www.tfo.org Open in urlscan Pro
52.72.252.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tfo.org/
Effective URL:
https://www.tfo.org/
Submission Tags: tranco_l324
Submission: On November 22 via api (November 22nd 2021, 8:55:28 am UTC) from DE — Scanned from DE

Summary HTTP 110 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 30 domains to perform 110 HTTP transactions. The main IP is 52.72.252.63, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.tfo.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 1st 2021. Valid for: a year.

This is the only time www.tfo.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 38	52.72.252.63 52.72.252.63	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
9	52.217.67.14 52.217.67.14	16509 (AMAZON-02) (AMAZON-02)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1 3	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
5	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.98.127 143.204.98.127	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3031::ac43:91b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.207.30.122 52.207.30.122	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	3.127.165.70 3.127.165.70	16509 (AMAZON-02) (AMAZON-02)
5	143.204.98.10 143.204.98.10	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	18.232.28.189 18.232.28.189	14618 (AMAZON-AES) (AMAZON-AES)
4 6	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	52.4.52.166 52.4.52.166	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
110	36

38 52.72.252.63 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-252-63.compute-1.amazonaws.com

tfo.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tfo.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.217.67.14 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

10349983.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.87 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (United States) 1 redirects

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-127.fra50.r.cloudfront.net

cdn.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:91b0 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.30.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-30-122.compute-1.amazonaws.com

adserve.atedra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.165.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-165-70.eu-central-1.compute.amazonaws.com

6083140.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.98.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-10.fra50.r.cloudfront.net

code.adstanding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.232.28.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-6-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
infolettres.groupemediatfo.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.198.69.109 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

mydmp.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.52.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-52-166.compute-1.amazonaws.com

onsite-tag-logs.apps.nielsen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.216 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	tfo.org 2 redirects tfo.org www.tfo.org	2 MB
9	exelator.com 4 redirects cdn.exelator.com mydmp.exelator.com loadm.exelator.com load77.exelator.com	16 KB
9	amazonaws.com s3.amazonaws.com	548 KB
8	google.com apis.google.com www.google.com adservice.google.com accounts.google.com	58 KB
7	doubleclick.net 2 redirects 10349983.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
5	adstanding.com code.adstanding.com	48 KB
5	facebook.com www.facebook.com	416 B
5	facebook.net connect.facebook.net	284 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com ssl.gstatic.com	215 KB
4	addthis.com s7.addthis.com m.addthis.com	143 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org	936 B
2	pardot.com pi.pardot.com	4 KB
2	google.de www.google.de	565 B
2	atedra.com adserve.atedra.com	3 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com	16 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	groupemediatfo.org infolettres.groupemediatfo.org	1 KB
1	twitter.com analytics.twitter.com	597 B
1	teads.tv 1 redirects sync.teads.tv	214 B
1	nielsen.com onsite-tag-logs.apps.nielsen.com	264 B
1	siteimproveanalytics.io 6083140.global.siteimproveanalytics.io	225 B
1	addthisedge.com v1.addthisedge.com	325 B
1	crazyegg.com script.crazyegg.com
1	siteimproveanalytics.com siteimproveanalytics.com	9 KB
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	53 KB
1	googleadservices.com www.googleadservices.com	18 KB
110	30

	Domain	Requested by
37	www.tfo.org	1 redirects www.tfo.org
9	s3.amazonaws.com	www.tfo.org
5	code.adstanding.com	adserve.atedra.com code.adstanding.com
5	www.facebook.com	www.tfo.org connect.facebook.net
5	connect.facebook.net	www.tfo.org connect.facebook.net
4	loadm.exelator.com	3 redirects
3	sb.scorecardresearch.com	1 redirects www.tfo.org
3	10349983.fls.doubleclick.net	1 redirects www.googletagmanager.com www.tfo.org
3	www.google.com	www.tfo.org
3	s7.addthis.com	www.tfo.org s7.addthis.com
2	ib.adnxs.com	2 redirects
2	cm.g.doubleclick.net	1 redirects
2	match.adsrvr.org	2 redirects
2	load77.exelator.com
2	mydmp.exelator.com	1 redirects
2	pi.pardot.com	www.tfo.org pi.pardot.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	www.google.de	www.tfo.org
2	adserve.atedra.com	www.googletagmanager.com code.adstanding.com
2	cdn.mouseflow.com	1 redirects www.tfo.org
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.tfo.org
2	apis.google.com	www.tfo.org apis.google.com
1	infolettres.groupemediatfo.org	pi.pardot.com
1	analytics.twitter.com
1	sync.teads.tv	1 redirects
1	onsite-tag-logs.apps.nielsen.com	cdn.exelator.com
1	ssl.gstatic.com	accounts.google.com
1	6083140.global.siteimproveanalytics.io	www.tfo.org
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	adservice.google.com	10349983.fls.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.crazyegg.com	www.tfo.org
1	siteimproveanalytics.com	www.tfo.org
1	cdn.exelator.com	www.tfo.org
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	www.tfo.org
1	www.googleadservices.com	www.tfo.org
1	www.gstatic.com	www.google.com
1	tfo.org	1 redirects
110	43

This site contains links to these domains. Also see Links.

Domain
www.idello.org
groupemediatfo.org
play.google.com
apps.apple.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
tfo.org Sectigo RSA Domain Validation Secure Server CA	`2021-02-01` - `2022-02-26`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-31` - `2021-11-29`	3 months	crt.sh
cdn.exelator.com Amazon	`2021-01-10` - `2022-02-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
atedra.com Amazon	`2021-01-21` - `2022-02-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2021-11-11` - `2022-12-10`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
onsite-tag-logs.apps.nielsen.com Amazon	`2021-06-08` - `2022-07-07`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
infolettres.groupemediatfo.org R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.tfo.org/
Frame ID: E423F9F6903F35C150EA73986BBC006E
Requests: 101 HTTP requests in this frame

Frame: https://10349983.fls.doubleclick.net/activityi;dc_pre=CI6M0cTMq_QCFcPL1Qod-7EDww;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=1145510301.1637571316;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F
Frame ID: 55B3D00B0A2566A3164661B9991E4A80
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F52299E608E03AE642F52A5B46E36093
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7B695DF0C841FF46051D8BB40657ABAF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9DA1AAE1E6A30E1B13EED803A0EEB735
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 566D28EFD5570E11CD6A132029ADE9BC
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 450A80202266FBF9037CAE0DC7FA8DDD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TFO – vidéos pour enfants, chansons et jeux, films et séries

Page URL History Show full URLs

http://tfo.org/ HTTP 301
http://www.tfo.org/ HTTP 301
https://www.tfo.org/ Page URL

Page Statistics

110
Requests

93 %
HTTPS

47 %
IPv6

30
Domains

43
Subdomains

36
IPs

4
Countries

3815 kB
Transfer

7170 kB
Size

32
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.idello.org/fr
Title: Découvrez IDÉLLO

Search URL Search Domain Scan URL

URL: https://groupemediatfo.org/a-propos
Title: À propos de nous

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=org.tfo.tfovideos
Title: Téléchargez l'application de TFO sur Google Play - Ce lien s'ouvrira dans une nouvelle fenêtre

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/tfo-videos/id1094853425
Title: Téléchargez l'application de TFO sur Apple Store - Ce lien s'ouvrira dans une nouvelle fenêtre

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TFOCanada
Title: Visiter la page Facebook de TFO - Ce lien s'ouvrira dans une nouvelle fenêtre

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TFOCanada
Title: Visiter la page YouTube de TFO - Ce lien s'ouvrira dans une nouvelle fenêtre

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tfo.org/ HTTP 301
http://www.tfo.org/ HTTP 301
https://www.tfo.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://10349983.fls.doubleclick.net/activityi;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=1145510301.1637571316;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F HTTP 302
https://10349983.fls.doubleclick.net/activityi;dc_pre=CI6M0cTMq_QCFcPL1Qod-7EDww;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=1145510301.1637571316;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F

Request Chain 43

https://cdn.mouseflow.com/projects/7a54914a-16c6-4c2a-b5dc-85543a8f65ae.js HTTP 301
https://cdn.mouseflow.com/projects/7a54914a-16c6-4c2a-b5dc-85543a8f65ae_eu.js

Request Chain 52

https://sb.scorecardresearch.com/b?c1=2&c2=18996171&ns__t=1637571315905&ns_c=UTF-8&cv=3.5&c8=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&c7=https%3A%2F%2Fwww.tfo.org%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=18996171&ns__t=1637571315905&ns_c=UTF-8&cv=3.5&c8=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&c7=https%3A%2F%2Fwww.tfo.org%2F&c9=

Request Chain 99

https://mydmp.exelator.com/on-site-tag-load/?p=1269&g=1&j=d HTTP 307
https://mydmp.exelator.com/on-site-tag-load/?p=1269&g=1&j=d&xl8blockcheck=1

Request Chain 102

https://sync.teads.tv/ex/sync?gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=e4ed494cdccb29c171859b378a7b4609ced3f172 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 103

https://match.adsrvr.org/track/cmf/generic?ttd_pid=exelate&ttd_tpi=1& HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=exelate&ttd_tpi=1& HTTP 302
https://loadm.exelator.com/load/?p=204&g=460&buid=58ad6385-ee5a-4eb8-9ae5-b512a7427d5d&j=0 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm&google_hm=ZWE2OWQ4NzMzZGI5Yjc2NWIyNTU1MjBhNzIwMTk2ZDM& HTTP 302
https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEJ-M9fYKywb_DUW7YActp6U&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=ZWE2OWQ4NzMzZGI5Yjc2NWIyNTU1MjBhNzIwMTk2ZDM&

Request Chain 105

https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Floadm.exelator.com%2Fload%2F%3Fp%3D204%26g%3D013%26bi%3D%24UID%26j%3D0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=013&bi=2368570951694875968&j=0

110 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tfo.org/
Redirect Chain

http://tfo.org/
http://www.tfo.org/
https://www.tfo.org/

36 KB
8 KB

344ms
135ms

Document
text/html

52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 68e75f3bb8632144f5e3a8e065b61a93e4eb03e116cab82207ab3eea80e84e80

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-type: text/html
server: nginx
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-tfo-version: 1.2.38
content-encoding: gzip

Redirect headers

Date: Mon, 22 Nov 2021 08:55:14 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: nginx
Location: https://www.tfo.org/

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 54ms
31ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=onLoadCallback

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

72a38c81694257079551b18f00857651975d836c3da0cb774ff7733603d7ec86

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ub//aAhlPxfZ7IUP2Qufjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "590897aef7978b556ccb3b570bc0771b"
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-Ub//aAhlPxfZ7IUP2Qufjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires: Mon, 22 Nov 2021 08:55:15 GMT

GET
H2 200 tfo-css.css
www.tfo.org/cache/fr/ 301 KB
37 KB 203ms
203ms Stylesheet
text/css 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5f48f77baf80d92024dcaa090069c00709b5a7ae469ea678716fc68cf7336f77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 tfo-react-css.css
www.tfo.org/cache/fr/ 42 KB
5 KB 115ms
114ms Stylesheet
text/css 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 17438dfdd93697f1fac8ed49976a8e4161933c89eb32fde545a00a67159eed4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 tfo-app-js.js Show response
www.tfo.org/cache/fr/ 16 KB
5 KB 103ms
102ms Script
application/x-javascript 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tfo.org/cache/fr/tfo-app-js.js?v=1.2.38
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5d0719af5d85776203e03dc7d0b0d26005c01cd7b493670bbfd8d6dee32084ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 19:10:00 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 83ms
32ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Mon, 22 Nov 2021 08:55:15 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
969 B 39ms
16ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7f9c88c9549056858c05d8774daf576b90a947629e536c1975fd97e2e5b2c879

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Mon, 22 Nov 2021 08:55:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 08:11:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 08:55:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 08:55:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
643 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,300,700

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 08:49:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 08:55:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 08:55:15 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tfo.org/
Origin: https://www.tfo.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 22 Nov 2022 08:51:39 GMT

GET
H/1.1 200
OK 408X230.jpg
s3.amazonaws.com/heap-media.tfo.org/fghl86ifvk3n4/ 78 KB
78 KB 463ms
164ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/heap-media.tfo.org/fghl86ifvk3n4/408X230.jpg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7debb75ac791f55ac1b7251e72951d88d773bcc6d6f4ea7786d14c9313078169

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 08:55:17 GMT
Last-Modified: Wed, 08 Apr 2020 15:25:13 GMT
Server: AmazonS3
x-amz-request-id: X4NZGVS36N1T5H34
ETag: "bd425acaaf93aa78c8f72b8b64307e71"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 79642
x-amz-id-2: UlFZIZ4MxIHnTIj4CLl3FIbyHnlgQHJ4/VX/P77kQ79FNwY4f/i5UqddUC4lqLxVQq+Yl6y5f9w=

GET
H/1.1 200
OK 408X230.jpg
s3.amazonaws.com/heap-media.tfo.org/xezwikbr1er86/ 24 KB
24 KB 419ms
121ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/heap-media.tfo.org/xezwikbr1er86/408X230.jpg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c66c6f28739b8b7de0e0cead39e6b62bb2b5c1887524e0d6b455f46aa3d86bc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 08:55:17 GMT
Last-Modified: Thu, 16 Apr 2020 21:51:46 GMT
Server: AmazonS3
x-amz-request-id: X4NHX71K0BTZCZFT
ETag: "6cf27e793e4fa95f68e6c0c876234881"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 24498
x-amz-id-2: 5mVgetmjwYdZrnuQUbRXA9iyBC0BNBodRc7297XW3HW02JnMpcbUXMsS77+GOCOp0I7RFzCM9uc=

GET
H/1.1 200
OK 408X230.jpg
s3.amazonaws.com/heap-media.tfo.org/lwpkvn8fbjj2l/ 105 KB
106 KB 845ms
547ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/heap-media.tfo.org/lwpkvn8fbjj2l/408X230.jpg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: dc523e4d55abdb3eec801d8b6c8852d9d4aef8981ef354fc33679c7d57606268

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 08:55:17 GMT
Last-Modified: Thu, 09 Apr 2020 14:13:50 GMT
Server: AmazonS3
x-amz-request-id: X4NS4ECGGNJ8X0FD
ETag: "90a3039ec314403a67466104f5230071"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 107970
x-amz-id-2: jJ6VsgOZF/+4kOKPfDWWTOapMVtu9MRFqp9+Ly9pKQPTCoP+qxQNl1p2h11NliVYbxarQgrFWl8=

GET
H/1.1 200
OK 408X230.jpg
s3.amazonaws.com/heap-media.tfo.org/i0h4bwuoxtnix/ 14 KB
14 KB 428ms
115ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/heap-media.tfo.org/i0h4bwuoxtnix/408X230.jpg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b85d4faa9763a7d2c64bfe03f6e2c8a93c3da77cb5ab773eca17aae677febf66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 08:55:17 GMT
Last-Modified: Thu, 09 Feb 2017 19:54:40 GMT
Server: AmazonS3
x-amz-request-id: X4NG83NC08ZV3N09
ETag: "36f05535834a176a46206a6f350ec57d"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 14353
x-amz-id-2: RdKqvYXyffmgu/BhyjrBMlexw6fnbAswP3fx4OA8ala0NDd/H3kkQNFm3jRH8nIg13n9oHz0ITc=

GET
H/1.1 200
OK 408X230.jpg
s3.amazonaws.com/heap-media.tfo.org/f0sa4ay79puxy/ 45 KB
46 KB 539ms
110ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/heap-media.tfo.org/f0sa4ay79puxy/408X230.jpg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9b112575fe3a60de423350c134a156bb07d352b88167b3f5990fc1e4843bfd42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 08:55:17 GMT
Last-Modified: Wed, 08 Apr 2020 18:46:54 GMT
Server: AmazonS3
x-amz-request-id: X4NN94A3Z41PK6SE
ETag: "d4fd96728d58cb2ce5d843d5365cfe31"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 46431
x-amz-id-2: Lvyd1Oj3A/MwtN0f02LenRZUMrM9vhe8JBBG5QakOsEE9l4OLAARlXdd9cqfc+jWpBPlaNkXfkY=

GET
H/1.1 200
OK 408X230.jpg
s3.amazonaws.com/heap-media.tfo.org/yq8burccjcfj4/ 28 KB
28 KB 627ms
111ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/heap-media.tfo.org/yq8burccjcfj4/408X230.jpg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 83479d5c116700383533b6a043587f2f955a2720e2b2b762a3bdb32ea32f715c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 08:55:17 GMT
Last-Modified: Thu, 16 Apr 2020 19:05:06 GMT
Server: AmazonS3
x-amz-request-id: X4NT7G8CBJVJ8GQK
ETag: "be872088ce9fe934b06353985889c7fc"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 28226
x-amz-id-2: ux21kJuUAmxDAt58T2UvpKpywLupmIu1lMSp55ghMJEZDIA0X/Mi+kcvd0J5CsduNqEVh8r84Ts=

GET
H/1.1 200
OK 408X230.jpg
s3.amazonaws.com/heap-media.tfo.org/7b6qni8cgolyv/ 87 KB
87 KB 427ms
155ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/heap-media.tfo.org/7b6qni8cgolyv/408X230.jpg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 92a262eb84f12ef7a291a552222614183004e4b2f85eff88a4779a8bba340ea9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 08:55:17 GMT
Last-Modified: Thu, 09 Apr 2020 17:18:02 GMT
Server: AmazonS3
x-amz-request-id: X4NTZE922XK6GEH5
ETag: "07585e391dcf92c2b0019b71114f202b"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 88627
x-amz-id-2: Aiqc1pmbpWq/iRfilPyi98u1OcaQjHzUZ6BhCcNW9V7f3IRnVO9+/clt3ypNRgI9ocyK9x7mI8E=

GET
H/1.1 200
OK 408X230.jpg
s3.amazonaws.com/heap-media.tfo.org/vwechpg6ozj2j/ 89 KB
89 KB 421ms
150ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/heap-media.tfo.org/vwechpg6ozj2j/408X230.jpg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70fbf9692a9a82503e6c78401ad3001cfbaee1b14315504ffce9bbe690d801c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 08:55:17 GMT
Last-Modified: Thu, 09 Feb 2017 07:15:34 GMT
Server: AmazonS3
x-amz-request-id: X4NPFGW4WSRG2T9Z
ETag: "8790a2f233d6b522188e5b76e9308462"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 90830
x-amz-id-2: vRd1wC2IDJ+PyGCLr+zY+67//DBi3go23RXEWBWqgMBFh7X2MDgKJ8Oge/EKuzB+UgbgCWTOdHw=

GET
H/1.1 200
OK source.png
s3.amazonaws.com/heap-media.tfo.org/swp4fzh5cq8rv/ 75 KB
75 KB 129ms
128ms Image
image/png 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/heap-media.tfo.org/swp4fzh5cq8rv/source.png
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9a929ca0cc4712498fd145f7f260dcd088ebbca199942952651bc6306999bbec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 08:55:17 GMT
Last-Modified: Fri, 21 Aug 2020 17:25:14 GMT
Server: AmazonS3
x-amz-request-id: X4NKJ60RQ3D8VKPP
ETag: "5b9fce55b52aab4338d0c404977e4295"
Content-Type: image/png
Cache-Control: max-age=604800
Content-Disposition: inline; filename="Cta1.png"
Accept-Ranges: bytes
Content-Length: 76605
x-amz-id-2: vj0SD5rbVFoZtqwbVUUIsqVTg3xXufpFW6BcGtPUFQbGNzQvHVQmE/PxWDSNznNTpe32IPQ9khY=

GET
H2 200 tfo-gray.svg
www.tfo.org/tfo/static/assets/logo/ 472 B
622 B 102ms
101ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/logo/tfo-gray.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 92575a5287c596360a2b66825a4bf26167bf823cd2618f3f7f939fa95c56d03e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-1d8"
content-length: 472
content-type: image/svg+xml

GET
H2 200 tfo-js.js Show response
www.tfo.org/cache/fr/ 113 KB
38 KB 108ms
105ms Script
application/x-javascript 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tfo.org/cache/fr/tfo-js.js?v=1.2.38
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e6f06e68516bac47a446c6297893240e734bdfe72eac22db881f2c3096207ddf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 19:10:15 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript

GET
H2 200 tfo-react-js.js Show response
www.tfo.org/cache/fr/ 640 KB
193 KB 107ms
104ms Script
application/x-javascript 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tfo.org/cache/fr/tfo-react-js.js?v=1.2.38
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e5ad47f0b97b219139ac1c39515606fbd6dc44ac79a2849d47d9457ea0dcf61a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 19:10:16 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript

GET
H2 200 tfo-main.js Show response
www.tfo.org/tfo/static/js/ 991 KB
185 KB 208ms
205ms Script
application/x-javascript 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tfo.org/tfo/static/js/tfo-main.js?v=1.2.38
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 637b8412c83c240facd9a30062ecdc9c1e8cb66e0f7ead96f372f98dfb5770ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 16:40:34 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 54ms
31ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

4112275fe878d4b037316a449f7516817d3c7da7839eb532b81c80b309b36df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17627
x-xss-protection: 0
server: cafe
etag: 16294007831590153160
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 08:55:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
53 KB 55ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5VTKG8

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

208a5f0035cb0710fa4b7932334162179b52c889175eb183ca61cb116d616244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54021
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Nov 2021 08:55:15 GMT

GET
H2 200 mini-white.svg
www.tfo.org/tfo/static/assets/logo/ 7 KB
7 KB 197ms
197ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/logo/mini-white.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c7db04ec3e9ef843d395f18f458eca9321a106396aba65cf30c38a3ae223b32e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-1aab"
content-length: 6827
content-type: image/svg+xml

GET
H2 200 shadow.png
www.tfo.org/tfo/static/images/global/ 292 B
506 B 101ms
101ms Image
image/png 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/images/global/shadow.png
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 21d79e25e330e4fc40b8b01864abb82f7ee0498331bf34a7a344019a0d082007

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Wed, 20 May 2020 20:02:39 GMT
server: nginx
etag: "5ec58cdf-124"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 292
expires: Mon, 29 Nov 2021 08:55:15 GMT

GET
H2 200 play.svg
www.tfo.org/tfo/static/assets/icons/ 270 B
419 B 198ms
197ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/icons/play.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2472a1dbe7add75e3b0194069c511d129819cb31d1f4f61406c471b13e70e9ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-10e"
content-length: 270
content-type: image/svg+xml

GET
H2 200 play-hover.svg
www.tfo.org/tfo/static/assets/icons/ 188 B
337 B 200ms
200ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/icons/play-hover.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 749ab12ee2832124f50e8d4e605bfe0beecfaa47958f9be7ac252f321647b853

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-bc"
content-length: 188
content-type: image/svg+xml

GET
H2 200 flip-white.svg
www.tfo.org/tfo/static/assets/logo/ 5 KB
5 KB 200ms
200ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/logo/flip-white.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7166c3938cadaaac79131b889a7ece70cc193f4ed20294516192b0b3f3e681cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-12de"
content-length: 4830
content-type: image/svg+xml

GET
H2 200 plus-white.svg
www.tfo.org/tfo/static/assets/logo/ 6 KB
6 KB 199ms
198ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/logo/plus-white.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5241ed1713c1c60805016375ea8e00f8a5bbccdfb177b731040c8ee46706a528

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-17a9"
content-length: 6057
content-type: image/svg+xml

GET
H2 200 newsletter.png
www.tfo.org/tfo/static/assets/images/ 190 KB
190 KB 199ms
199ms Image
image/png 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/images/newsletter.png
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ecf91b629666b295cbc9f1b7f5689a9c82c61863dfc76da92fd7edeab0f5f255

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
etag: "5f43a1d4-2f766"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 194406
expires: Mon, 29 Nov 2021 08:55:15 GMT

GET
H2 200 icon-chevron-purple.svg
www.tfo.org/tfo/static/assets/icons/ 200 B
349 B 200ms
200ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/icons/icon-chevron-purple.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 442d6fa62d9f10b2b01f1b70c22d704872156d47cf951df16b6d41faf9352401

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-c8"
content-length: 200
content-type: image/svg+xml

GET
H2 200 android.svg
www.tfo.org/tfo/static/assets/icons/ 5 KB
6 KB 200ms
200ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/icons/android.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c92f2b5cf5852e5997c60f5ce8cae4d044949e50578977b50f4397f93113345d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-1578"
content-length: 5496
content-type: image/svg+xml

GET
H2 200 apple.svg
www.tfo.org/tfo/static/assets/icons/ 2 KB
2 KB 200ms
200ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/icons/apple.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bea1ca796c37d7451a6bb3538841b70ae5c94604b8bb90c3271b0fe0b5b90062

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-876"
content-length: 2166
content-type: image/svg+xml

GET
H2 200 facebook-purple.svg
www.tfo.org/tfo/static/assets/icons/social/ 2 KB
2 KB 200ms
199ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/icons/social/facebook-purple.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b2f17a9fe998f0c813c8c2f771a5a94e79f1df0eded171b61be917fa04ce5749

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-67c"
content-length: 1660
content-type: image/svg+xml

GET
H2 200 youtube-purple.svg
www.tfo.org/tfo/static/assets/icons/social/ 7 KB
7 KB 200ms
199ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/icons/social/youtube-purple.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fb5bc358e9145b692f3b4e3552aab4d91a37fb32ef1f62b8c820431176f9a65d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-1bfb"
content-length: 7163
content-type: image/svg+xml

GET
H2 200 back-to-top.png
www.tfo.org/tfo/static/images/global/ 331 B
545 B 200ms
200ms Image
image/png 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/images/global/back-to-top.png
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 25510a7fd934a580116ebf8bbf2e05b86986eb8cdabf383c58b488d51f7b400c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Wed, 20 May 2020 20:02:55 GMT
server: nginx
etag: "5ec58cef-14b"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 331
expires: Mon, 29 Nov 2021 08:55:15 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 33ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tfo.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 07:59:11 GMT
x-content-type-options: nosniff
age: 521764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 07:59:11 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 37ms
11ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tfo.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:18:02 GMT
x-content-type-options: nosniff
age: 243433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:18:02 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 55ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=59144
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VTKG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6848
date: Mon, 22 Nov 2021 07:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Nov 2021 09:01:07 GMT

GET
H3

200

activityi;dc_pre=CI6M0cTMq_QCFcPL1Qod-7EDww;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=1145510301.1637571316;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F Show response
10349983.fls.doubleclick.net/ Frame 55B3
Redirect Chain

https://10349983.fls.doubleclick.net/activityi;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=1145510301.1637571316;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F?
https://10349983.fls.doubleclick.net/activityi;dc_pre=CI6M0cTMq_QCFcPL1Qod-7EDww;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=1145510301.1637571316;ps=1;~oref=https%3A%2F...

393 B
355 B

44ms
25ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10349983.fls.doubleclick.net/activityi;dc_pre=CI6M0cTMq_QCFcPL1Qod-7EDww;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=1145510301.1637571316;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VTKG8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ecdc9cf0f73212943abd1775902ee280574aa7fd60932a425b979981db43f694

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 22 Nov 2021 08:55:15 GMT
expires: Mon, 22 Nov 2021 08:55:15 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 22 Nov 2021 08:55:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10349983.fls.doubleclick.net/activityi;dc_pre=CI6M0cTMq_QCFcPL1Qod-7EDww;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=1145510301.1637571316;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 28ms
10ms Script
application/javascript 143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 03:24:30 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 100317
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7vv3zJnk6knM_rBoIEwWyaSRr4XUAh6F3iAW4wKAD2Ushm8JCORGtA==

GET
H2

200

7a54914a-16c6-4c2a-b5dc-85543a8f65ae_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/7a54914a-16c6-4c2a-b5dc-85543a8f65ae.js
https://cdn.mouseflow.com/projects/7a54914a-16c6-4c2a-b5dc-85543a8f65ae_eu.js

52 KB
16 KB

11ms
11ms

Script
application/javascript

23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/7a54914a-16c6-4c2a-b5dc-85543a8f65ae_eu.js
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Server: 23.111.9.38 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c6d4dd282d851c4f1ee12249e8c7dc0fca32cba8c04ab6ec4dcb9d0a338fdc08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
last-modified: Sun, 14 Nov 2021 08:15:28 GMT
server: NetDNA-cache/2.2
etag: W/"15f3b7c82fd9d71:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

location: https://cdn.mouseflow.com/projects/7a54914a-16c6-4c2a-b5dc-85543a8f65ae_eu.js
date: Mon, 22 Nov 2021 08:55:15 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
content-type: text/html

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: U67ouHe/LiTGQnVwPPCzSBmUVPD9v/Sm0P/9QqfDqvfLQ9FGfA1lzscjc+EjWCsdhXji0plX3WedHaiqdplJcw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 22 Nov 2021 08:55:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 static.min.js Show response
cdn.exelator.com/build/ 21 KB
8 KB 37ms
19ms Script
application/javascript 143.204.98.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exelator.com/build/static.min.js
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-127.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78d8aa00a4effdea0749f3b5a48a3e5967e73c4ce6454d2abd09bc8e3823abbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: zJnj9IdW5bQWUqea2aMpKS.72qNKKrMo
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 06:40:58 GMT
server: AmazonS3
age: 17132
etag: W/"ca34304b059a43ff8e7d8cd71f2c58c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
date: Mon, 22 Nov 2021 04:29:16 GMT
x-amz-cf-pop: FRA50-C1
x-amz-request-id: 6CJG0PB9Z6P1KYSD
x-amz-cf-id: xMOky_t8sbPfc78tO0cCoRtfoEz3_folqgIRUcRiDXNBcMIN5btqeQ==
x-amz-id-2: 3HFV9mORP+zurU936UwUTkjgIiC0IkXUJD2iUhZRkdjy5wjG2Oi93CZwV/QEPHP7DXnKMUPH9vg=

GET
H2 200 siteanalyze_6083140.js Show response
siteimproveanalytics.com/js/ 23 KB
9 KB 39ms
13ms Script
application/javascript 2606:4700:3031::ac43:91b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6083140.js
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:91b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d838ed416818175d568fd1591a3dc52d4ed6d020171544485cb63f6929ce000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2887
cf-ray: 6b20f0144c3a699f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8275
x-amz-id-2: GZ7SEq4hf+a9KfBLuPLSDar+hZ9lsGhBwL2YPpIrOgH8l6LCjZn0a4LjPkumpRjTw/j/CI2Tm2A=
last-modified: Tue, 22 Jun 2021 14:37:50 GMT
server: cloudflare
etag: "e2289d7d7f298e2cfc17e57190aa8181"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA29sLu1379wSVV%2FL98fDQG%2B8EDUD6LPXLpWvqaieD9ERjoSSYEhYBJnzwioabtUkHsunGjMnzf5tcAJD3yO%2Fa1pR%2FlFtq%2FSTSjMLQ83Jhwus8EEg7OgvKgDJmZdROiMaNCT4R5GDGCjly4pFRXbaGbzNnTBKmQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 5X8GWJR6S1XFQG5A
cache-control: max-age=86400, no-transform
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 serve.php Show response
adserve.atedra.com/ 4 KB
1 KB 342ms
112ms Script
text/javascript 52.207.30.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adserve.atedra.com/serve.php?z=10958
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VTKG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.30.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-30-122.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 85881ebdb0a175c71ec459c6930c7e60865b13e80a42a146d20c2f3d1884d19b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
cache-control: max-age=3600
content-type: text/javascript;charset=UTF-8
server: Apache
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 22 Nov 2021 09:55:16 +0000

GET
H2 200 activityi;register_conversion=1;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=1145510301.1637571316;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F
10349983.fls.doubleclick.net/ 0
0 60ms
14ms Image
text/html 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10349983.fls.doubleclick.net/activityi;register_conversion=1;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=1145510301.1637571316;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F?
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 410 9383.js
script.crazyegg.com/pages/scripts/0031/ 0
0 34ms
18ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0031/9383.js?454880
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
cf-cache-status: HIT
last-modified: Sun, 21 Nov 2021 19:44:35 GMT
server: cloudflare
age: 47440
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6b20f0144b8d4e9e-FRA
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 13ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2003823079&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tfo.org%2F&ul=en-us&de=UTF-8&dt=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=380513570&gjid=403737587&cid=2052801506.1637571316&tid=UA-67499871-1&_gid=2127460528.1637571316&_r=1&gtm=2wgba15VTKG8&z=1006828876

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tfo.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tfo.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1508470986122848 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1508470986122848?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

401f8ed0d4a03acff7b86bafdc359c0da5188719626c8ed1ed1eed0038d5d14f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88827
x-xss-protection: 0
pragma: public
x-fb-debug: qvg/Z/2fd5mgT/nw5ZPQP8B3VjDkdJknenmxrq/OR4Gt7xR6NwKjRbg395ua+Am+Os8M1i0jmwkmCObUMCpGIw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 22 Nov 2021 08:55:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=18996171&ns__t=1637571315905&ns_c=UTF-8&cv=3.5&c8=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&c...
https://sb.scorecardresearch.com/b2?c1=2&c2=18996171&ns__t=1637571315905&ns_c=UTF-8&cv=3.5&c8=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&...

64 B
331 B

10ms
9ms

Image
image/gif

143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=18996171&ns__t=1637571315905&ns_c=UTF-8&cv=3.5&c8=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&c7=https%3A%2F%2Fwww.tfo.org%2F&c9=
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: H2
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 7tvfBMfT-yf5JXuLqR1IE6b-X1H6hgYa0huqVyATPjCWBNHOaIXSxQ==

Redirect headers

date: Mon, 22 Nov 2021 08:55:15 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=18996171&ns__t=1637571315905&ns_c=UTF-8&cv=3.5&c8=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&c7=https%3A%2F%2Fwww.tfo.org%2F&c9=
content-length: 254
x-amz-cf-id: XeSC6-Ovf87Cn15y9NjJbiiopsje5qGdeYT_YxgHtVF4DgB_F-SHow==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 52ms
17ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-67499871-1&cid=2052801506.1637571316&jid=380513570&gjid=403737587&_gid=2127460528.1637571316&_u=YEBAAAAAAAAAAC~&z=1138962330

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tfo.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Nov 2021 08:55:15 GMT
content-type: text/plain
access-control-allow-origin: https://www.tfo.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1605221339538233 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 13ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1605221339538233?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

527bb5f9b6d9198713a32f69098cef60b0b56e679aa4485b15724120ea76eea0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89226
x-xss-protection: 0
pragma: public
x-fb-debug: PXCyk4kNtNPKxVp0hdumTInvpHPqd4DZeNnk76eFegj96vUC6YsMsrRh5PGhaLHxXmVuRLzf5qur57ldPplMmw==
x-frame-options: DENY
date: Mon, 22 Nov 2021 08:55:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 25ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1508470986122848&ev=PageView&dl=https%3A%2F%2Fwww.tfo.org%2F&rl=&if=false&ts=1637571315933&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637571315931.820208453&it=1637571315901&coo=false&exp=p1&rqm=GET

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 22 Nov 2021 08:55:15 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
33ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67499871-1&cid=2052801506.1637571316&jid=380513570&_u=YEBAAAAAAAAAAC~&z=106053051

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 53ms
31ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67499871-1&cid=2052801506.1637571316&jid=380513570&_u=YEBAAAAAAAAAAC~&z=106053051

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1605221339538233&ev=PageView&dl=https%3A%2F%2Fwww.tfo.org%2F&rl=&if=false&ts=1637571315969&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637571315931.820208453&it=1637571315901&coo=false&exp=p1&rqm=GET

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 22 Nov 2021 08:55:15 GMT

GET
H2 200 dc_pre=CI6M0cTMq_QCFcPL1Qod-7EDww;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F
adservice.google.com/ddm/fls/z/ Frame 55B3 42 B
494 B 189ms
168ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CI6M0cTMq_QCFcPL1Qod-7EDww;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F

Requested by

Host: 10349983.fls.doubleclick.net
URL: https://10349983.fls.doubleclick.net/activityi;dc_pre=CI6M0cTMq_QCFcPL1Qod-7EDww;src=10349983;type=rema90;cat=visit0;ord=1346390280538;gtm=2wgba1;auiddc=1145510301.1637571316;ps=1;~oref=https%3A%2F%2Fwww.tfo.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10349983.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/fr_FR/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b224e947554115ffe0cc97a0c5ad1a3d445d2310b94024c6c3019ce2bc7e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 9RDc9fO6PIoZINVnG6QUrg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: WgOEvwgF1x2d1Ua/uHqKuoZ1inIp7tC3dDUbkrvPB1YgIm6C5OSSgBx7GwaWdcp4PsHI91nrcDT7eFA1catG9A==
x-fb-content-md5: 0dae5c9ce3acbb822466ce3dd0d4cc66
x-frame-options: DENY
date: Mon, 22 Nov 2021 08:55:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "9deeb918d441090704da8ff7462bc3ba"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 22 Nov 2021 09:05:38 GMT

GET
H2 200 tfo-purple.svg
www.tfo.org/tfo/static/assets/logo/ 472 B
622 B 101ms
101ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/logo/tfo-purple.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f8d822e6145555621bb955c95bf26cf4c75631cc2826e915a6b00abe3ec262f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-1d8"
content-length: 472
content-type: image/svg+xml

GET
H2 200 chevron.svg
www.tfo.org/tfo/static/assets/icons/ 200 B
349 B 101ms
101ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/icons/chevron.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 442d6fa62d9f10b2b01f1b70c22d704872156d47cf951df16b6d41faf9352401

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-c8"
content-length: 200
content-type: image/svg+xml

GET
H2 200 search.svg
www.tfo.org/tfo/static/assets/icons/ 423 B
572 B 101ms
101ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/icons/search.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 11aa76bf8d314693c65e18d0946d5a4b059e383b010161828028f4bc8066bef4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-1a7"
content-length: 423
content-type: image/svg+xml

GET
H2 200 desktop-mini.png
www.tfo.org/tfo/static/assets/slider/desktop/ 400 KB
401 KB 102ms
101ms Image
image/png 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/slider/desktop/desktop-mini.png
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c03a1fb42c50bf69ffa937ad7df66fcc1b1bfea628a3c7457d030e5d52f2530f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
etag: "5f43a1d4-64078"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 409720
expires: Mon, 29 Nov 2021 08:55:16 GMT

GET
H2 200 desktop-flip.png
www.tfo.org/tfo/static/assets/slider/desktop/ 446 KB
447 KB 102ms
101ms Image
image/png 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/slider/desktop/desktop-flip.png
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 696953d0bb0372f9eec65ca6a8f8390e7a5d73df0a2aeb29c44e934cf114f7fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
etag: "5f43a1d4-6f99a"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 457114
expires: Mon, 29 Nov 2021 08:55:16 GMT

GET
H2 200 desktop-plus.png
www.tfo.org/tfo/static/assets/slider/desktop/ 673 KB
674 KB 102ms
101ms Image
image/png 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/slider/desktop/desktop-plus.png
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 89f5036bc75faebd82de582288170b1ac2a7ea391b8e3cf65e53325bda265692

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
etag: "5f43a1d4-a83ff"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 689151
expires: Mon, 29 Nov 2021 08:55:16 GMT

GET
H2 200 desktop-idello.png
www.tfo.org/tfo/static/assets/slider/desktop/ 123 KB
123 KB 110ms
108ms Image
image/png 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/slider/desktop/desktop-idello.png
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bee094a0168e839078e719a45337032d9e69ad61dd210c9e300f9f8d98f509b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
etag: "5f43a1d4-1ec39"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 126009
expires: Mon, 29 Nov 2021 08:55:16 GMT

GET
H2 200 icon-pause.svg
www.tfo.org/tfo/static/assets/slider/ 273 B
422 B 111ms
109ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/slider/icon-pause.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4b8723ae9e4ef196951550ad05b4ad187007764a3b519bc4b4d352a4fc634367

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-111"
content-length: 273
content-type: image/svg+xml

GET
H2 200 mini-green.svg
www.tfo.org/tfo/static/assets/logo/ 6 KB
7 KB 112ms
111ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/logo/mini-green.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 89447886a61ebd797564eafbfad1774659fa3bf3414c5500f2fb91c42fe4a8e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-1990"
content-length: 6544
content-type: image/svg+xml

GET
H2 200 flip-red.svg
www.tfo.org/tfo/static/assets/logo/ 4 KB
4 KB 113ms
112ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/logo/flip-red.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c6fd124804f909d0e5c56910b8822711d6c67b5584d59714c2a689300d76d38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-113a"
content-length: 4410
content-type: image/svg+xml

GET
H2 200 plus-gray.svg
www.tfo.org/tfo/static/assets/logo/ 6 KB
6 KB 202ms
200ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/logo/plus-gray.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ce34b37175d2e485f280aae53d81592d8213a6777676961e94aaf2da29032b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-16b3"
content-length: 5811
content-type: image/svg+xml

GET
H2 200 idello-blue.svg
www.tfo.org/tfo/static/assets/logo/ 4 KB
4 KB 201ms
200ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/logo/idello-blue.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 119f952c6489c7cdfd2236e6265f9e9d525515e759c8aa018a7bcb977102e6e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-react-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-eb7"
content-length: 3767
content-type: image/svg+xml

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/919210632/ 2 KB
2 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/919210632/?random=1637571316254&cv=9&fst=1637571316254&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.tfo.org%2F&tiba=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a2e5b95d9d311cfd084d472adb68fd8aa1ab8b73dbaba141157b3a96dbf30df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1036
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-55a7afce7b2c5218/ 166 B
325 B 79ms
65ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-55a7afce7b2c5218/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=25, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 217ms
195ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=619b5af32b002ac3&bkl=0&bl=1&pdt=1197&sid=619b5af32b002ac3&pub=ra-55a7afce7b2c5218&rev=v8.28.8-wp&ln=fr&pc=men&cb=0&ab=-&dp=www.tfo.org&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Dessins%20anim%C3%A9s%20et%20jeux%20gratuits%2Ccin%C3%A9ma%20et%20s%C3%A9ries%20pour%20toute%20la%20famille&colc=1637571316263&jsl=129&uvs=619b5af3630eb43b000&skipb=1&callback=addthis.cbs.jsonp__88836882171423960
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 96616dadb8a2071377884cf3fb1025ad72ecf56ecbcbd7a61c7267c5b5ad8ede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:16 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F522 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 7B69 71 KB
26 KB 33ms
33ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 22 Nov 2021 08:55:16 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.fr.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 24ms
9ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.fr.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

a362f69b2d3a4c7524c423ce51bcee34a234354552e150be760bd91be2f0084b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
etag: W/"5d77be05-fb9"
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.28.17.142, 4.1.176.18
x-host: s7.addthis.com
content-length: 1924
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
date: Mon, 22 Nov 2021 08:55:16 GMT
x-serial: 4016
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
timing-allow-origin: *

GET
H2 200 close-white.svg
www.tfo.org/tfo/static/assets/icons/ 248 B
397 B 178ms
178ms Image
image/svg+xml 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/assets/icons/close-white.svg
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: efbbff1c44fa38d664080a2548ade71e7f2d8588e2384c9a51dbf4251c5e09e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Mon, 24 Aug 2020 11:17:40 GMT
server: nginx
accept-ranges: bytes
etag: "5f43a1d4-f8"
content-length: 248
content-type: image/svg+xml

GET
H2 200 social-btn-icons.png
www.tfo.org/tfo/static/images/global/ 606 B
820 B 178ms
178ms Image
image/png 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tfo.org/tfo/static/images/global/social-btn-icons.png
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 13a21b1f8fea82ca0a4f681dccd3b5d846820146f5a464de4984be8dc7633927

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/cache/fr/tfo-css.css?v=1.2.38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
last-modified: Wed, 20 May 2020 20:02:55 GMT
server: nginx
etag: "5ec58cef-25e"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 606
expires: Mon, 29 Nov 2021 08:55:16 GMT

GET
H/1.1 200
OK image.aspx
6083140.global.siteimproveanalytics.io/ 34 B
225 B 57ms
7ms Image
image/gif 3.127.165.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6083140.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.tfo.org%2F&title=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&res=1600x1200&accountid=6083140&rt=2008&prev=3805004f-fa21-dd2e-61ca-bd790098503f&luid=a3c777ce-83a0-ec44-07f5-3aa8819d20a8&rnd=11864
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.165.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-165-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 08:55:16 GMT
Cache-Control: max-age=0
Expires: Mon, 22 Nov 2021 08:55:16 UTC
Connection: keep-alive
Content-Length: 34
Content-Type: image/gif

POST
H2 200 get_today Show response
www.tfo.org/api/web/program/ 17 KB
6 KB 154ms
154ms Fetch
application/json 52.72.252.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tfo.org/api/web/program/get_today
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/cache/fr/tfo-react-js.js?v=1.2.38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.252.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-252-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1605ebd9e8a24e763e84c3197155d4c7e66bd173209fdbcd68ed82c64d423c95

Request headers

Referer: https://www.tfo.org/
Accept-Language: de-DE,de;q=0.9
X-requested-lang: fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:16 GMT
content-encoding: gzip
allow: POST
server: nginx
x-tfo-version: 1.2.38
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers: X-tfo-session,Content-Type,X-requested-lang,X-device-pairing-uuid,X-device-type,X-mobile-auth
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 requireJS-2.1.11.js Show response
code.adstanding.com/js/lib/ 17 KB
7 KB 59ms
15ms Script
application/javascript 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.adstanding.com/js/lib/requireJS-2.1.11.js
Requested by: Host: adserve.atedra.com
URL: https://adserve.atedra.com/serve.php?z=10958
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 534c0e0a252abfb114b499301a64ad451049adb3acaf83fae64c78e479440860

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: LgbGeeZORkn0Cv4RDbvAGmI0LAuRsw.E
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 01:58:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"6521fd309f14aa2aa675cd367ca7d23f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Mon, 22 Nov 2021 08:55:16 GMT
x-amz-cf-id: XDCA0iVrqmkmMP1xuw4v8obZsaf2ChIVqM2BZJpfpa6-HUEUmR71Mw==

GET
H3 200 sdk.js Show response
connect.facebook.net/fr_FR/ 290 KB
82 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js?hash=f13f0e2c6bb67d8c86cc541abc2b6f0d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af8ff771c3098292551bf884f95ba3d4996320836e93c1757cf74ac5669ece4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tfo.org/
Origin: https://www.tfo.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sj7VVHIl9hI0Pld7RrdEgA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84352
x-fb-rlafr: 0
x-fb-debug: 4vp4kb1TOFFvY2y3x4slzgx+f3zmSj5W1jbKi3Ls94J0Ujh9sGxc2twnY1P3I/ixSrO40P/LxbOgK1rpINDOpA==
x-fb-content-md5: d182ac371d01f82c26d2c7e0629fe4f0
x-frame-options: DENY
date: Mon, 22 Nov 2021 08:55:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c9425a09124e172b99c99758247eb5b7"
timing-allow-origin: *
priority: u=5,i
expires: Tue, 22 Nov 2022 08:45:38 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/919210632/ 42 B
64 B 26ms
26ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/919210632/?random=1637571316254&cv=9&fst=1637568000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.tfo.org%2F&tiba=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&fmt=3&is_vtc=1&random=3783972121&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/919210632/ 42 B
64 B 38ms
22ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/919210632/?random=1637571316254&cv=9&fst=1637568000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.tfo.org%2F&tiba=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&fmt=3&is_vtc=1&random=3783972121&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 37ms
37ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1423641984531395&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.tfo.org%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=f13f0e2c6bb67d8c86cc541abc2b6f0d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: /OadM0Gbg5U4E2BtJIFNzF8YAgjLVsNThbbOq6FHfo/TIbGFOY0hORRK1yAbcPKTZ6U7Y0P6X0JpKIIxzCuupQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Mon, 22 Nov 2021 08:55:16 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tfo.org
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adstanding.js Show response
code.adstanding.com/js/1629424676/ 11 KB
4 KB 8ms
8ms Script
application/javascript 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.adstanding.com/js/1629424676/adstanding.js
Requested by: Host: code.adstanding.com
URL: https://code.adstanding.com/js/lib/requireJS-2.1.11.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7d6f3b781dc8fa1b86bb45a5d8a5fb2baaf6b56eed1af59586dbdacdab24924

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: tbii7EXuNj2s8OChQt9qdwfZ0ZEuHFr2
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 01:58:04 GMT
server: AmazonS3
age: 20414
etag: W/"5b6d9b4566b023d7b1abc556ee8004ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 22 Nov 2021 04:50:04 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: sOTmUlPLmwlG9X1Z_jtTytwGJU1DQadC8tsJfJ-isvLbvDVdIGdmTA==

GET
H2 200 jquery-1.11.0.js Show response
code.adstanding.com/js/1629424676/lib/ 95 KB
34 KB 9ms
9ms Script
application/javascript 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.adstanding.com/js/1629424676/lib/jquery-1.11.0.js
Requested by: Host: code.adstanding.com
URL: https://code.adstanding.com/js/lib/requireJS-2.1.11.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce2ec3f966cd758ef66d3ace077fce69e841b6bb0cef719cbfd3b48613480360

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 55GEwzYFSVF8qQbOfLsZArYec03lF67L
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 01:58:04 GMT
server: AmazonS3
age: 15075
etag: W/"d7ff56776a978210999002eeb5e5694e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 22 Nov 2021 04:50:04 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -u1HjwhF0eOimNZKmrFO3ohXKNquDDrBrDP5ObQjQfUk-FHdxXFIvw==

GET
H2 200 jquery-xdomainrequest-1.0.1.js Show response
code.adstanding.com/js/1629424676/lib/ 1 KB
1 KB 10ms
9ms Script
application/javascript 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.adstanding.com/js/1629424676/lib/jquery-xdomainrequest-1.0.1.js
Requested by: Host: code.adstanding.com
URL: https://code.adstanding.com/js/lib/requireJS-2.1.11.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 978e247261f11ba9b27dd613f5c55d6e2450e841efbaab21e1caeb024694ef90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: hd6bNYLvQwW9JVsud05DsrmTa.h0wpRX
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 01:58:04 GMT
server: AmazonS3
age: 17447
etag: W/"f2460c4403cc849f0d08b43e3eb5cae6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 22 Nov 2021 04:50:04 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mQDQ9KPkw6w9iX1MfKhxNcfYPRqoqQS4dcKePU1Z4DTKuyuAqezvqw==

GET
H2 200 adstanding-viewability.js Show response
code.adstanding.com/js/1629424676/ 6 KB
2 KB 11ms
10ms Script
application/javascript 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.adstanding.com/js/1629424676/adstanding-viewability.js
Requested by: Host: code.adstanding.com
URL: https://code.adstanding.com/js/lib/requireJS-2.1.11.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74efc15ce02b7e572a4802bc45d58bb898c89123fcd81e33ed6818b95dee01eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 3fukyde3wZp2QeD588efj7BpplcWfMUY
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 01:58:04 GMT
server: AmazonS3
age: 18716
etag: W/"e9fbe7267f40dde15f172e7a5120c0a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 22 Nov 2021 04:50:04 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uuP4hgqpR5yValE02vZKCufIPuX1lmH4uL05PZKLZ8ZBLFN2EWrwxg==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9DA1 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.tfo.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.tfo.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 22 Nov 2021 08:55:16 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ 103 KB
34 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=onLoadCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23df2c3f1040fcd3dff1a9cadca416b9fd045638d844c55d9b753038d5c221f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 14:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 412211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35077
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 15:20:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Nov 2022 14:25:05 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 566D 0
15 B 7ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.tfo.org
URL: https://www.tfo.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.tfo.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.tfo.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 22 Nov 2021 08:55:16 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 450A 511 B
897 B 78ms
56ms Document
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a1a21abeb0c01308c95c7f201bbc12022f1519633c2a3ed2dfdfe38bcdc08cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4TtaGtOcc0SumGe2ByI9Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 Nov 2021 08:55:16 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-4TtaGtOcc0SumGe2ByI9Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 73375047-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 450A 112 KB
39 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/73375047-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b04780cc8befb8f827f7e8bc7e37c74ed77ab6b7e5d9dbaca813a9101b7494cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 21:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39470
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 01:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Nov 2022 21:54:58 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 450A 14 B
58 B 23ms
7ms XHR
application/json 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.tfo.org&client_id=242168012980-0e5rra5t33j8001qas746uamthkgbtkq.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/73375047-idpiframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
age: 132
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40
x-xss-protection: 0
expires: Mon, 22 Nov 2021 09:53:04 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 426ms
104ms Script
application/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.tfo.org
URL: https://www.tfo.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 08:55:17 GMT
Content-Encoding: gzip
X-Pardot-Route: 4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
Last-Modified: Sun, 21 Nov 2021 05:16:36 GMT
Server: PardotServer
ETag: "1547-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1950
Expires: Wed, 22 Nov 2023 08:55:17 GMT

POST
H2

200

/ Show response
mydmp.exelator.com/on-site-tag-load/
Redirect Chain

https://mydmp.exelator.com/on-site-tag-load/?p=1269&g=1&j=d
https://mydmp.exelator.com/on-site-tag-load/?p=1269&g=1&j=d&xl8blockcheck=1

1 KB
2 KB

46ms
46ms

XHR
application/x-javascript

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mydmp.exelator.com/on-site-tag-load/?p=1269&g=1&j=d&xl8blockcheck=1
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: 5765e7979a11d9f355b94e34ef2f4f6b09ab5532f45f30010fc3fe44748140eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: https://www.tfo.org
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/x-javascript;charset=UTF-8

Redirect headers

date: Mon, 22 Nov 2021 08:55:16 GMT
server: nginx
x-powered-by: Undertow/1
location: https://mydmp.exelator.com/on-site-tag-load/?p=1269&g=1&j=d&xl8blockcheck=1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: https://www.tfo.org
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif;charset=UTF-8

POST
H2 200 zones.php Show response
adserve.atedra.com/ 2 KB
1 KB 133ms
132ms XHR
application/json 52.207.30.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adserve.atedra.com/zones.php
Requested by: Host: code.adstanding.com
URL: https://code.adstanding.com/js/1629424676/lib/jquery-1.11.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.30.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-30-122.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5d77b373c2bfd1658d081b8a3b73af79c948c144de57f90a249f737c18713ae5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.tfo.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/json; charset=uft-8
access-control-allow-origin: https://www.tfo.org
cache-control: no-store
access-control-allow-credentials: true
expires: 0

POST
H2 200 log
onsite-tag-logs.apps.nielsen.com/ 0
264 B 346ms
110ms Ping
application/octet-stream 52.4.52.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite-tag-logs.apps.nielsen.com/log
Requested by: Host: cdn.exelator.com
URL: https://cdn.exelator.com/build/static.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.52.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-52-166.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tfo.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 Nov 2021 08:55:17 GMT
server: nginx/1.16.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

pixel.gif
load77.exelator.com/
Redirect Chain

https://sync.teads.tv/ex/sync?gdpr=&gdpr_consent=&us_privacy=
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=e4ed494cdccb29c171859b378a7b4609ced3f172
https://load77.exelator.com/pixel.gif

43 B
334 B

48ms
6ms

Image
image/gif

2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Protocol: H2
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt: AcO1rgV5JMv/WwwFAA==
x-accel-expires: @1638277274
date: Mon, 22 Nov 2021 08:55:17 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: E356K9iT84Y=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 330843
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Mon, 22 Nov 2021 08:55:17 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

200

pixel.gif
load77.exelator.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=exelate&ttd_tpi=1&
https://match.adsrvr.org/track/cmb/generic?ttd_pid=exelate&ttd_tpi=1&
https://loadm.exelator.com/load/?p=204&g=460&buid=58ad6385-ee5a-4eb8-9ae5-b512a7427d5d&j=0
https://load77.exelator.com/pixel.gif

43 B
333 B

6ms
6ms

Image
image/gif

2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Protocol: H2
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt: AcO1rgUX9yH/WwwFAA==
x-accel-expires: @1638277274
date: Mon, 22 Nov 2021 08:55:17 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: SriHvoOZHqw=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 330843
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Mon, 22 Nov 2021 08:55:17 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm&google_hm=ZWE2OWQ4NzMzZGI5Yjc2NWIyNTU1MjBhNzIwMTk2ZDM&
https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEJ-M9fYKywb_DUW7YActp6U&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=ZWE2OWQ4NzMzZGI5Yjc2NWIyNTU1MjBhNzIwMTk2ZDM&

170 B
188 B

46ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=ZWE2OWQ4NzMzZGI5Yjc2NWIyNTU1MjBhNzIwMTk2ZDM&

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 08:55:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Nov 2021 08:55:16 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=ZWE2OWQ4NzMzZGI5Yjc2NWIyNTU1MjBhNzIwMTk2ZDM&
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Floadm.exelator.com%2Fload%2F%3Fp%3D204%26g%3D013%26bi%3D%24UID%26j%3D0
https://loadm.exelator.com/load/?p=204&g=013&bi=2368570951694875968&j=0

0
1 KB

10ms
10ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=013&bi=2368570951694875968&j=0
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 08:55:16 GMT
X-Proxy-Origin: 136.243.198.85; 136.243.198.85; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fab7c291-bd2b-48ad-9c63-f04807881417
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://loadm.exelator.com/load/?p=204&g=013&bi=2368570951694875968&j=0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
597 B 145ms
113ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=ea69d8733db9b765b255520a720196d3&p_id=28539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 106
pragma: no-cache
last-modified: Mon, 22 Nov 2021 08:55:17 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 1620d3efd2d2cb715c9cd3b18249ce02c836cbcb27d63618b7d1c5c574c9a508
x-transaction: e110979a569a3666
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 302ms
302ms Script
text/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=4340&account_id=152221&title=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&url=https%3A%2F%2Fwww.tfo.org%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.0

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-6-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

e70410992c99c05bb1c0525dd2c427a969fca16d38d119e1e0088788634fb0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 08:55:17 GMT
Content-Encoding: gzip
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
X-Pardot-Rsp: 17/6/223
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 559
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.0 200
OK analytics Show response
infolettres.groupemediatfo.org/ 50 B
1 KB 675ms
251ms Script
text/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://infolettres.groupemediatfo.org/analytics?conly=true&visitor_id=234425291&visitor_id_sign=ca2abe0c1c6c4d33f4afe4416b436db9ca0178fb0f63b08f8a74ab69d39dd3567c49c0c31e214bbe3321177fd1962e886a7e5efb&pi_opt_in=&campaign_id=4340&account_id=152221&title=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&url=https%3A%2F%2Fwww.tfo.org%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=4340&account_id=152221&title=TFO%20%E2%80%93%20vid%C3%A9os%20pour%20enfants%2C%20chansons%20et%20jeux%2C%20films%20et%20s%C3%A9ries&url=https%3A%2F%2Fwww.tfo.org%2F&referrer=
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tfo.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 08:55:18 GMT
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
X-Pardot-Rsp: 17/1/90
Vary: User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.tfo.org/	1969-12-31 23:59:59	Name: tfo-session Value: f1fab885155a5d5d0580c21e6769d3f1
.google.com/	1970-01-20 03:16:22	Name: NID Value: 511=tqMSbQb01HvZV3DgevsK7opkQsljFWKgiZaOfEiw8ED5c-A5si987UHHwTtEIT6rSizgPROif3Khwx1HF1qBuBpZcCPgfnKPLwir4ZuVIYhsCRxgY_0-D2NdoCtSoyt16w7AQi1yuy16f2XcNkT-UlJolbpmwRA6f1r3QdM58Fc
.tfo.org/	1970-01-20 01:02:27	Name: _gcl_au Value: 1.1.1145510301.1637571316
.tfo.org/	1970-01-20 16:24:03	Name: _ga Value: GA1.2.2052801506.1637571316
.tfo.org/	1970-01-19 22:54:17	Name: _gid Value: GA1.2.2127460528.1637571316
.tfo.org/	1970-01-19 22:52:51	Name: _gat_UA-67499871-1 Value: 1
.scorecardresearch.com/	1970-01-20 16:09:39	Name: UID Value: 1XESC6OVF87CN15Y9NJJBIg1637571316
.tfo.org/	1970-01-20 01:02:27	Name: _fbp Value: fb.1.1637571315931.820208453
.doubleclick.net/	1970-01-20 08:14:27	Name: IDE Value: AHWqTUlP4EQe2bfJnNkA2WDxnMvOPDaSPmW5y0MTEd055qid-m6qerYu1mpPfZP2FTg
www.tfo.org/	1970-01-20 08:21:39	Name: __atuvc Value: 1%7C47
www.tfo.org/	1970-01-19 22:52:53	Name: __atuvs Value: 619b5af3630eb43b000
.tfo.org/	1970-01-20 22:52:51	Name: nmstat Value: 3805004f-fa21-dd2e-61ca-bd790098503f
.addthis.com/	1970-01-20 08:21:39	Name: uvc Value: 1%7C47
.www.tfo.org/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
.addthis.com/	1970-01-20 08:21:39	Name: loc Value: MDAwMDBFVURFSEUyMzAxMTg4MzAwMzAwMDBDSA==
.exelator.com/	1970-01-20 01:45:39	Name: EE Value: "ea69d8733db9b765b255520a720196d3"
.exelator.com/	1970-01-20 01:45:39	Name: ud Value: "eJxrXxzq6XKLQSE10cwyxcLc2DglyTLJ3Mw0ycjU1NTIINHcyMDQ0izFeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F71ucBwBW9imx"
.atedra.com/	1970-01-20 07:38:27	Name: _adstanding_id Value: 403329c5bd9bd2311dfa36b7855f69be
.adnxs.com/	1970-01-20 01:02:27	Name: uuid2 Value: 2368570951694875968
.exelator.com/	1970-01-20 01:45:39	Name: hsk_350 Value: "gAAAAAQAAABrKLUv%252FSBrWQMAiKRidWlkszIzNjg1NzA5NTE2OTQ4NzU5NjijaHNrpDU0MzmoZGVsaXZlcnmkNTQzOaN2ZXIHpWJuYW1lp1MyMDRBUE6ldHNlZ3OvMjYzODUyNywxNjE5NzAwpWJjb2RlzQFeonRzylO%252Bo24%253D"
.exelator.com/	1970-01-20 01:45:39	Name: hsk_1721 Value: "gAAAAAQAAAB6KLUv%252FSB60QMAiKRidWlk2gAoZTRlZDQ5NGNkY2NiMjljMTcxODU5YjM3OGE3YjQ2MDljZWQzZjE3MqNoc2ukNTQzOahkZWxpdmVyeaQ1NDM5o3ZlcgGlYm5hbWWnUzIwNFREU6V0c2Vnc6cyNTUyNDYxpWJjb2RlzQa5onRzylO%252Bo24%253D"
.adsrvr.org/	1970-01-20 07:38:27	Name: TDID Value: 58ad6385-ee5a-4eb8-9ae5-b512a7427d5d
.adsrvr.org/	1970-01-20 07:38:27	Name: TDCPM Value: CAESFgoHZXhlbGF0ZRILCKi7yuf655Y6EAUYBSABKAIyCwiAi4-UkeiWOhAFOAE.
.twitter.com/	1970-01-20 16:24:03	Name: personalization_id Value: "v1_piNKkehYYasGYdGquwC7Bw=="
.exelator.com/	1970-01-20 01:45:39	Name: hsk_911 Value: "gAAAAAQAAAB2KLUv%252FSB2sQMAiKRidWlk2gAkNThhZDYzODUtZWU1YS00ZWI4LTlhZTUtYjUxMmE3NDI3ZDVko2hza6Q1NDM5qGRlbGl2ZXJ5pDU0MzmjdmVyAqVibmFtZadTMjA0VFREpXRzZWdzpzI0OTYwMDWlYmNvZGXNA4%252BidHPKU76jbg%253D%253D"
.pardot.com/	1970-01-23 14:28:51	Name: visitor_id151221 Value: 234425291
.pardot.com/	1970-01-23 14:28:51	Name: visitor_id151221-hash Value: ca2abe0c1c6c4d33f4afe4416b436db9ca0178fb0f63b08f8a74ab69d39dd3567c49c0c31e214bbe3321177fd1962e886a7e5efb
pi.pardot.com/	1970-01-19 22:52:53	Name: lpv151221 Value: aHR0cHM6Ly93d3cudGZvLm9yZy8%3D
www.tfo.org/	1970-01-23 14:28:51	Name: visitor_id151221 Value: 234425291
www.tfo.org/	1970-01-23 14:28:51	Name: visitor_id151221-hash Value: ca2abe0c1c6c4d33f4afe4416b436db9ca0178fb0f63b08f8a74ab69d39dd3567c49c0c31e214bbe3321177fd1962e886a7e5efb
infolettres.groupemediatfo.org/	1970-01-23 14:28:51	Name: visitor_id151221 Value: 234425291
infolettres.groupemediatfo.org/	1970-01-23 14:28:51	Name: visitor_id151221-hash Value: ca2abe0c1c6c4d33f4afe4416b436db9ca0178fb0f63b08f8a74ab69d39dd3567c49c0c31e214bbe3321177fd1962e886a7e5efb

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0031/9383.js?454880 Message: Failed to load resource: the server responded with a status of 410 ()
javascript	warning	URL: https://adserve.atedra.com/serve.php?z=10958(Line 61) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10349983.fls.doubleclick.net
6083140.global.siteimproveanalytics.io
accounts.google.com
adserve.atedra.com
adservice.google.com
analytics.twitter.com
apis.google.com
cdn.exelator.com
cdn.mouseflow.com
cm.g.doubleclick.net
code.adstanding.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
infolettres.groupemediatfo.org
load77.exelator.com
loadm.exelator.com
m.addthis.com
match.adsrvr.org
mydmp.exelator.com
onsite-tag-logs.apps.nielsen.com
pi.pardot.com
s3.amazonaws.com
s7.addthis.com
sb.scorecardresearch.com
script.crazyegg.com
siteimproveanalytics.com
ssl.gstatic.com
stats.g.doubleclick.net
sync.teads.tv
tfo.org
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.tfo.org
z.moatads.com
s7.addthis.com
104.111.242.245
104.244.42.131
104.75.88.126
142.250.185.166
142.250.185.226
142.250.74.194
143.204.98.10
143.204.98.127
143.204.98.87
18.198.69.109
18.232.28.189
185.33.220.216
2.18.235.40
23.111.9.38
2606:4700:3031::ac43:91b0
2606:4700::6813:9408
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:828::200d
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c0a::9a
2a02:6ea0:c700::11
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.127.165.70
35.71.131.137
52.207.30.122
52.217.67.14
52.4.52.166
52.72.252.63
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d838ed416818175d568fd1591a3dc52d4ed6d020171544485cb63f6929ce000
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119f952c6489c7cdfd2236e6265f9e9d525515e759c8aa018a7bcb977102e6e5
11aa76bf8d314693c65e18d0946d5a4b059e383b010161828028f4bc8066bef4
13a21b1f8fea82ca0a4f681dccd3b5d846820146f5a464de4984be8dc7633927
1605ebd9e8a24e763e84c3197155d4c7e66bd173209fdbcd68ed82c64d423c95
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
17438dfdd93697f1fac8ed49976a8e4161933c89eb32fde545a00a67159eed4f
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
208a5f0035cb0710fa4b7932334162179b52c889175eb183ca61cb116d616244
21d79e25e330e4fc40b8b01864abb82f7ee0498331bf34a7a344019a0d082007
23df2c3f1040fcd3dff1a9cadca416b9fd045638d844c55d9b753038d5c221f3
2472a1dbe7add75e3b0194069c511d129819cb31d1f4f61406c471b13e70e9ff
25510a7fd934a580116ebf8bbf2e05b86986eb8cdabf383c58b488d51f7b400c
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
401f8ed0d4a03acff7b86bafdc359c0da5188719626c8ed1ed1eed0038d5d14f
4112275fe878d4b037316a449f7516817d3c7da7839eb532b81c80b309b36df5
442d6fa62d9f10b2b01f1b70c22d704872156d47cf951df16b6d41faf9352401
4b8723ae9e4ef196951550ad05b4ad187007764a3b519bc4b4d352a4fc634367
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
5241ed1713c1c60805016375ea8e00f8a5bbccdfb177b731040c8ee46706a528
527bb5f9b6d9198713a32f69098cef60b0b56e679aa4485b15724120ea76eea0
534c0e0a252abfb114b499301a64ad451049adb3acaf83fae64c78e479440860
5765e7979a11d9f355b94e34ef2f4f6b09ab5532f45f30010fc3fe44748140eb
5d0719af5d85776203e03dc7d0b0d26005c01cd7b493670bbfd8d6dee32084ae
5d77b373c2bfd1658d081b8a3b73af79c948c144de57f90a249f737c18713ae5
5f48f77baf80d92024dcaa090069c00709b5a7ae469ea678716fc68cf7336f77
637b8412c83c240facd9a30062ecdc9c1e8cb66e0f7ead96f372f98dfb5770ca
68e75f3bb8632144f5e3a8e065b61a93e4eb03e116cab82207ab3eea80e84e80
696953d0bb0372f9eec65ca6a8f8390e7a5d73df0a2aeb29c44e934cf114f7fc
6b224e947554115ffe0cc97a0c5ad1a3d445d2310b94024c6c3019ce2bc7e8c9
70fbf9692a9a82503e6c78401ad3001cfbaee1b14315504ffce9bbe690d801c4
7166c3938cadaaac79131b889a7ece70cc193f4ed20294516192b0b3f3e681cf
72a38c81694257079551b18f00857651975d836c3da0cb774ff7733603d7ec86
749ab12ee2832124f50e8d4e605bfe0beecfaa47958f9be7ac252f321647b853
74efc15ce02b7e572a4802bc45d58bb898c89123fcd81e33ed6818b95dee01eb
78d8aa00a4effdea0749f3b5a48a3e5967e73c4ce6454d2abd09bc8e3823abbc
7a1a21abeb0c01308c95c7f201bbc12022f1519633c2a3ed2dfdfe38bcdc08cc
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7debb75ac791f55ac1b7251e72951d88d773bcc6d6f4ea7786d14c9313078169
7f9c88c9549056858c05d8774daf576b90a947629e536c1975fd97e2e5b2c879
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83479d5c116700383533b6a043587f2f955a2720e2b2b762a3bdb32ea32f715c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85881ebdb0a175c71ec459c6930c7e60865b13e80a42a146d20c2f3d1884d19b
89447886a61ebd797564eafbfad1774659fa3bf3414c5500f2fb91c42fe4a8e9
89f5036bc75faebd82de582288170b1ac2a7ea391b8e3cf65e53325bda265692
8a2e5b95d9d311cfd084d472adb68fd8aa1ab8b73dbaba141157b3a96dbf30df
8c6fd124804f909d0e5c56910b8822711d6c67b5584d59714c2a689300d76d38
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
92575a5287c596360a2b66825a4bf26167bf823cd2618f3f7f939fa95c56d03e
92a262eb84f12ef7a291a552222614183004e4b2f85eff88a4779a8bba340ea9
96616dadb8a2071377884cf3fb1025ad72ecf56ecbcbd7a61c7267c5b5ad8ede
978e247261f11ba9b27dd613f5c55d6e2450e841efbaab21e1caeb024694ef90
9a929ca0cc4712498fd145f7f260dcd088ebbca199942952651bc6306999bbec
9b112575fe3a60de423350c134a156bb07d352b88167b3f5990fc1e4843bfd42
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a362f69b2d3a4c7524c423ce51bcee34a234354552e150be760bd91be2f0084b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af8ff771c3098292551bf884f95ba3d4996320836e93c1757cf74ac5669ece4d
b04780cc8befb8f827f7e8bc7e37c74ed77ab6b7e5d9dbaca813a9101b7494cc
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2f17a9fe998f0c813c8c2f771a5a94e79f1df0eded171b61be917fa04ce5749
b85d4faa9763a7d2c64bfe03f6e2c8a93c3da77cb5ab773eca17aae677febf66
bea1ca796c37d7451a6bb3538841b70ae5c94604b8bb90c3271b0fe0b5b90062
bee094a0168e839078e719a45337032d9e69ad61dd210c9e300f9f8d98f509b3
c03a1fb42c50bf69ffa937ad7df66fcc1b1bfea628a3c7457d030e5d52f2530f
c66c6f28739b8b7de0e0cead39e6b62bb2b5c1887524e0d6b455f46aa3d86bc0
c6d4dd282d851c4f1ee12249e8c7dc0fca32cba8c04ab6ec4dcb9d0a338fdc08
c7d6f3b781dc8fa1b86bb45a5d8a5fb2baaf6b56eed1af59586dbdacdab24924
c7db04ec3e9ef843d395f18f458eca9321a106396aba65cf30c38a3ae223b32e
c92f2b5cf5852e5997c60f5ce8cae4d044949e50578977b50f4397f93113345d
cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77
ce2ec3f966cd758ef66d3ace077fce69e841b6bb0cef719cbfd3b48613480360
ce34b37175d2e485f280aae53d81592d8213a6777676961e94aaf2da29032b0b
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
dc523e4d55abdb3eec801d8b6c8852d9d4aef8981ef354fc33679c7d57606268
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ad47f0b97b219139ac1c39515606fbd6dc44ac79a2849d47d9457ea0dcf61a
e6f06e68516bac47a446c6297893240e734bdfe72eac22db881f2c3096207ddf
e70410992c99c05bb1c0525dd2c427a969fca16d38d119e1e0088788634fb0ad
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ecdc9cf0f73212943abd1775902ee280574aa7fd60932a425b979981db43f694
ecf91b629666b295cbc9f1b7f5689a9c82c61863dfc76da92fd7edeab0f5f255
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbbff1c44fa38d664080a2548ade71e7f2d8588e2384c9a51dbf4251c5e09e1
f8d822e6145555621bb955c95bf26cf4c75631cc2826e915a6b00abe3ec262f4
fb5bc358e9145b692f3b4e3552aab4d91a37fb32ef1f62b8c820431176f9a65d

www.tfo.org Open in urlscan Pro 52.72.252.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

110 Requests

93 %HTTPS

47 %IPv6

30 Domains

43 Subdomains

36 IPs

4 Countries

3815 kBTransfer

7170 kBSize

32 Cookies

6 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tfo.org Open in urlscan Pro
52.72.252.63 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

93 %
HTTPS

47 %
IPv6

30
Domains

43
Subdomains

36
IPs

4
Countries

3815 kB
Transfer

7170 kB
Size

32
Cookies

110 HTTP transactions
0 data transactions