08:45	Name: CMPS Value: 3381
.casalemedia.com/	1970-01-20 09:08:45	Name: CMPRO Value: 3381
.adnxs.com/	1970-01-20 09:08:45	Name: uuid2 Value: 8889918388494612716
.doubleclick.net/	1970-01-20 16:20:45	Name: IDE Value: AHWqTUlQfR26XNW-pJrpZAVWbFCOLfFjALLcwcGA3UeyY228NEJnnMvH1kRdttwri2k
.wdfxfox34.com/	1970-01-20 16:20:45	Name: __gads Value: ID=8f6af64c808a331c-2233903c57ce0048:T=1666749257:S=ALNI_MZFfF2nSaj4sZYHczhRRj3OZOvlig
.wdfxfox34.com/	1970-01-20 16:20:45	Name: __gpi Value: UID=00000b7870f5c8f3:T=1666749257:RT=1666749257:S=ALNI_MZ_iI0fXDBqMPMq0ydiTW9FgiTayg
.adnxs.com/	1970-01-20 09:08:45	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C'!r$jH7!]tbC8i_iqf!oN/@E'zz<Z0QKMS?GS5zIE'po0w@7DGs_HbBWY6wgg=#t?TD._*PlZ[C[-kX-4/)Mo
.3lift.com/	1970-01-20 09:08:45	Name: tluid Value: 3518757173908041394188
.travelaudience.com/	1970-01-20 16:29:23	Name: _tracker Value: %7B%22UUID%22%3A%22FD9C0E6B-07A0-427A-B118-1F1460D9A3B1%22%7D
.casalemedia.com/	1970-01-20 09:08:45	Name: CMTS Value: 5145
.yahoo.com/	1970-01-20 15:45:06	Name: A3 Value: d=AQABBEqTWGMCEJ2GvdnC2DWBtiHJuCb_q1MFEgEBAQHkWWNiYwAAAAAA_eMAAA&S=AQAAAjNbHY9OSpYZrHNv_PzaO58
.analytics.yahoo.com/	1970-01-20 15:44:45	Name: IDSYNC Value: 18yx~27xd
m.exactag.com/	1970-01-20 09:08:45	Name: exactag_new_gk Value: dbba27c3ce9a4aebbd4c4cca99024a4c%7C25.12.2022%2001%3A54%3A18
m.exactag.com/	1970-01-20 11:18:21	Name: exactag_new_uk Value: a91d7b31d4e64bf3bd0905cfc31cc02a%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 0740665b2ab048b9baf9e940
.tribalfusion.com/	1970-01-20 09:08:45	Name: ANON_ID Value: afnseFmge07ousnA7fvZaOK5hbZcu7V7iagQUTYJ2ae87JuAOjxUoT4ItBkjShLB25F65B3KRZatiypeHlMW3y6

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wdfx.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wdfx.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js(Line 25) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://wdfx.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wdfx.images.worldnow.com/interface/js/WNVideo.js(Line 26) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ade.googlesyndication.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cdn.cityspark.com
cdn.doubleverify.com
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
cntsyncont.images.worldnow.com
code.jquery.com
content.worldnow.com
csp.azureedge.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb0644f769fc4b267bc2487d99a0708d.safeframe.googlesyndication.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
ftpcontent.worldnow.com
ftpcontent6.worldnow.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
m.exactag.com
maxcdn.bootstrapcdn.com
ngw-static.franklyinc.com
p.cityspark.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stacker.images.worldnow.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
ups.analytics.yahoo.com
us-u.openx.net
wdfx.images.worldnow.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.wdfxfox34.com
104.18.19.126
13.248.245.213
142.250.185.194
142.250.185.66
142.250.186.162
142.250.74.194
185.80.39.216
185.86.139.103
185.89.211.12
20.60.81.107
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2a
213.202.235.8
23.11.239.181
2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
2600:9000:214f:9a00:8:48e:53c0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::6812:271c
2606:4700:4400::6812:2862
2606:4700:4400::ac40:939e
2606:4700:4400::ac40:9409
2606:4700:4400::ac40:948a
2606:4700::6811:180e
2606:4700::6812:18ad
2606:4700::6812:bcf
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9c
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:6c00::210:ba11
3.126.56.137
34.149.12.213
34.247.139.125
34.98.64.218
35.190.0.66
52.160.40.218
66.102.1.155
69.173.144.139
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7
026fb0433bda36da5bd8cff595b3038e678cfb223ac88d8e0574fe263842322b
0558b0023c1c4ef9ad3c1948f9cf1c889992b6038dc9dd482b75caad94339ad0
05dda2cb47317201eb228289f1316b7aa3803e8441a2a1d1d0374e4d52ebe642
065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289
075c6e12a4b52e9cb3e68815f5fccdf234062d1b41aae94271547c016572ae79
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486
07c659dfc9a1b814dc3c5c6c4e7781dec352352f0975800f90c552b7bfbe27af
0b2803d3980b56c1a1868f7f1374850f2b6a2f9c514c6eed8dbc8b4b0200111c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bde350617f854641906a76f90a18eb9a882d9593fef80f234a2b49e59edfee3
0d6515fe299b835ae987c38bb0f26fc4ba8bd38d9d444c6a6aeb5fc4ee534277
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
166f9bd5d8c93bdfc91002d46927dc2b45fb013ce0ae5fcc09eef85bb52631b5
1b08ea0691a25a239e5db2b23367126dda0520d177e3209616e540fc01f5b10b
1c6dce761e72309f05b20d64d404ca9798d126f01de528969d0b37f546bcd319
1f7584acdcb0fd7e3be17c0558206be07649635809195eb398eb82d656521deb
22947163b9b9ad637680638f412b4f356f77c159281bf9da45afbf07b79f26dd
2327df199a647818d5dc9942d279019364526c9cf8544385ea090208deb95538
2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
268a44119513412fefb97a4886eb86bf19ae6f400d4bd9bf46dba25c439dd2d3
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71
2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f
3048149bb0d5ab4b5d709224e0216b715c7d0317a403a673408a915fde997477
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3649f22c1f7eff0a25bc399f1b176b4d419be577f48970432347be9ea84fd0a8
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
3b69611a3f6276ad52ac009df849345ad392be2345b4a4a2838d77ce8a878607
3bc96bdb42eea0c082bdd8871ba75cc9ce6f0c26c866ad5ff87e6de7f73b9a33
3cd7482bf991eb7dc9fb12dcdac98dc8dde2ed1c80617eece7e00ced675b8d08
3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4
4468223874313a873a77cc4df05012c88768cba0c577f9962e162bbf014d7e86
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e
4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec
4ca6d74cad633ecfab918aeba895c4ec22de204c136ddc7d9779d1a57ccd3b8b
4cc14d01a44646f6ba79e34ed0359b38d4a584055261f6327b052859b17927e9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e722aa73c0477c0c2bcd367c93dfdf7338e70e62b9e6acc4ed1cdd804e61108
4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785
4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5100861fd6684233f69a0869bc6cdc8890357945fef4efdac9c176748da0af9d
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
56b446e5ef15f90b630f8ec1d3a2bd5be60d41104395d24e5f264ac161c05c94
57a62640952523260df08a98c8d7f794e2e9cb17d6d81f4a10cf3958237b628e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5986fbf89a06e3788ae62c05a8fbe38cac3034377a9602bdab3c651c7a19eb9e
5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71
5f80c5a66e08c5cbf80323292dc237ee1f74266629dcb384b6850d2a69573d37
60bb66a4066547ae8ab6db3ca66053088fd5b5215d6ced7acfe2bac1842b6327
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
6108e672fd64937f1093d2c8c3d65106ed2ff8d4f8d2dd6ab2ddf215d615f316
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52
646f822b200d3945414f6d39a6218348f33974446ae17193bfaf2c8e1fd8bb4a
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
663dc441949fc1cfcf5f42f2ab5835e0438bcc11f304a62001b13c566ea1b7f4
673a628d04deb21b0ab7a9b2b87765a64766c897979cc1b3c89c8961c9d7db11
673b562e94e3300d5b7b56d23b5efe8d020e4bf997c01d486032308a408ecad2
68185fdaf9503460ff9b1fbbd0124feb9b8a982321382876310ce96b5e50d544
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca630acc442021067fcf0082bb1ab622587577f0f4b33257f45c925b1efcda8
70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2
75ba3370f00f19c52fae5a7f78df5d6b70dda1e81e7549944bc42a3247d90756
77e38e70c5bbfbce6252896b6282550de04391bd6341899d4236a7714f9baef1
79b467191c78e7168dc4d9a184f2b017c326ea508f423dfa5911fa3077c7e8ec
7a22ca104d15f7192ab6db868568a7564c13fde3107393ddb51f2ea4a78c6bf9
7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6
7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a2fc60091c50cbed19d697ea916e905d4c9174050ff6af1930b6ba87b65621b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d
8ff22f5016ae32a579105d44e94d8910dfa94de4f78690e713657f3db0238bc7
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
92c0a369d1f53e9d9a1d269c92168a05605605e83c4030e50861ae42f45d2176
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
960b94c60e7eb0308835eeb253ef5d0855aa219df2ac368dd664d0346234200e
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9afd891bbeb1f7675d308104248cc15462b99cd49900eea1384be25c8f986723
9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed
9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2697fa665e55ced77d318c8af7b007e53571873ea7efd8f2512d6fe3de5c8dd
a42e6f6a2f5fd69061f40d3b8353e65c29cb1d65caf641255d9ef040865763bf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a
a53d8b97447ba56135a6ca68959368a71468306d941c6c9a0b828b1f85cea44f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a760eac775225e6c4455d998c1e7b48e048c509ada10e4b52edc8e9e5b052e48
a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024
aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1
aba0898cc082764163436c0641733c4fef4b744ee7327fcafecedc6a86991272
ad9e40b3682589e214f920da9c0d8fef932ec1df16d69bdce9d3d49a9e9c166b
ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db
ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf
ae3d71e67516d2105e99b71b4ed39be30bc80b4bfb19c0332c649c1eb3f43822
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b861a73e5aa9c41b193d31ef1cea99461da1b289910b8abb99948af34288f461
b8ccda5a81c56c18831f5aa90492d71cdd5bcefe1b31cd24b5034bd95cb7f0f4
ba64c8489b418d2356b12fd052f0eb0f6a81ae7a3ce9d6ceb55941edafc223d7
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222
c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c4cf5d14169ced3930821323216932179f6c69401b252451b6a12e141e405a69
c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26
ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167
cb22a1425e3813bc31425e0c35233761a4e4609ce50812465f9c648d6f3479f4
cb59e02698cc1d27d49dc4e4f8df20ec33edbfb31de8b1430eb0221dadeb568d
cc816dcbd0d2dc5933a188c0f874ef3698faf2055b31257a60d674ff3094f289
ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1
cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1aa5c86352e48d6415ab98b5bfc01024bd68462615cc0793d90aba2e07533ae
d2839f1dce2b8c92dd91e190d455db355178099f3bbbc6d43198f8362c6c7cf8
d6482868787584faf639dd9a889bf59012bc890d1d1db7eec589b4afbb4e62d3
d8ca934dc5cc18f06d110f6f7a82671a6a4c4654cddb6d12e6d3b6c8aeb4b244
da42947db2dbc8b734af5c4824cc9d4b7dcf3c3e239ea97734c635124dbdd2f1
dd738317b1a43be4bdb7da39911dc1e6daae5f6e487f88ed0e04c30bd9735a56
df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361
e089e65d86d82baee98dcfa88d998b57218e538b1e6e2af3ac7336e5a8872712
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6c14c611110d9ca3c61001034dbfb5fea2d805a618adc5ac173644f5bc1b681
e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e94ddde4f3df41ef02b08a889bb56fd90ad9470435159cc27f1bb9a1adf1017c
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ab8d38393cfe438c6a278745e276e96b3eef3a288db972feb95530b24290a8
f181af14f12dac7a849b77afc979988f505cc0e59a2161efee33c95671a34aec
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71503843ed1c9eb5a6c2cfb90eec64b87ac04228e9c064870f50135c0e3af3e
f895dfafbf53b8f5fa1b290299e57eb233447ccf2d6cdbcaac6049d54190de86
f9853e152259c3c56409fe66cf5be56a8c79e3275bb14ffffe05141e3fe764fc
fab29c6db78f7b0055ef867fd206334b8e1e8178acbb498e74c75bc928d77bc0
fcbcfeff401d0a746096a2276157f59c8a8f18283b54a48b36ba8e1652119f54
fe8437cd5a7ada22f5a5991fd0747060211bd514e36f6d41820a68c90c57c633

www.wdfxfox34.com Open in urlscan Pro 2606:4700:4400::ac40:9409 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

261 Requests

92 %HTTPS

59 %IPv6

32 Domains

55 Subdomains

45 IPs

8 Countries

7110 kBTransfer

17519 kBSize

25 Cookies

15 Outgoing links

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wdfxfox34.com Open in urlscan Pro
2606:4700:4400::ac40:9409 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

92 %
HTTPS

59 %
IPv6

32
Domains

55
Subdomains

45
IPs

8
Countries

7110 kB
Transfer

17519 kB
Size

25
Cookies

261 HTTP transactions
8 data transactions