notfries.com Open in urlscan Pro
143.204.231.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://notfries.com/trending/celebrities-changing-looks-syn/
Submission: On July 04 via api (July 4th 2023, 5:30:30 pm UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 22 domains to perform 80 HTTP transactions. The main IP is 143.204.231.3, located in United States and belongs to AMAZON-02, US. The main domain is notfries.com. The Cisco Umbrella rank of the primary domain is 236636.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 20th 2023. Valid for: a year.

This is the only time notfries.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	143.204.231.3 143.204.231.3	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:2113:7a00:1c:615b:f80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4	2600:9000:217... 2600:9000:2171:6200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:230... 2600:9000:2304:0:19:4475:2ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	37.48.87.182 37.48.87.182	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2600:9000:248... 2600:9000:248c:d600:5:c4ab:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:10:... 2606:4700:10::ac43:15e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:2117:5200:1f:4e6f:2e00:21	16509 (AMAZON-02) (AMAZON-02)
2	52.222.196.226 52.222.196.226	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:218... 2600:9000:218c:2400:1e:9fbe:1400:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
3	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
2	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	70.42.32.255 70.42.32.255	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	23.57.19.78 23.57.19.78	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.139.243.8 108.139.243.8	() ()
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.246.206.91 54.246.206.91	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:217... 2600:9000:2171:f200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:25e... 2600:9000:25e9:b200:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.196.78.23 18.196.78.23	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::6812:2bda	13335 (CLOUDFLAR...) (CLOUDFLARENET)
80	34

1 143.204.231.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-231-3.cdg3.r.cloudfront.net

notfries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2113:7a00:1c:615b:f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3lqr6uy4evi9q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2171:6200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:0:19:4475:2ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2zayfmz8ahvp7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.87.182 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

lu9xve2c97l898gjjxv4.notfries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:248c:d600:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::ac43:15e8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gtrack.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2117:5200:1f:4e6f:2e00:21 (United States)

ASN16509 (AMAZON-02, US)

dz3kk72128dko.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.196.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-196-226.cdg50.r.cloudfront.net

d1upt0rqzff34l.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:218c:2400:1e:9fbe:1400:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2dfm87p04h1zk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.57.19.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-19-78.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.243.8 (United States)

ASN- ()
PTR: server-108-139-243-8.mxp63.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.206.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-206-91.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2171:f200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e9:b200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.78.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-78-23.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2bda (United States)

ASN13335 (CLOUDFLARENET, US)

static.vidazoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1670 www.google.com — Cisco Umbrella Rank: 10	58 KB
10	cloudfront.net d3lqr6uy4evi9q.cloudfront.net d2zayfmz8ahvp7.cloudfront.net dz3kk72128dko.cloudfront.net d1upt0rqzff34l.cloudfront.net d2dfm87p04h1zk.cloudfront.net	720 KB
9	kueezrtb.com static.kueezrtb.com — Cisco Umbrella Rank: 25294 u.kueezrtb.com — Cisco Umbrella Rank: 31284 track.kueezrtb.com — Cisco Umbrella Rank: 16327 gtrack.kueezrtb.com	87 KB
6	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 918 trc.taboola.com — Cisco Umbrella Rank: 634 trc-events.taboola.com — Cisco Umbrella Rank: 1860	252 KB
6	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3316 test.cmp.quantcast.com — Cisco Umbrella Rank: 10194 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12088	145 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3024 tr.outbrain.com — Cisco Umbrella Rank: 2773 wave.outbrain.com — Cisco Umbrella Rank: 5301	8 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	277 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	154 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353	63 KB
2	vidazoo.com static.vidazoo.com — Cisco Umbrella Rank: 2598	58 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959	12 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4752	563 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 538	7 KB
2	notfries.com notfries.com — Cisco Umbrella Rank: 236636 lu9xve2c97l898gjjxv4.notfries.com — Cisco Umbrella Rank: 792505	79 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	463 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 405	303 B
1	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 4951	47 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808	25 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1443	17 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623	242 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	185 B
1	underdog.media bid.underdog.media — Cisco Umbrella Rank: 15808	1 KB
80	22

	Domain	Requested by
13	fundingchoicesmessages.google.com	notfries.com
4	d2dfm87p04h1zk.cloudfront.net	notfries.com
4	www.googletagmanager.com	notfries.com www.googletagmanager.com
4	cmp.quantcast.com	notfries.com quantcast.mgr.consensu.org
3	gtrack.kueezrtb.com	notfries.com
3	track.kueezrtb.com	notfries.com
3	c.amazon-adsystem.com	notfries.com c.amazon-adsystem.com
3	cdn.taboola.com	notfries.com cdn.taboola.com
2	static.vidazoo.com	d1upt0rqzff34l.cloudfront.net static.vidazoo.com
2	trc-events.taboola.com	cdn.taboola.com
2	www.google.de	notfries.com
2	www.google.com	notfries.com
2	tr.outbrain.com	amplify.outbrain.com notfries.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	s.yimg.com	notfries.com s.yimg.com
2	d1upt0rqzff34l.cloudfront.net	notfries.com
2	dz3kk72128dko.cloudfront.net	notfries.com d2zayfmz8ahvp7.cloudfront.net
2	static.kueezrtb.com	notfries.com static.kueezrtb.com
2	securepubads.g.doubleclick.net	notfries.com securepubads.g.doubleclick.net
1	pagead2.googlesyndication.com
1	gum.criteo.com	cdn.taboola.com
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	test.cmp.quantcast.com	quantcast.mgr.consensu.org
1	quantcast.mgr.consensu.org	cmp.quantcast.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	u.kueezrtb.com	static.kueezrtb.com
1	cdn.id5-sync.com	notfries.com
1	tags.crwdcntrl.net	notfries.com
1	secure.cdn.fastclick.net	notfries.com
1	wave.outbrain.com	amplify.outbrain.com
1	region1.google-analytics.com	www.googletagmanager.com
1	trc.taboola.com	cdn.taboola.com
1	www.facebook.com	notfries.com
1	amplify.outbrain.com	www.googletagmanager.com
1	bid.underdog.media	notfries.com
1	lu9xve2c97l898gjjxv4.notfries.com	notfries.com lu9xve2c97l898gjjxv4.notfries.com
1	d2zayfmz8ahvp7.cloudfront.net	notfries.com
1	d3lqr6uy4evi9q.cloudfront.net	notfries.com
1	notfries.com
80	39

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.fabcrunch.com

Subject Issuer	Validity	Valid
notfries.com Amazon RSA 2048 M02	`2023-02-20` - `2024-01-10`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cmp.quantcast.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
lu9xve2c97l898gjjxv4.notfries.com ZeroSSL RSA Domain Secure Site CA	`2023-04-25` - `2023-07-24`	3 months	crt.sh
underdog.media DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-29` - `2024-04-28`	a year	crt.sh
kueezrtb.com GTS CA 1P5	`2023-06-22` - `2023-09-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-13` - `2023-07-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://notfries.com/trending/celebrities-changing-looks-syn/
Frame ID: 0610879B546BE2A6772B477C3D3CC373
Requests: 81 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

45+ Celebrities Who Spent a Fortune Changing Their Looks

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

80
Requests

99 %
HTTPS

64 %
IPv6

22
Domains

39
Subdomains

34
IPs

6
Countries

2012 kB
Transfer

6489 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Not-Fries-536463933934557/

Search URL Search Domain Scan URL

URL: https://www.fabcrunch.com/trending/celebrities-changing-looks/?utm_source=taboola
Title: Fabcrunch

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
notfries.com/trending/celebrities-changing-looks-syn/ 274 KB
73 KB 1208ms
1134ms Document
text/html 143.204.231.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.231.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-231-3.cdg3.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: eb30d640ae451dd7c92bcc97dc05c596cb5d5962fabdc702493ddd44994c9d51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=18000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 04 Jul 2023 17:30:25 GMT
link: <https://notfries.com/wp-json/>; rel="https://api.w.org/" <https://notfries.com/?p=4288>; rel=shortlink
server: nginx/1.12.1
via: 1.1 c04e95cc4381bc0a5e45bf722eb707c0.cloudfront.net (CloudFront)
x-amz-cf-id: cW6XryTeHopz7-G-7rYNITMZhRTfB71SEr43e0px3MedrL9R3RVEnA==
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
x-country-code: DE
x-fastcgi-cache: MISS
x-pingback
x-ua-device: pc

GET
H2 200 Not-Fries-1.png
d3lqr6uy4evi9q.cloudfront.net/wp-content/uploads/2021/04/14090422/ 7 KB
8 KB 108ms
48ms Image
image/webp 2600:9000:2113:7a00:1c:615b:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3lqr6uy4evi9q.cloudfront.net/wp-content/uploads/2021/04/14090422/Not-Fries-1.png
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2113:7a00:1c:615b:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c07236b291a66fde5d434056c6f202a8229839a7f6c67362f57bef29e3938c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 22 May 2023 00:26:20 GMT
x-amz-version-id: 9VBDGFdXH88Nt6IQg.6ktO2mOO4F4Kp0
via: 1.1 866d9f0eb3772e2912781bd139212be2.cloudfront.net (CloudFront)
x-amz-request-id: T93F905DD3FX5NFQ
x-amz-cf-pop: CDG3-C1
age: 3776646
x-cache: Hit from cloudfront
content-length: 7496
x-amz-id-2: DsMxjgbEDuZr6LIYzegv8PA5bAJdBiKOeYIWZIeSQZhC9rjg43pG1idpbSvwlnyMVFspQLCqubijmTsOS7nCkIqkTvRhm1BO68i0NkqV3SY=
last-modified: Wed, 28 Jul 2021 10:44:39 GMT
server: AmazonS3
etag: "c7c591373d1c2b106061610750816367"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FewjP1qFdk8ofVJQdenhtWtxWTOeHsIXyQWsxVZuKFv3AFx6ZYA6Hg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 124ms
64ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d46a65f8c7e226146dbfe52215ef072fec99d7b17129fd45e926204651a82815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26275
x-xss-protection: 0
server: cafe
etag: 292 / 19542 / 31075787 / config-hash: 16290895573865757289
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 17:30:25 GMT

GET
H2 200 pub-7353738824405897 Show response
fundingchoicesmessages.google.com/i/ 147 KB
49 KB 64ms
35ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-7353738824405897?ers=1

Requested by

Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db491bce8ac28ec9c242ec4d1d08ac33324cd57973ed109f7382a6d7c289d16c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-W-5UwYtAnda9l1m_RWwgPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-W-5UwYtAnda9l1m_RWwgPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/dLuY7G83Pq8Kj/www.notfries.com/ 9 KB
3 KB 469ms
360ms Script
application/javascript 2600:9000:2171:6200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/dLuY7G83Pq8Kj/www.notfries.com/choice.js
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:6200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85e6f2b9be0e6604fb6e4a6e9782232f1191b780ed305630ae0e540b7514885f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:27 GMT
content-encoding: br
via: 1.1 d4a6e22bfb276f18612ccc6f7763ed5e.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 12:38:28 GMT
server: AmazonS3
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
etag: W/"84e539edbae8fb5477d5db3abe0747fb"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: uZwGJmnbPjxpoAGKird1J6EVs3QRi112Q2Ev3K-INtCDcwC_CoE-JQ==

GET
H2 200 tracker.js Show response
d2zayfmz8ahvp7.cloudfront.net/nf-dbae8f64-d116-48f2-b95e-9caf90a0393d/ 169 KB
50 KB 85ms
21ms Script
application/javascript 2600:9000:2304:0:19:4475:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zayfmz8ahvp7.cloudfront.net/nf-dbae8f64-d116-48f2-b95e-9caf90a0393d/tracker.js
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:0:19:4475:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c53e217c5ad3d2e55fb70f3c3c279c5e1eb9e32f8331a0d4720bfb214ee55bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: mrsBTRr6jtMUO8xmLMyDOt_FtssLtOE6
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
date: Tue, 04 Jul 2023 17:14:47 GMT
last-modified: Tue, 27 Jun 2023 13:45:11 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 1178
x-amz-server-side-encryption: AES256
etag: W/"c133fd3abe5d53d18cafcf1bbf6505ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 2ww44IWnxlt_vqgkjUe0PNAnPTMZuZkqlQ1b0sHtDxcdAGeVzkfY-g==

GET
H/1.1 200
OK uniclick.js Show response
lu9xve2c97l898gjjxv4.notfries.com/ 5 KB
5 KB 135ms
19ms Script
text/plain 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://lu9xve2c97l898gjjxv4.notfries.com/uniclick.js?attribution=firstclick&cookiedomain=&cookieduration=30&regviewonce=false
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: bffc974e244cf80e307eeebd9c606ab60e323323982ba5f039785321cb55508b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 04 Jul 2023 17:30:25 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 udm_tracker.js Show response
bid.underdog.media/ 1 KB
1 KB 94ms
18ms Script
application/x-javascript 2600:9000:248c:d600:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/udm_tracker.js
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:248c:d600:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea72f637a3dd70370eb8585edf0376e3e22ccf662c13b50face5a866ca815de9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:14:54 GMT
content-encoding: gzip
via: 1.1 15e6afc335dbbf726da2dd95038f862a.cloudfront.net (CloudFront)
last-modified: Thu, 13 Oct 2016 22:19:08 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-P1
age: 94532
etag: "053882241b1cdf24840f26ce79958539"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 764
x-amz-cf-id: Ohepw1pSbraLx1rq4uzBp6no61a68tyYk0IdB1SdhYsF1Q8OYBTGyg==

GET
H2 200 latest.js Show response
static.kueezrtb.com/ 257 B
680 B 49ms
17ms Script
application/javascript 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kueezrtb.com/latest.js
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8bd32342b76da9f3ee296fa3f2ef4a8945997a532de65a027cc4b20d5be89f

Request headers

Referer: https://notfries.com/
Origin: https://notfries.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:25 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 30VPSQZSAFNT7KF7
age: 115046
x-amz-id-2: BuDK/+1otqsWIbjllAguH60kpd0+0vi9q61H4QZ1yL/GCS/YSjE5zmLCAmv5m/E/93FM8j0WMCg=
last-modified: Sun, 26 Mar 2023 12:27:20 GMT
server: cloudflare
etag: W/"110a74acd7fdbc0c2a553dc3568785bf"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
cache-control: max-age=31536000
cf-ray: 7e1918978ca79a1e-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 201 KB
61 KB 39ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7FMDLQ

Requested by

Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62fddefd59db7b7d2821b09bddcfd653013b67e1ae0a88cfa2b8016749de7888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62408
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Jul 2023 17:30:25 GMT

POST
H2 200 / Show response
dz3kk72128dko.cloudfront.net/cm_minder_tracking/ 149 B
556 B 160ms
101ms XHR
text/html 2600:9000:2117:5200:1f:4e6f:2e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dz3kk72128dko.cloudfront.net/cm_minder_tracking/
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2117:5200:1f:4e6f:2e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: gunicorn /
Resource Hash: 3106baafe101b370a674e071effdfc6de0948f5bec120d66ffac5e2f3c5f8c6b

Request headers

Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jul 2023 17:30:25 GMT
via: 1.1 50fe359d704e2db97a226367d34cf076.cloudfront.net (CloudFront)
server: gunicorn
x-amz-cf-pop: CDG50-C1
access-control-max-age: 21600
access-control-allow-methods: GET, OPTIONS, HEAD, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 149
x-amz-cf-id: MVcRmY9oadGJ0eD62hJi31sQnI5VyMN8e7aEfIa6E9wJC7EPhRysdw==

GET
H2 200 infinite-scroll-1-1-9.js Show response
d1upt0rqzff34l.cloudfront.net/infinite_scroll/ 43 KB
9 KB 81ms
17ms Script
text/javascript 52.222.196.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1upt0rqzff34l.cloudfront.net/infinite_scroll/infinite-scroll-1-1-9.js
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-226.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9430f4fc80ec3d3c487478e5fd9636b84df6c5822ec593ea7954dc9d524a3786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 06:25:08 GMT
content-encoding: gzip
via: 1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
last-modified: Mon, 12 Jun 2023 11:46:09 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P2
age: 39917
x-amz-server-side-encryption: AES256
etag: W/"5fb21b891dd2f62f8c3c362f10decaed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: ZBkyGXg3P7lnxdF9HPfL1C6ONRRDshfWlOhwu5Ty8A2JWTzLBPSkDQ==

GET
H2 200 28.jpg
d2dfm87p04h1zk.cloudfront.net/wp-content/uploads/2022/09/20142839/ 118 KB
119 KB 109ms
41ms Image
image/webp 2600:9000:218c:2400:1e:9fbe:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2dfm87p04h1zk.cloudfront.net/wp-content/uploads/2022/09/20142839/28.jpg
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:2400:1e:9fbe:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b88959d7dc34cc1341974836013047cc9ca5b66d6260d2eb2976b88e242ebf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 26 May 2023 04:43:35 GMT
x-amz-version-id: rEA46E.ZN6OjHizaDDB5_1Ika1d1Ou63
via: 1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
x-amz-request-id: RMQZ24RTT6EECFDW
x-amz-cf-pop: CDG50-P1
age: 3415611
x-cache: Hit from cloudfront
content-length: 121196
x-amz-id-2: N4dmC98foBOIPr2kkdJxMX6Uci3g5dTuWxN4Zia1tgVQcYhoklfIxZH6re8MACRu2HKdl0/UCGE=
last-modified: Tue, 20 Sep 2022 14:28:43 GMT
server: AmazonS3
etag: "820676cd6b4163064c44e81592a613f7"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7Fo3NQdheIgZAi-9we93_s5FPgmlP0SSj4ARaHZtGSYItXOP7KPP7g==

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1021215/ 90 KB
26 KB 45ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1021215/tfa.js
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 215f7430f19f827a59a6fa59221a2df0b028268fb0c398375160c6724ec6bbb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: dNAeK8pYkyp_e92np70NBEjIjOjnTYyv
content-encoding: gzip
via: 1.1 varnish
date: Tue, 04 Jul 2023 17:30:25 GMT
x-amz-request-id: EE84EANJ09HNPB3X
age: 33
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 25975
x-amz-id-2: HGsniEDhVrjBSpvvm25gMrQ1bpigbS05pf70NuoKbHIhcXTWM2o07/KnWse9Zs4Rg/NqlCKJ0eo=
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Sun, 02 Jul 2023 11:11:08 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688491826.890821,VS0,VE3
etag: "5284ed53c4674496285f88862ed01bf3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 8
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/crunchmind-network/ 703 KB
62 KB 35ms
9ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/crunchmind-network/loader.js
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ef411999ee1c3ae72b6344500f55c6b9781869376887ca3c30179630f354688

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: rMsKN18MSLZ1GXh4DfZJa4dgdxuHggKi
content-encoding: gzip
via: 1.1 varnish
date: Tue, 04 Jul 2023 17:30:25 GMT
x-amz-request-id: 3WBXFHZ6VY826TPM
age: 31
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 62877
x-amz-id-2: TUib0uxkBjEnoDMUGx1QZTpD0Jrn6vt9PO+ARSo650eFKf3IqSUynDPWg8QX/4ZRJqKsRAdnlLc=
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Mon, 03 Jul 2023 09:27:07 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688491826.891002,VS0,VE2
etag: "a0a72773a3d29752bfdc4ff0e5c59cf3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 63
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-602153588

Requested by

Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6190d86c4303ef10ef87ab4507ce1ccbeef00f74f143c689b9be8e39a77585c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70995
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Jul 2023 17:30:25 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 162ms
22ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:28:47 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 8ZJFF345G6Z220H0
age: 100
x-amz-server-side-encryption: AES256
x-amz-id-2: J7cO2+V5Frj2D4RoiuVGUppzBbPH32R0rRxXgQ6+TYeXTl2c31BWJ4U1PHODFlqLvoKRTfnOwiI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 prebid-1527060738.js Show response
d1upt0rqzff34l.cloudfront.net/NF/ 650 KB
196 KB 22ms
20ms Script
application/javascript 52.222.196.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1upt0rqzff34l.cloudfront.net/NF/prebid-1527060738.js?v=1
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-226.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74d8f47dc939708f670840e55d9c6df7e6740004a479fbab8d5287a45360ad91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 05:09:10 GMT
content-encoding: gzip
via: 1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
last-modified: Mon, 27 Mar 2023 11:46:26 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P2
age: 44476
x-amz-server-side-encryption: AES256
etag: W/"7a83ac3082584b1bf61124955eff4ca3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Y-v8EHLg44WWLb5Epob3K1-dmTciJiuYyA65tDWB8Kunx2rzB5QM9w==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 236 KB
58 KB 52ms
11ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:24:03 GMT
content-encoding: gzip
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 383
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: mMWp3CARMnXKC2CEVa1aB5SiUcgxFMgFg1jV5yQYyaVhjal6H3ozLw==

GET
DATA 200
OK truncated
/ 191 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97b65c1796c217dc5f777d2df480ac5c3eb0701c98e9233e9ff1ef5171f6c08c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 23 KB
7 KB 71ms
8ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FMDLQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4b8f2b177e73f0072f1c899e85882e5b8b72c4bfdec8e1d9d431b163079dc8d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 04 Jul 2023 17:30:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jun 2023 11:53:16 GMT
Server: AkamaiNetStorage
ETag: "afd3aec78079479ef637fa1e1a4ddf26:1687780675.57663"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7020
Expires: Tue, 04 Jul 2023 17:50:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1JZ77SVV6L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FMDLQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7187f26be6c5864e26711959336657253723f5a93b292a96e2286cbe944de74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79093
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 04 Jul 2023 17:30:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-602153588&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FMDLQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a267b966a6b2802387a00f112cfd43f90c860c389c025b513d2420cd15af530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71040
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Jul 2023 17:30:25 GMT

GET
H2 200 42.jpg
d2dfm87p04h1zk.cloudfront.net/wp-content/uploads/2022/09/20142808/ 112 KB
112 KB 73ms
73ms Image
image/webp 2600:9000:218c:2400:1e:9fbe:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2dfm87p04h1zk.cloudfront.net/wp-content/uploads/2022/09/20142808/42.jpg
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:2400:1e:9fbe:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45a6e2f90c6ca7ca372119346896d189825b2c032e7f34688d5ae1503146857d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:07:44 GMT
x-amz-version-id: emALn1jKr0NLCAE0HukAvCIMvSbPHIg9
via: 1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
x-amz-request-id: 3AKDMHJ1P04JZDRE
x-amz-cf-pop: CDG50-P1
age: 3774162
x-cache: Hit from cloudfront
content-length: 114284
x-amz-id-2: WmjNMig5WKmDtfvp1fO/z2EV2NanQwl9iDvZq/a++fa7zlVgEU0IWrIUwB2csxlt+BcUnGOBZos=
last-modified: Tue, 20 Sep 2022 14:28:12 GMT
server: AmazonS3
etag: "7c2b08e95ac6028afa77cab994e73a2f"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Z0doP9Qs15mYv8pJzJkloWXTt5yrkzXm6Fm0-KsBtk7WU1Al_nV-yQ==

GET
H2 200 110.jpg
d2dfm87p04h1zk.cloudfront.net/wp-content/uploads/2022/09/20142803/ 152 KB
153 KB 91ms
90ms Image
image/webp 2600:9000:218c:2400:1e:9fbe:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2dfm87p04h1zk.cloudfront.net/wp-content/uploads/2022/09/20142803/110.jpg
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:2400:1e:9fbe:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd705474a5d0af5981c8f54ba49ab48d1774a67b29064df01df62acc3b2650a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 11 May 2023 00:57:51 GMT
x-amz-version-id: J2dHVNss5XKp9khzK0KjMkemmIksGbJL
via: 1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
x-amz-request-id: Z7S4SZA0YKA0VSMF
x-amz-cf-pop: CDG50-P1
age: 4725155
x-cache: Hit from cloudfront
content-length: 155694
x-amz-id-2: d44MviB1+uUvBmzfuHG9SmuW6nLkl+YulayK3zF/ZymU/505xX6+b6NowTNU1wSFTvUWguO+Wnxo/UQXTN6BcQ==
last-modified: Tue, 20 Sep 2022 14:28:07 GMT
server: AmazonS3
etag: "fdb134f9b908b87b5b273835c7324e8b"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: QleXAgIL8LODlORNT4_rEtAIghNL-lBD9kw0MY9ZhZoPJ58DYHwbAg==

GET
H2 200 51.jpg
d2dfm87p04h1zk.cloudfront.net/wp-content/uploads/2022/09/20142809/ 73 KB
73 KB 83ms
83ms Image
image/webp 2600:9000:218c:2400:1e:9fbe:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2dfm87p04h1zk.cloudfront.net/wp-content/uploads/2022/09/20142809/51.jpg
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:2400:1e:9fbe:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca0faf9b67d90392fc162a99240cc03d7b92ad4146ec2c8aad5aed47174f8a73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:35:59 GMT
x-amz-version-id: GKfK0VLPHlukj6MmPGgC7m_r30RzUpzY
via: 1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
x-amz-request-id: C7HA4DEBGB9B5RBC
x-amz-cf-pop: CDG50-P1
age: 4121667
x-cache: Hit from cloudfront
content-length: 74436
x-amz-id-2: nGmMO+PNKmGomJ9jD12/fXa7GZCNa0uJPc0XWpaLwQw74OwF8WyjpHWdDmOwRGqfwgxA1l7NnJE=
last-modified: Tue, 20 Sep 2022 14:28:13 GMT
server: AmazonS3
etag: "8f059ade151cacc7e584f811715a33f5"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 34X1zSYcuZaZ81glU5-35u21pOqON4NB8gFgb4q-N5SsZr7eVm3zKQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 392 KB
125 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075787

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 16:36:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3249
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 03 Jul 2024 16:36:16 GMT

POST
H2 200 / Show response
dz3kk72128dko.cloudfront.net/cm_minder_tracking/ 156 B
562 B 109ms
108ms XHR
text/html 2600:9000:2117:5200:1f:4e6f:2e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dz3kk72128dko.cloudfront.net/cm_minder_tracking/
Requested by: Host: d2zayfmz8ahvp7.cloudfront.net
URL: https://d2zayfmz8ahvp7.cloudfront.net/nf-dbae8f64-d116-48f2-b95e-9caf90a0393d/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2117:5200:1f:4e6f:2e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: gunicorn /
Resource Hash: 9fcbbba4ebb561fea43f9a465b6e3aafbd5a50a1e51a7e8814dfe03eddb90f3d

Request headers

Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
via: 1.1 50fe359d704e2db97a226367d34cf076.cloudfront.net (CloudFront)
server: gunicorn
x-amz-cf-pop: CDG50-C1
access-control-max-age: 21600
access-control-allow-methods: HEAD, GET, OPTIONS, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 156
x-amz-cf-id: 58tcjGAf6q06pcNcDTi3KFA-bqYrrhngg8HiSp2jnkPKCxkZAcTkBA==

GET
H2 200 tr
www.facebook.com/ 0
185 B 31ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=2297731100247158&ev=PageView&noscript=1

Requested by

Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Jul 2023 17:30:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 json Show response
trc.taboola.com/1021215/trc/3/ 2 KB
2 KB 44ms
27ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1021215/trc/3/json?tim=1688491826002&data=%7B%22id%22%3A432%2C%22ii%22%3A%22%2Ftrending%2Fcelebrities-changing-looks-syn%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1688491825980%2C%22cv%22%3A%2220230702-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcrunchmind-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1688491826001%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F%22%2C%22tos%22%3A20%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1021215/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dd5c90d54de0336f121cb7c663a1b1090a55fb8ad3c1179d664923a808713aa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 20
date: Tue, 04 Jul 2023 17:30:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7669
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230063-FRA
server: nginx
x-timer: S1688491826.022514,VS0,VE20
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/602153588/ 3 KB
2 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/602153588/?random=1688491826015&cv=11&fst=1688491826015&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&hn=www.googleadservices.com&frm=0&tiba=45%2B%20Celebrities%20Who%20Spent%20a%20Fortune%20Changing%20Their%20Looks&us_privacy=error&auid=351102440.1688491826&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-602153588&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30f11350f1ef2647417b79f8eea78defdedfb96420ab0074ce3176d81d88a150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jul 2023 17:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.20230702-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 784 KB
163 KB 7ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230702-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/crunchmind-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 713c1febf6652315a352173ca5d8b84c2360a8581de2b966edb09c2cb92c48f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: c2ylfPoDZp3jnzZXBwwN81L6rXDdm0Qw
content-encoding: br
via: 1.1 varnish
date: Tue, 04 Jul 2023 17:30:26 GMT
x-amz-request-id: GM2KZXWSVJPE9QPC
age: 28425
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 166013
x-amz-id-2: o0sTp/iotV/rYTE4jIlCCSiyiqYxYTmYH9ao7vkhPaJ0RKZlKGk7D/MJCawZR9ctJNiP9BIiay4=
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Sun, 02 Jul 2023 09:28:56 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688491826.054507,VS0,VE0
etag: "2ecbba8c7a0f1c2a29795dd93a595afe"
vary: Accept-Encoding
content-type: application/javascript
abp: 98
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 94339

POST
H2 204 collect
region1.google-analytics.com/g/ 0
242 B 44ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1JZ77SVV6L&gtm=45je36s0&_p=1085693037&cid=1678130367.1688491826&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688491826&sct=1&seg=0&dl=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&dt=45%2B%20Celebrities%20Who%20Spent%20a%20Fortune%20Changing%20Their%20Looks&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1JZ77SVV6L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jul 2023 17:30:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://notfries.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
lu9xve2c97l898gjjxv4.notfries.com/ 0
0

GET
H2 200 latest.js Show response
static.kueezrtb.com/js/ 201 KB
86 KB 41ms
23ms Script
application/javascript 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kueezrtb.com/js/latest.js?_=1688491826076
Requested by: Host: static.kueezrtb.com
URL: https://static.kueezrtb.com/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 563b6254e69fb2c284e3bf69178bb83324b83d0acee3bbac4a7d35b931bbe08d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 Jul 2023 09:24:28 GMT
server: cloudflare
x-amz-request-id: S8HQ3NC6ZAPHXPJ0
age: 115388
etag: W/"9e44fba5bb8da1b6dec7cad6df9b585c"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7e1918991adc2c4e-FRA
x-amz-id-2: KM5DvrOnLVOvbNSc2fouOiOnJ7N5Cvdfem/yyVXQmVaRalduL9S5KVduYPIbnD1vVX+DT45q+IA=

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 391ms
92ms Script
application/javascript 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00469fd161adcdd7d7ad24a541e5cfd5a7,0028e90743984e005c483b41957154912f,%2000d29ec51d69467722416a5b7826381ba1,%2000363edd9fb4d1d9dee70c57f6fe5c3de0,%20005ebb204af56d595ea6a43361d8c8171c,%20002769b1f2fcfa63f219f324fe15697a3c,%20007413bf9543d4a41d9b734d4e0962d8b5,%20002d557a18b898f15b241470f122248d84,%20008f515039fcd35c9eac107c8042c939d1,%20009fb30638d4123073641afb537df39454,%20009553cd6db27036e01f708c24c97eb903,%20000c9e53feccdd0edc3ff2d432a52a7354,%2000060ee40abc4e1648275bcb5846ef73e5,%200095dcf5f59f88ea6d927aa99078a46293,%20008be26f322f061bc083bc13603c2bb195,%2000039cb6cbdb6036668c6293545f52cb54,%2000403243aa4601d4519bed326fd5a94a4f,%200000fad228f54463d7b8616bb3d4aa5918,%200061d90b9b29422cbfaf2cd2873c8691ef,%20002df01fa712fd660f9f99c35f9aa7bc3d,%200031910f1813fa8b2a57125ff7fcb2ab27,%2000fcdf3d5007106014db1efaf25d3f839d,%2000a6ab0332c2749fb764bff5b471278b69
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 04 Jul 2023 17:30:26 GMT
X-TraceId: 500905324179e98b18f035ab4215bcc5
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 504
Gateway Time-out 00469fd161adcdd7d7ad24a541e5cfd5a7
wave.outbrain.com/mtWavesBundler/handler/ 0
0 46ms
7ms Script
text/html 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/00469fd161adcdd7d7ad24a541e5cfd5a7
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 10ms
10ms XHR
application/json 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnotfries.com&pubid=97ffba2c-b3ce-4eed-a256-16877174179b
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 10c39b67ec506bf07df99ea82dc06bca091441bb675259bcec8078c43da81933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 12:03:25 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 19620
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://notfries.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1525
x-amz-cf-id: iLp4dfj8a6g8h_zVWvSQMB4HWjU1edRm5ClssGlX5epAWSfPQPfSMQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 26ms
8ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
date: Tue, 04 Jul 2023 06:11:13 GMT
x-amz-cf-pop: FRA2-C1
age: 43198
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 2SHX3M2RLqxGBpZImcVVWL58dpvhhIqH7TjBiq6QLUzBsAlI8u-oNQ==

GET
H2 200 /
www.google.com/pagead/1p-user-list/602153588/ 42 B
455 B 43ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/602153588/?random=1688491826015&cv=11&fst=1688490000000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&frm=0&tiba=45%2B%20Celebrities%20Who%20Spent%20a%20Fortune%20Changing%20Their%20Looks&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2400880452&rmt_tld=0&ipr=y

Requested by

Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jul 2023 17:30:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/602153588/ 42 B
455 B 64ms
19ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/602153588/?random=1688491826015&cv=11&fst=1688490000000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&frm=0&tiba=45%2B%20Celebrities%20Who%20Spent%20a%20Fortune%20Changing%20Their%20Looks&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2400880452&rmt_tld=1&ipr=y

Requested by

Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jul 2023 17:30:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10007617.json Show response
s.yimg.com/wi/config/ 46 B
679 B 220ms
178ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10007617.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

d4422d3c98e3106dc6516de0f1c02ba5a73ac3f3cee4ed95a3de65a7a1bdd1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:27 GMT
x-amz-version-id: WJuXu5r0PnEHNSgLZZT7U6sOOJ9fTVYF
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 8SX6ZPC71AW8SH74
age: 0
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: Q8FCHKJAT8PPYb3cpuiTKD+05xAq4pwfulTOBpk9jhxo0hDRjLUEThhgIBsK1CbswRQvWke0waU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Mon, 05 Aug 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sat, 01 Jul 2023 15:56:26 GMT
server: ATS
etag: "1f21b8d73b58e30e376ed508feda640d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 93ms
29ms Script
application/javascript 23.57.19.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-19-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Tue, 04 Jul 2023 17:45:26 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 38 KB
12 KB 68ms
20ms Script
text/javascript 108.139.243.8

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.8 , United States, ASN (),
Reverse DNS: server-108-139-243-8.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 05:20:10 GMT
content-encoding: gzip
via: 1.1 8a18f55d51efc3ad7cf529879a3478f4.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:15 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P3
age: 43817
x-amz-server-side-encryption: AES256
etag: W/"560498a44e7d42477433425cdafd6a16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Yq7IriFXQNh6JdhB56r1HnDQ6cGUOmFFpwqTqbjkKVbcFGaxvfdUkw==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
25 KB 47ms
20ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: D2X6DF7ATZPYTGQG
age: 242
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e191899e84c6940-FRA
x-amz-id-2: OVinct3xhDAIKwiVr67tGL3lwTch/pIHG2WDbU2H4Ihvr8233IlGAZQ6O/pQZg45mOWY8AFO+eg=

GET
H2 200 fpd Show response
u.kueezrtb.com/ 72 B
183 B 120ms
102ms XHR
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://u.kueezrtb.com/fpd?_=1688491826254&yv=26a0665
Requested by: Host: static.kueezrtb.com
URL: https://static.kueezrtb.com/js/latest.js?_=1688491826076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ca4570c433c15920d3ccc9b8143d09c59987df5ab1e83217388bf2037f52d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 Jul 2023 17:30:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e19189a387f9a1e-FRA
content-length: 97

GET
H2 204 dye
track.kueezrtb.com/ 0
31 B 119ms
110ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=2b876c7cb63ab1d7&sid=25b2a36fac43147e&pvi=329719761dd35f05&h=notfries.com&wh=1600x1200&b=Chrome&bv=114.0.5735.198&dev=&os=Windows%2010&p=&uri=%2Ftrending%2Fcelebrities-changing-looks-syn%2F&furl=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&sr=1600x1200&type=latest:init&_=1688491826253
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e19189a2c6b2c4e-FRA

GET
H2 204 dye
gtrack.kueezrtb.com/ 0
31 B 143ms
134ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=2b876c7cb63ab1d7&sid=25b2a36fac43147e&pvi=329719761dd35f05&h=notfries.com&wh=1600x1200&b=Chrome&bv=114.0.5735.198&dev=&os=Windows%2010&p=&uri=%2Ftrending%2Fcelebrities-changing-looks-syn%2F&furl=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&sr=1600x1200&type=latest:init&_=1688491826253
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e19189a2c672c4e-FRA

GET
H2 204 dye
track.kueezrtb.com/ 0
38 B 114ms
106ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=2b876c7cb63ab1d7&sid=25b2a36fac43147e&pvi=329719761dd35f05&h=notfries.com&wh=1600x1200&b=Chrome&bv=114.0.5735.198&dev=&os=Windows%2010&p=&uri=%2Ftrending%2Fcelebrities-changing-looks-syn%2F&furl=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&sr=1600x1200&type=latest:fpdr&_=1688491826254
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e19189a2c6c2c4e-FRA

GET
H2 204 dye
gtrack.kueezrtb.com/ 0
31 B 139ms
130ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=2b876c7cb63ab1d7&sid=25b2a36fac43147e&pvi=329719761dd35f05&h=notfries.com&wh=1600x1200&b=Chrome&bv=114.0.5735.198&dev=&os=Windows%2010&p=&uri=%2Ftrending%2Fcelebrities-changing-looks-syn%2F&furl=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&sr=1600x1200&type=latest:fpdr&_=1688491826254
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e19189a2c692c4e-FRA

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 110ms
31ms XHR
application/json 54.246.206.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.206.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-206-91.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c7a96024f43ca102145bf145c7aec3b46bd7822a9e78c7e7d09cdd635e2176d1

Request headers

Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 04 Jul 2023 17:30:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://notfries.com
cache-control: no-cache
x-server: 10.45.23.215
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/47/ 178 KB
47 KB 57ms
19ms Script
text/javascript 2600:9000:2171:f200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/47/cmp2.js?referer=www.notfries.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/dLuY7G83Pq8Kj/www.notfries.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:f200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 08:07:03 GMT
content-encoding: gzip
via: 1.1 35edfe00d0c28f55b85d2366a87b40f8.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
age: 33864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Fri, 19 May 2023 14:04:01 GMT
server: AmazonS3
etag: W/"f95487cc7143663d91de3ec4a26c4beb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: 0D5D-4PWNeM2uIdqOWrxS6FYsF95anmniKeuScM28ugawCGuEsG7Ig==

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 87ms
18ms XHR
application/json 2600:9000:25e9:b200:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/47/cmp2.js?referer=www.notfries.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25e9:b200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2af829cf137a36f0f8c8cb211a670fbc318b5ab7558129c180108c372f6a67a

Request headers

Accept: application/json, text/plain, */*
Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 03:00:42 GMT
x-amz-version-id: hA2XCaIOlmaZPc0Ss3Dtm8WRHfKsPaXx
content-encoding: gzip
via: 1.1 8658ad5cea5eec111b2c1a690caa2eda.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P1
age: 52185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 28 Jun 2023 19:52:29 GMT
server: AmazonS3
etag: W/"d33696a1c604f10186cbfd928cc014ee"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: U819j5eoTtdzqiK8gxcQJeFOaO4TDdiNc821tQ2EtUE_PgxjoMxZ1Q==

GET
H2 204 dye
track.kueezrtb.com/ 0
31 B 105ms
105ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=2b876c7cb63ab1d7&sid=25b2a36fac43147e&pvi=329719761dd35f05&h=notfries.com&wh=1600x1200&b=Chrome&bv=114.0.5735.198&dev=&os=Windows%2010&p=&uri=%2Ftrending%2Fcelebrities-changing-looks-syn%2F&furl=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&sr=1600x1200&type=latest:fpdrd&_=1688491826403
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e19189b0da02c4e-FRA

GET
H2 204 dye
gtrack.kueezrtb.com/ 0
31 B 129ms
128ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=2b876c7cb63ab1d7&sid=25b2a36fac43147e&pvi=329719761dd35f05&h=notfries.com&wh=1600x1200&b=Chrome&bv=114.0.5735.198&dev=&os=Windows%2010&p=&uri=%2Ftrending%2Fcelebrities-changing-looks-syn%2F&furl=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&sr=1600x1200&type=latest:fpdrd&_=1688491826403
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e19189b0da22c4e-FRA

POST
H3 204 AGSKWxU8h-wjoIYnSPeGucs-tbmPHIKL-3GWpf6HUxmqLUjRzrj57CyxLehz5Gfe3SqsGNNIeiUC8Ps3KsTpviriekc= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 39ms
23ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU8h-wjoIYnSPeGucs-tbmPHIKL-3GWpf6HUxmqLUjRzrj57CyxLehz5Gfe3SqsGNNIeiUC8Ps3KsTpviriekc=?pvid=EA984895-228D-48F8-BC38-2C23FE651DC7

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.s_Q7BIr4kSI.es5.O/d=1/rs=AJlcJMwX0nD7VFrDSO2JXGbSdZmU4e0a0g/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zt5BdDt7lJ2jJL6z6XCsCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-Zt5BdDt7lJ2jJL6z6XCsCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://notfries.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUKgN8hrqRRsPV8tsvNrI_q3rEZvmXZ1UlIXxy3VzVNjvrFZW8aGVmqMr0oSpeAsS9FtejQFZpKWAX3ALtT79M= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUKgN8hrqRRsPV8tsvNrI_q3rEZvmXZ1UlIXxy3VzVNjvrFZW8aGVmqMr0oSpeAsS9FtejQFZpKWAX3ALtT79M=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg4NDkxODI2LDQ2OTAwMDAwMF0sIkVBOTg0ODk1LTIyOEQtNDhGOC1CQzM4LTJDMjNGRTY1MURDNyIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vbm90ZnJpZXMuY29tL3RyZW5kaW5nL2NlbGVicml0aWVzLWNoYW5naW5nLWxvb2tzLXN5bi8iLG51bGwsW1s4LCJzX1E3QklyNGtTSSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFs3LCIxMyJdLFsxMSwiW1tdLFtcIjY5MDEyODYxMzAwODk1MDEzNDJcIl0sW11dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

034857c45b2029ce126e713cbc019daa662281d7103d623c07bbf20795db8913

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ToL0sStV_cV-ewQdiAFOrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ToL0sStV_cV-ewQdiAFOrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/47/ 248 KB
61 KB 20ms
20ms Script
text/javascript 2600:9000:2171:6200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/47/cmp2.js?referer=www.notfries.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:6200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:44:24 GMT
content-encoding: br
via: 1.1 d4a6e22bfb276f18612ccc6f7763ed5e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
age: 92763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Fri, 19 May 2023 14:04:10 GMT
server: AmazonS3
etag: W/"556bc7ca21432cc0628ff6f67a5e09bc"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: uOyYAxiTqh8ho1OTrnLzfI9vcZDpMUJ5EvObZhUpAP2TFaEdX_roug==

GET
H2 200 vendor-list-trimmed-v1-tmp.json Show response
cmp.quantcast.com/GVL-v2/ 353 KB
43 KB 55ms
20ms XHR
application/json 2600:9000:2171:6200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1-tmp.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/47/cmp2.js?referer=www.notfries.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:6200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0f3143f3ecea93e92391e08de3461a779d9c5094241779ccf1b57665a081133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 03:00:42 GMT
content-encoding: br
via: 1.1 9551d2053009d30092446f10802ce2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
age: 52185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Fri, 19 May 2023 13:17:10 GMT
server: AmazonS3
etag: W/"3bbcdaed7cdab54742c76eb6b3acaff4"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: CaWB_IrcPvpVoTkD_2_r9MQlTKIOdLs1ex8eRzF6glsypU0yGIA_Zg==

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 134ms
88ms Image
image/gif 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=017302190399399486&referrer=&cht=tcf&marketerId=00469fd161adcdd7d7ad24a541e5cfd5a7%2C0028e90743984e005c483b41957154912f%2C%2000d29ec51d69467722416a5b7826381ba1%2C%2000363edd9fb4d1d9dee70c57f6fe5c3de0%2C%20005ebb204af56d595ea6a43361d8c8171c%2C%20002769b1f2fcfa63f219f324fe15697a3c%2C%20007413bf9543d4a41d9b734d4e0962d8b5%2C%20002d557a18b898f15b241470f122248d84%2C%20008f515039fcd35c9eac107c8042c939d1%2C%20009fb30638d4123073641afb537df39454%2C%20009553cd6db27036e01f708c24c97eb903%2C%20000c9e53feccdd0edc3ff2d432a52a7354%2C%2000060ee40abc4e1648275bcb5846ef73e5%2C%200095dcf5f59f88ea6d927aa99078a46293%2C%20008be26f322f061bc083bc13603c2bb195%2C%2000039cb6cbdb6036668c6293545f52cb54%2C%2000403243aa4601d4519bed326fd5a94a4f%2C%200000fad228f54463d7b8616bb3d4aa5918%2C%200061d90b9b29422cbfaf2cd2873c8691ef%2C%20002df01fa712fd660f9f99c35f9aa7bc3d%2C%200031910f1813fa8b2a57125ff7fcb2ab27%2C%2000fcdf3d5007106014db1efaf25d3f839d%2C%2000a6ab0332c2749fb764bff5b471278b69&name=PAGE_VIEW&dl=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by: Host: notfries.com
URL: https://notfries.com/trending/celebrities-changing-looks-syn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/trending/celebrities-changing-looks-syn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 04 Jul 2023 17:30:26 GMT
Cache-Control: no-cache
X-TraceId: e7ccd0fec1f77ebc5aac45363378469f
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 151 KB
35 KB 72ms
37ms XHR
application/json 2600:9000:2171:6200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/47/cmp2.js?referer=www.notfries.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:6200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept: application/json, text/plain, */*
Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 03:00:29 GMT
content-encoding: br
via: 1.1 9551d2053009d30092446f10802ce2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
age: 52197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Jul 2023 03:00:26 GMT
server: AmazonS3
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Tcfi_XOgykrYZ8GkkZkRQXI948033Lj07Ub3QbP4o5SApU7tDQD2pw==

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 67ms
8ms XHR
text/plain 18.196.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22dLuY7G83Pq8Kj%22%2C%22domain%22%3A%22notfries.com%22%2C%22publisher%22%3A%22notFries%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.47%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22qZywudfTKDeNOEff4zE9XQ%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1688491826543%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-rzlqkpv0c550cijno655%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.78.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-78-23.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 Jul 2023 17:30:26 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
303 B 58ms
14ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230702-3-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 241272
expires: 60

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 55ms
55ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.057746481499813

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-0eROLv7zmhHu-AkdV-BM4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-0eROLv7zmhHu-AkdV-BM4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 24ms
23ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.8236706561952396

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-BbG9HGNiUlfSWBvEkPywCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-BbG9HGNiUlfSWBvEkPywCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUNSc5T3C7tQ-mx13LRRH0RdN3fr94CW1iFWXH_vccHcGlJ-TscgfYMQtSBEM_AzG61ZsJn9ct2RPqgt8-3-2xsKB-kyw_X10MjA6T5QYKRsssONZ2IkPmb_ZaX7Z2r5UzqOPTrCw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 29ms
28ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUNSc5T3C7tQ-mx13LRRH0RdN3fr94CW1iFWXH_vccHcGlJ-TscgfYMQtSBEM_AzG61ZsJn9ct2RPqgt8-3-2xsKB-kyw_X10MjA6T5QYKRsssONZ2IkPmb_ZaX7Z2r5UzqOPTrCw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_abPanGAZexupnFijeGK-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jul 2023 17:30:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_abPanGAZexupnFijeGK-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://notfries.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1021215/log/3/ 0
244 B 107ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1021215/log/3/unip?en=pre_d_eng_tb&tos=1663&scd=0&ssd=1&est=1688491825982&ver=36&isls=true&src=i&invt=1500&msa=90993&rv=1&tim=1688491827644&vi=1688491825980&ri=d17da66cb1c3d2f809f7e11736804bdd&ref=null&cv=20230702-3-RELEASE&item-url=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1021215/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://notfries.com
pragma: no-cache
date: Tue, 04 Jul 2023 17:30:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 ad_600x160_=adscripts& Show response
fundingchoicesmessages.google.com/f/AGSKWxVHcXaxZn_2LuFMF0PAh0OdDFTVCSWo73RSfbxCh_KlkpO5LfkQ2YuxALE1LSTNA-BlBkLEJ3xQlDXJvCoI6L7GBED9m8AFokGMne-Qhcvb3nL3qAKIBaogi3yivC9DPnoPrphd0xSf-aIxowN1XlIyaILw-... 54 B
109 B 23ms
23ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVHcXaxZn_2LuFMF0PAh0OdDFTVCSWo73RSfbxCh_KlkpO5LfkQ2YuxALE1LSTNA-BlBkLEJ3xQlDXJvCoI6L7GBED9m8AFokGMne-Qhcvb3nL3qAKIBaogi3yivC9DPnoPrphd0xSf-aIxowN1XlIyaILw-Aqy2qHMBKf33ot0zoa7wP30QgbsEgVh/_/ero-1./adv/banner_/newAdsScript./ad_600x160_=adscripts&

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.s_Q7BIr4kSI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwX0nD7VFrDSO2JXGbSdZmU4e0a0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3989470f8a9009cc5c431d46748957c133e89e6ad01388cb4ed0346326288f6b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vveRtdX-mzUhf690s3KGSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-vveRtdX-mzUhf690s3KGSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
463 B 60ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 16:34:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 17:34:58 GMT

POST
H3 204 AGSKWxUNSc5T3C7tQ-mx13LRRH0RdN3fr94CW1iFWXH_vccHcGlJ-TscgfYMQtSBEM_AzG61ZsJn9ct2RPqgt8-3-2xsKB-kyw_X10MjA6T5QYKRsssONZ2IkPmb_ZaX7Z2r5UzqOPTrCw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 20ms
20ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUNSc5T3C7tQ-mx13LRRH0RdN3fr94CW1iFWXH_vccHcGlJ-TscgfYMQtSBEM_AzG61ZsJn9ct2RPqgt8-3-2xsKB-kyw_X10MjA6T5QYKRsssONZ2IkPmb_ZaX7Z2r5UzqOPTrCw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Sr8oXzgtCsXwXHB7OOJeYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jul 2023 17:30:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Sr8oXzgtCsXwXHB7OOJeYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://notfries.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUNSc5T3C7tQ-mx13LRRH0RdN3fr94CW1iFWXH_vccHcGlJ-TscgfYMQtSBEM_AzG61ZsJn9ct2RPqgt8-3-2xsKB-kyw_X10MjA6T5QYKRsssONZ2IkPmb_ZaX7Z2r5UzqOPTrCw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 21ms
21ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUNSc5T3C7tQ-mx13LRRH0RdN3fr94CW1iFWXH_vccHcGlJ-TscgfYMQtSBEM_AzG61ZsJn9ct2RPqgt8-3-2xsKB-kyw_X10MjA6T5QYKRsssONZ2IkPmb_ZaX7Z2r5UzqOPTrCw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yCLs_0PKXeS6FpkmBhB3Lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jul 2023 17:30:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yCLs_0PKXeS6FpkmBhB3Lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://notfries.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUNSc5T3C7tQ-mx13LRRH0RdN3fr94CW1iFWXH_vccHcGlJ-TscgfYMQtSBEM_AzG61ZsJn9ct2RPqgt8-3-2xsKB-kyw_X10MjA6T5QYKRsssONZ2IkPmb_ZaX7Z2r5UzqOPTrCw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
47ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUNSc5T3C7tQ-mx13LRRH0RdN3fr94CW1iFWXH_vccHcGlJ-TscgfYMQtSBEM_AzG61ZsJn9ct2RPqgt8-3-2xsKB-kyw_X10MjA6T5QYKRsssONZ2IkPmb_ZaX7Z2r5UzqOPTrCw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9zfAQhJ0TzP4lf13KlZ9kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jul 2023 17:30:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9zfAQhJ0TzP4lf13KlZ9kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://notfries.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUNSc5T3C7tQ-mx13LRRH0RdN3fr94CW1iFWXH_vccHcGlJ-TscgfYMQtSBEM_AzG61ZsJn9ct2RPqgt8-3-2xsKB-kyw_X10MjA6T5QYKRsssONZ2IkPmb_ZaX7Z2r5UzqOPTrCw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 20ms
20ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUNSc5T3C7tQ-mx13LRRH0RdN3fr94CW1iFWXH_vccHcGlJ-TscgfYMQtSBEM_AzG61ZsJn9ct2RPqgt8-3-2xsKB-kyw_X10MjA6T5QYKRsssONZ2IkPmb_ZaX7Z2r5UzqOPTrCw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1zSW8atsCTMiNFDtVZo4Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jul 2023 17:30:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1zSW8atsCTMiNFDtVZo4Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://notfries.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWpMFIQxVqJJ7IPKqsyMC-6a4zNqUQh0frFqRFQeRmzK4FI90p1lgyog9YwnWSZ9R1LAVrZE1kIhrGvXLf9zRRYzC04NT9TiO7VgH-_502QB3Nv3iYuKXQ5fQ_vrma4bHgFXErN2A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 91ms
91ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWpMFIQxVqJJ7IPKqsyMC-6a4zNqUQh0frFqRFQeRmzK4FI90p1lgyog9YwnWSZ9R1LAVrZE1kIhrGvXLf9zRRYzC04NT9TiO7VgH-_502QB3Nv3iYuKXQ5fQ_vrma4bHgFXErN2A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg4NDkxODI4LDI0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbm90ZnJpZXMuY29tL3RyZW5kaW5nL2NlbGVicml0aWVzLWNoYW5naW5nLWxvb2tzLXN5bi8iLG51bGwsW1s4LCJzX1E3QklyNGtTSSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFs3LCIxMyJdLFsxMSwiW1tdLFtcIjY5MDEyODYxMzAwODk1MDEzNDJcIl0sW11dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5015c70a1d0b9d48736fc17a65a3b86e06613363e5ebf754705e066a660b2a2a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5lT3_ck22rKYMT9AmsjPSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-5lT3_ck22rKYMT9AmsjPSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVt3wmK6-CLOl3hXbo3jrjwXU3ozLbu89iEm_vjwdwRSdPoaJckn-ToD5xyezlODR4w-ia6NiihOKv7ABF_uk7120GEyPL2aIGidnzIfBr3whx-QbDjynG5zjd1DzvATc4Q5gt4Hg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 19ms
19ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVt3wmK6-CLOl3hXbo3jrjwXU3ozLbu89iEm_vjwdwRSdPoaJckn-ToD5xyezlODR4w-ia6NiihOKv7ABF_uk7120GEyPL2aIGidnzIfBr3whx-QbDjynG5zjd1DzvATc4Q5gt4Hg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-esl-VeW0eGm8l611PR3-hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notfries.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jul 2023 17:30:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-esl-VeW0eGm8l611PR3-hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://notfries.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/602153588/ 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/602153588/?random=1688491829124&cv=11&fst=1688491829124&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&hn=www.googleadservices.com&frm=0&tiba=45%2B%20Celebrities%20Who%20Spent%20a%20Fortune%20Changing%20Their%20Looks&us_privacy=error&auid=351102440.1688491826&uamb=0&uaw=0&data=event%3DPV0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-602153588&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

217545ad1d00b52ba4809b436ad6a3424797c1e7617812c2a87c82eaf572b44c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jul 2023 17:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vwpt.js Show response
static.vidazoo.com/basev/ 226 KB
55 KB 61ms
17ms Script
application/javascript 2606:4700:4400::6812:2bda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vidazoo.com/basev/vwpt.js
Requested by: Host: d1upt0rqzff34l.cloudfront.net
URL: https://d1upt0rqzff34l.cloudfront.net/infinite_scroll/infinite-scroll-1-1-9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e01ea08ee3dc37382d7fa9f53f434ef2bd4ccf9925123076f115e1871faa97f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:29 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 0XE5ASS6FD5VKR3X
age: 19044
x-amz-server-side-encryption: AES256
content-length: 55553
x-amz-id-2: SGyiK0iTcZ0drkV3lVKkolZ9uiha7af+Ed8oX4GPqn1T5TxPslzvfUCZzSe8F0eI0TfQxo/tigc=
last-modified: Mon, 03 Jul 2023 12:13:02 GMT
server: cloudflare
etag: "ad0fc513e9e15ab47ea4101ebaafda20"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e1918ac5f6d5c92-FRA
access-control-allow-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires: Wed, 05 Jul 2023 17:30:29 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/602153588/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/602153588/?random=1688491829124&cv=11&fst=1688490000000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&frm=0&tiba=45%2B%20Celebrities%20Who%20Spent%20a%20Fortune%20Changing%20Their%20Looks&data=event%3DPV0&fmt=3&is_vtc=1&random=1024770246&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jul 2023 17:30:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/602153588/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/602153588/?random=1688491829124&cv=11&fst=1688490000000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F&frm=0&tiba=45%2B%20Celebrities%20Who%20Spent%20a%20Fortune%20Changing%20Their%20Looks&data=event%3DPV0&fmt=3&is_vtc=1&random=1024770246&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jul 2023 17:30:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tcf.js Show response
static.vidazoo.com/basev/tcf/1.0.1/ 7 KB
3 KB 18ms
17ms Script
application/javascript 2606:4700:4400::6812:2bda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vidazoo.com/basev/tcf/1.0.1/tcf.js
Requested by: Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a640f2ca97021053e13798a973e1ad440d808bb7ef0084001e17d251131c48e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:30:29 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: RPQF7RV3WDHF5H8B
age: 17128
x-amz-server-side-encryption: AES256
content-length: 2412
x-amz-id-2: CwlhIyWGECsHgzk+gGVgNY+sc6DQoZOw8QWXR9PyVEi5/3njDMGuI6wHjmn8cbNTCMZGyGJ4Dgk=
last-modified: Mon, 19 Jun 2023 12:38:59 GMT
server: cloudflare
etag: "8a4275d45bffa54fdd01152addd8e677"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e1918ac9fed5c92-FRA
access-control-allow-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires: Wed, 05 Jul 2023 17:30:29 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1021215/log/3/ 0
243 B 16ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1021215/log/3/unip?en=pre_d_eng_tb&tos=4664&scd=0&ssd=1&est=1688491825982&ver=36&isls=true&src=i&invt=3000&msa=90993&rv=1&tim=1688491830646&vi=1688491825980&ri=d17da66cb1c3d2f809f7e11736804bdd&ref=null&cv=20230702-3-RELEASE&item-url=https%3A%2F%2Fnotfries.com%2Ftrending%2Fcelebrities-changing-looks-syn%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1021215/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notfries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://notfries.com
pragma: no-cache
date: Tue, 04 Jul 2023 17:30:30 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lu9xve2c97l898gjjxv4.notfries.com
URL: https://lu9xve2c97l898gjjxv4.notfries.com/?format=json&referrer=&&sub19=undefined&sub20=undefined

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.notfries.com/	1970-01-20 15:11:07	Name: _gcl_au Value: 1.1.351102440.1688491826
.notfries.com/	1970-01-20 22:37:31	Name: _ga_1JZ77SVV6L Value: GS1.1.1688491826.1.0.1688491826.0.0.0
.notfries.com/	1970-01-20 22:37:31	Name: _ga Value: GA1.1.1678130367.1688491826
notfries.com/	1970-01-20 13:44:43	Name: udmsrc Value: %7B%7D
notfries.com/	1970-01-20 13:01:32	Name: outbrain_cid_fetch Value: true
.notfries.com/	1970-01-20 21:47:07	Name: FCNEC Value: %5B%5B%22AKsRol9dyfhe9RWYkz0xoefeBDp46-1aabxNv-PwL68Q6S89-Miu6LFS1tVylwroWcFJqFxXb_J87APcDwywqzH2d1_6EsvwEbW6g0WjbYsYNLR6_RLyAdXDBmTcd3vGg1aQNWVLY7X3eEx3308r3cT9VGn-uiaU7Q%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22281%22%5D%5D%5D
.doubleclick.net/	1970-01-20 22:23:07	Name: IDE Value: AHWqTUlcM0wBBmc1g3pHZM9NH7AuAzwr51qf5UcVc54yPANZdIY3WfZO4mhCou14

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://notfries.com/trending/celebrities-changing-looks-syn/ Message: Access to XMLHttpRequest at 'https://lu9xve2c97l898gjjxv4.notfries.com/?format=json&referrer=&&sub19=undefined&sub20=undefined' from origin 'https://notfries.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://lu9xve2c97l898gjjxv4.notfries.com/?format=json&referrer=&&sub19=undefined&sub20=undefined Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://wave.outbrain.com/mtWavesBundler/handler/00469fd161adcdd7d7ad24a541e5cfd5a7 Message: Failed to load resource: the server responded with a status of 504 (Gateway Time-out)
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1021215/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1021215/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
audit-tcfv2.cmp.quantcast.com
bcp.crwdcntrl.net
bid.underdog.media
c.amazon-adsystem.com
cdn.id5-sync.com
cdn.taboola.com
cmp.quantcast.com
d1upt0rqzff34l.cloudfront.net
d2dfm87p04h1zk.cloudfront.net
d2zayfmz8ahvp7.cloudfront.net
d3lqr6uy4evi9q.cloudfront.net
dz3kk72128dko.cloudfront.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gtrack.kueezrtb.com
gum.criteo.com
lu9xve2c97l898gjjxv4.notfries.com
notfries.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
region1.google-analytics.com
s.yimg.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.kueezrtb.com
static.vidazoo.com
tags.crwdcntrl.net
test.cmp.quantcast.com
tr.outbrain.com
track.kueezrtb.com
trc-events.taboola.com
trc.taboola.com
u.kueezrtb.com
wave.outbrain.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
lu9xve2c97l898gjjxv4.notfries.com
108.139.243.8
13.224.192.181
141.226.228.48
143.204.231.3
151.101.1.44
18.196.78.23
2001:4860:4802:34::36
23.32.185.60
23.57.19.78
2600:9000:2113:7a00:1c:615b:f80:93a1
2600:9000:2117:5200:1f:4e6f:2e00:21
2600:9000:2171:6200:9:46dc:4700:93a1
2600:9000:2171:f200:9:46dc:4700:93a1
2600:9000:218c:2400:1e:9fbe:1400:93a1
2600:9000:2304:0:19:4475:2ec0:93a1
2600:9000:248c:d600:5:c4ab:c3c0:93a1
2600:9000:25e9:b200:3:a4cd:8380:93a1
2606:4700:10::ac43:15e8
2606:4700:10::ac43:266a
2606:4700:4400::6812:2bda
2a00:1288:80:807::2
2a00:1450:4001:80f::2008
2a00:1450:4001:812::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a02:2638:3::c
2a03:2880:f176:181:face:b00c:0:25de
37.48.87.182
52.222.196.226
54.246.206.91
70.42.32.255
034857c45b2029ce126e713cbc019daa662281d7103d623c07bbf20795db8913
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
10c39b67ec506bf07df99ea82dc06bca091441bb675259bcec8078c43da81933
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
215f7430f19f827a59a6fa59221a2df0b028268fb0c398375160c6724ec6bbb4
217545ad1d00b52ba4809b436ad6a3424797c1e7617812c2a87c82eaf572b44c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30f11350f1ef2647417b79f8eea78defdedfb96420ab0074ce3176d81d88a150
3106baafe101b370a674e071effdfc6de0948f5bec120d66ffac5e2f3c5f8c6b
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
3989470f8a9009cc5c431d46748957c133e89e6ad01388cb4ed0346326288f6b
3b88959d7dc34cc1341974836013047cc9ca5b66d6260d2eb2976b88e242ebf2
3c07236b291a66fde5d434056c6f202a8229839a7f6c67362f57bef29e3938c1
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45a6e2f90c6ca7ca372119346896d189825b2c032e7f34688d5ae1503146857d
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4b8f2b177e73f0072f1c899e85882e5b8b72c4bfdec8e1d9d431b163079dc8d7
4ef411999ee1c3ae72b6344500f55c6b9781869376887ca3c30179630f354688
5015c70a1d0b9d48736fc17a65a3b86e06613363e5ebf754705e066a660b2a2a
563b6254e69fb2c284e3bf69178bb83324b83d0acee3bbac4a7d35b931bbe08d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6190d86c4303ef10ef87ab4507ce1ccbeef00f74f143c689b9be8e39a77585c5
62fddefd59db7b7d2821b09bddcfd653013b67e1ae0a88cfa2b8016749de7888
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b
713c1febf6652315a352173ca5d8b84c2360a8581de2b966edb09c2cb92c48f8
7187f26be6c5864e26711959336657253723f5a93b292a96e2286cbe944de74f
74d8f47dc939708f670840e55d9c6df7e6740004a479fbab8d5287a45360ad91
85e6f2b9be0e6604fb6e4a6e9782232f1191b780ed305630ae0e540b7514885f
8a267b966a6b2802387a00f112cfd43f90c860c389c025b513d2420cd15af530
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8ca4570c433c15920d3ccc9b8143d09c59987df5ab1e83217388bf2037f52d27
8e01ea08ee3dc37382d7fa9f53f434ef2bd4ccf9925123076f115e1871faa97f
9430f4fc80ec3d3c487478e5fd9636b84df6c5822ec593ea7954dc9d524a3786
97b65c1796c217dc5f777d2df480ac5c3eb0701c98e9233e9ff1ef5171f6c08c
9fcbbba4ebb561fea43f9a465b6e3aafbd5a50a1e51a7e8814dfe03eddb90f3d
a2af829cf137a36f0f8c8cb211a670fbc318b5ab7558129c180108c372f6a67a
a640f2ca97021053e13798a973e1ad440d808bb7ef0084001e17d251131c48e1
aa8bd32342b76da9f3ee296fa3f2ef4a8945997a532de65a027cc4b20d5be89f
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
bd705474a5d0af5981c8f54ba49ab48d1774a67b29064df01df62acc3b2650a7
bffc974e244cf80e307eeebd9c606ab60e323323982ba5f039785321cb55508b
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c53e217c5ad3d2e55fb70f3c3c279c5e1eb9e32f8331a0d4720bfb214ee55bc8
c7a96024f43ca102145bf145c7aec3b46bd7822a9e78c7e7d09cdd635e2176d1
ca0faf9b67d90392fc162a99240cc03d7b92ad4146ec2c8aad5aed47174f8a73
d0f3143f3ecea93e92391e08de3461a779d9c5094241779ccf1b57665a081133
d4422d3c98e3106dc6516de0f1c02ba5a73ac3f3cee4ed95a3de65a7a1bdd1cb
d46a65f8c7e226146dbfe52215ef072fec99d7b17129fd45e926204651a82815
db491bce8ac28ec9c242ec4d1d08ac33324cd57973ed109f7382a6d7c289d16c
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
dd5c90d54de0336f121cb7c663a1b1090a55fb8ad3c1179d664923a808713aa2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea72f637a3dd70370eb8585edf0376e3e22ccf662c13b50face5a866ca815de9
eb30d640ae451dd7c92bcc97dc05c596cb5d5962fabdc702493ddd44994c9d51
eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

notfries.com Open in urlscan Pro 143.204.231.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

99 %HTTPS

64 %IPv6

22 Domains

39 Subdomains

34 IPs

6 Countries

2012 kBTransfer

6489 kBSize

7 Cookies

2 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

notfries.com Open in urlscan Pro
143.204.231.3 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

99 %
HTTPS

64 %
IPv6

22
Domains

39
Subdomains

34
IPs

6
Countries

2012 kB
Transfer

6489 kB
Size

7
Cookies

80 HTTP transactions
1 data transactions