boniver.org Open in urlscan Pro
151.101.66.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://boniver.org/
Effective URL:
https://boniver.org/
Submission: On November 14 via api (November 14th 2022, 4:05:07 am UTC) from US — Scanned from DE

Summary HTTP 132 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 27 domains to perform 132 HTTP transactions. The main IP is 151.101.66.159, located in United States and belongs to FASTLY, US. The main domain is boniver.org.
TLS certificate: Issued by R3 on September 15th 2022. Valid for: 3 months.

This is the only time boniver.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	151.101.66.159 151.101.66.159	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:d400:11:65f0:c080:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
12	2.16.186.242 2.16.186.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:223... 2600:9000:223c:5200:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
4 8	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
16	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
4	52.36.162.60 52.36.162.60	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b130:806:7e95:75ec:c485	14618 (AMAZON-AES) (AMAZON-AES)
1	54.146.241.124 54.146.241.124	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.18.12.14 104.18.12.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
5 12	3.210.106.149 3.210.106.149	14618 (AMAZON-AES) (AMAZON-AES)
2 2	103.229.205.242 103.229.205.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
8 8	3.126.211.249 3.126.211.249	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
4 4	54.229.28.236 54.229.28.236	16509 (AMAZON-02) (AMAZON-02)
2 4	2.18.232.236 2.18.232.236	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
2 2	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3	2600:1f18:ed:... 2600:1f18:ed:550e:c0f4:8461:4273:acdc	14618 (AMAZON-AES) (AMAZON-AES)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
132	30

10 151.101.66.159 (United States) 1 redirects

ASN54113 (FASTLY, US)

boniver.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:d400:11:65f0:c080:93a1 (United States)

ASN16509 (AMAZON-02, US)

tracking.aegpresents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.16.186.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:5200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.166 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

6719212.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9382130.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.36.162.60 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-162-60.us-west-2.compute.amazonaws.com

b.aegpresents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:806:7e95:75ec:c485 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.241.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-241-124.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.14 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a4.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.53 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.210.106.149 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-106-149.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.205.242 (Singapore) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.126.211.249 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-211-249.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.229.28.236 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-28-236.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.236 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-236.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.159 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:ed:550e:c0f4:8461:4273:acdc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 6719212.fls.doubleclick.net — Cisco Umbrella Rank: 88968 9382130.fls.doubleclick.net — Cisco Umbrella Rank: 86248 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	14 KB
19	liadm.com 6 redirects b-code.liadm.com — Cisco Umbrella Rank: 3046 rp.liadm.com — Cisco Umbrella Rank: 1515 rp4.liadm.com — Cisco Umbrella Rank: 6981 i.liadm.com — Cisco Umbrella Rank: 551 i6.liadm.com — Cisco Umbrella Rank: 1726	23 KB
16	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	413 B
15	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4753 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
12	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 804	107 KB
11	google.de www.google.de — Cisco Umbrella Rank: 5922	1 KB
10	boniver.org 1 redirects boniver.org	769 KB
8	bidswitch.net 8 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	4 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	561 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	449 KB
6	aegpresents.com tracking.aegpresents.com — Cisco Umbrella Rank: 82292 b.aegpresents.com — Cisco Umbrella Rank: 78089	79 KB
5	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1393 match.adsrvr.org — Cisco Umbrella Rank: 341 insight.adsrvr.org — Cisco Umbrella Rank: 573	3 KB
4	addthis.com 2 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1192	2 KB
4	demdex.net 4 redirects dpm.demdex.net — Cisco Umbrella Rank: 197	4 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 745 s.tribalfusion.com — Cisco Umbrella Rank: 1840 a4.tribalfusion.com — Cisco Umbrella Rank: 28440	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 2536	20 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 531	582 B
2	taboola.com trc.taboola.com — Cisco Umbrella Rank: 636	488 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4467	754 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 446	1 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	2 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 279	2 KB
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1195	532 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 528	396 B
1	t.co t.co — Cisco Umbrella Rank: 475	376 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 603	15 KB
0	trendmicro.com Failed hes32-ctp.trendmicro.com Failed
132	27

	Domain	Requested by
16	www.facebook.com	boniver.org
12	i.liadm.com	5 redirects b-code.liadm.com i.liadm.com
12	analytics.tiktok.com	boniver.org analytics.tiktok.com
11	www.google.de	boniver.org
10	www.google.com	boniver.org
10	googleads.g.doubleclick.net	www.googletagmanager.com
10	boniver.org	1 redirects boniver.org
8	x.bidswitch.net	8 redirects
8	www.googletagmanager.com	boniver.org www.googletagmanager.com tracking.aegpresents.com
6	9382130.fls.doubleclick.net	3 redirects www.googletagmanager.com
6	connect.facebook.net	boniver.org connect.facebook.net
4	x.dlx.addthis.com	2 redirects i.liadm.com
4	dpm.demdex.net	4 redirects
4	adservice.google.com	9382130.fls.doubleclick.net 6719212.fls.doubleclick.net
4	b.aegpresents.com	tracking.aegpresents.com
3	i6.liadm.com	i.liadm.com
2	insight.adsrvr.org	js.adsrvr.org
2	b1sync.zemanta.com	2 redirects
2	trc.taboola.com	i.liadm.com
2	pool.admedo.com	2 redirects
2	match.adsrvr.org	i.liadm.com
2	sync.mathtag.com	2 redirects
2	ib.adnxs.com	1 redirects boniver.org
2	s.tribalfusion.com	1 redirects a.tribalfusion.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	s.amazon-adsystem.com	1 redirects boniver.org
2	6719212.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	b-code.liadm.com	www.googletagmanager.com b-code.liadm.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tracking.aegpresents.com	boniver.org
1	ums.acuityplatform.com	1 redirects
1	a4.tribalfusion.com	1 redirects
1	rp4.liadm.com	boniver.org
1	rp.liadm.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	analytics.twitter.com	boniver.org
1	t.co	boniver.org
1	a.tribalfusion.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
0	hes32-ctp.trendmicro.com Failed	boniver.org
132	42

This site contains links to these domains. Also see Links.

Domain
smarturl.it
store.boniver.org
eu.store.boniver.org
aus.store.boniver.org
www.facebook.com
twitter.com
www.instagram.com
premier.ticketek.com.au
monafoma.net.au
masscult.co

Subject Issuer	Validity	Valid
boniver.org R3	`2022-09-15` - `2022-12-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tracking.aegpresents.com Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://boniver.org/
Frame ID: F85C88D6DF2864174288B7DB393772D7
Requests: 104 HTTP requests in this frame

Frame: https://6719212.fls.doubleclick.net/activityi;dc_pre=COvWvb_lrPsCFS1DHQkdz6AN8Q;src=6719212;type=retarget;cat=retarg0;ord=2636072601999;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F
Frame ID: 93AE3F96C5BF1B8F3F7912D3F1039C3D
Requests: 2 HTTP requests in this frame

Frame: https://9382130.fls.doubleclick.net/activityi;dc_pre=CL_Nvr_lrPsCFU1HHQkd2B0HcA;src=9382130;type=retarget;cat=retarg0;ord=1024658731187;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F
Frame ID: 3E0D45824001440D72F88EB5C4E64973
Requests: 2 HTTP requests in this frame

Frame: https://9382130.fls.doubleclick.net/activityi;dc_pre=CO-Rv7_lrPsCFVFEHQkdi9MJmw;src=9382130;type=retarget;cat=retarg0;ord=7307399068435;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;~oref=https%3A%2F%2Fboniver.org%2F
Frame ID: F6CA018128D02C104847E70A9BDB1F9B
Requests: 2 HTTP requests in this frame

Frame: https://9382130.fls.doubleclick.net/activityi;dc_pre=CP3mwL_lrPsCFZxFHQkdK84IBA;src=9382130;type=norev0;cat=unive0;ord=6189931454631;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=boniver.org;u19=music;u20=folk;~oref=https%3A%2F%2Fboniver.org%2F
Frame ID: C4C2B9BA035118647A6A2DC072EBB329
Requests: 2 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 8500BAF562BF046657D622D667A19907
Requests: 8 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: B93C3D2942DE4E80E1C8413127F3AFAC
Requests: 8 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3rqwsjg&ref=https%3A%2F%2Fboniver.org%2F&upid=55rk4fk&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=Bon%20Iver&td6=undefined&td7=boniver.org&td8=music&td9=folk
Frame ID: FFC0B996986F38C2AE9DDAB92BFACD0E
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3rqwsjg&ref=https%3A%2F%2Fboniver.org%2F&upid=55rk4fk&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=Bon%20Iver&td6=undefined&td7=boniver.org&td8=music&td9=folk
Frame ID: 02FE80B525D342C3F0FF428E750F7879
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bon Iver

Page URL History Show full URLs

http://boniver.org/ HTTP 301
https://boniver.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

132
Requests

89 %
HTTPS

43 %
IPv6

27
Domains

42
Subdomains

30
IPs

6
Countries

2045 kB
Transfer

5171 kB
Size

41
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://smarturl.it/boniverstore
Title: Store

Search URL Search Domain Scan URL

URL: https://store.boniver.org/
Title: US Store

Search URL Search Domain Scan URL

URL: https://eu.store.boniver.org/
Title: EU Store

Search URL Search Domain Scan URL

URL: https://aus.store.boniver.org/
Title: OZ Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/boniverwi

Search URL Search Domain Scan URL

URL: https://twitter.com/boniver

Search URL Search Domain Scan URL

URL: https://www.instagram.com/boniver/

Search URL Search Domain Scan URL

URL: https://premier.ticketek.com.au/shows/show.aspx?sh=BONIVER23
Title: TICKETS

Search URL Search Domain Scan URL

URL: https://monafoma.net.au/
Title: TICKETS

Search URL Search Domain Scan URL

URL: https://masscult.co/
Title: Masscult

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://boniver.org/ HTTP 301
https://boniver.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://6719212.fls.doubleclick.net/activityi;src=6719212;type=retarget;cat=retarg0;ord=2636072601999;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F HTTP 302
https://6719212.fls.doubleclick.net/activityi;dc_pre=COvWvb_lrPsCFS1DHQkdz6AN8Q;src=6719212;type=retarget;cat=retarg0;ord=2636072601999;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F

Request Chain 38

https://9382130.fls.doubleclick.net/activityi;src=9382130;type=retarget;cat=retarg0;ord=1024658731187;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F HTTP 302
https://9382130.fls.doubleclick.net/activityi;dc_pre=CL_Nvr_lrPsCFU1HHQkd2B0HcA;src=9382130;type=retarget;cat=retarg0;ord=1024658731187;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F

Request Chain 40

https://9382130.fls.doubleclick.net/activityi;src=9382130;type=retarget;cat=retarg0;ord=7307399068435;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;~oref=https%3A%2F%2Fboniver.org%2F HTTP 302
https://9382130.fls.doubleclick.net/activityi;dc_pre=CO-Rv7_lrPsCFVFEHQkdi9MJmw;src=9382130;type=retarget;cat=retarg0;ord=7307399068435;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;~oref=https%3A%2F%2Fboniver.org%2F

Request Chain 41

https://9382130.fls.doubleclick.net/activityi;src=9382130;type=norev0;cat=unive0;ord=6189931454631;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=boniver.org;u19=music;u20=folk;~oref=https%3A%2F%2Fboniver.org%2F HTTP 302
https://9382130.fls.doubleclick.net/activityi;dc_pre=CP3mwL_lrPsCFZxFHQkdK84IBA;src=9382130;type=norev0;cat=unive0;ord=6189931454631;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=boniver.org;u19=music;u20=folk;~oref=https%3A%2F%2Fboniver.org%2F

Request Chain 46

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3D581380979449813845%3Bp%3D0EEE77B1-C021-2F52-4B55-8C71BBAD8383 HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3D581380979449813845%3Bp%3D0EEE77B1-C021-2F52-4B55-8C71BBAD8383&dcc=t

Request Chain 76

https://rp.liadm.com/j?dtstmp=1668398701475&aid=a-08c7&se=e30&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&tna=v2.5.1&pu=https%3A%2F%2Fboniver.org%2F&wpn=lc-bundle&c=PHRpdGxlPkJvbiBJdmVyIDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Imh0dHBzOi8vdC5jby82djBHZldPTzhoIj48aDEgY2xhc3M9InNlY3Rpb24tdGl0bGUiPjxhIGhyZWY9Ii9uZXdzIj5OZXdzPC9hPjwvaDE-PGgxIGNsYXNzPSJzZWN0aW9uLXRpdGxlIj48YSBocmVmPSIvdG91ciI-VG91cjwvYT48L2gxPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1668398701475&aid=a-08c7&se=e30&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&tna=v2.5.1&pu=https%3A%2F%2Fboniver.org%2F&wpn=lc-bundle&c=PHRpdGxlPkJvbiBJdmVyIDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Imh0dHBzOi8vdC5jby82djBHZldPTzhoIj48aDEgY2xhc3M9InNlY3Rpb24tdGl0bGUiPjxhIGhyZWY9Ii9uZXdzIj5OZXdzPC9hPjwvaDE-PGgxIGNsYXNzPSJzZWN0aW9uLXRpdGxlIj48YSBocmVmPSIvdG91ciI-VG91cjwvYT48L2gxPg&i6=MjAwMTphYzg6MjA6M2QwMDoxMDEyOmVkZDphMGNhOmRhOTM%3D&n3pc=true

Request Chain 97

https://s.tribalfusion.com/insights?%7B%22tagKey%22%3A%222969779413%22%2C%22th%22%3A8279861476%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22armneM3cUXXb3ATAXp5mFb2S7nQ6JLAf%22%2C%22url%22%3A%22https%3A%2F%2Fboniver.org%2F%22%2C%22clientName%22%3A%22AEG%2520-%2520Rogers%2520Waters%22%2C%22clientID%22%3A797983%2C%22eventType%22%3A%22insights%22%2C%22segmentNumber%22%3A0%2C%22segmentName%22%3A%22AEGRogerWatersInsight%22%7D HTTP 302
https://a4.tribalfusion.com/ipg?ip6=2001:ac8:20:3d00:1012:edd:a0ca:da93&kv=%7B%22ord%22%3A%207454317%2C%20%22clientID%22%3A%20797983%7D&redirect=https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$ HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24

Request Chain 115

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa9beee41c8444f3c8916b077d4add7d5%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&ea01e67e-4dc4-4dad-9d25-51a083feac77 HTTP 302
https://i.liadm.com/s/e/a-08c7/0/a9beee41c8444f3c8916b077d4add7d5?mpid=7156&muid=088e6371-be6f-4b00-bece-487be72920d5

Request Chain 117

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152 HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77 HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=151a43ae-dd83-40ce-a795-090d263d7152 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=151a43ae-dd83-40ce-a795-090d263d7152 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2c50b60f-f108-4939-a701-55ffa036c448&user_group=1&ssp=liveintent&bsw_param=151a43ae-dd83-40ce-a795-090d263d7152 HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152

Request Chain 118

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa9beee41c8444f3c8916b077d4add7d5%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa9beee41c8444f3c8916b077d4add7d5%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-08c7/0/a9beee41c8444f3c8916b077d4add7d5?mpid=82775&muid=40517952645631345970329347599536815864

Request Chain 119

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77 HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77&rd=Y

Request Chain 121

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Request Chain 122

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa637e6c3ad9a46f3b5083fe4d5418628%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&ea01e67e-4dc4-4dad-9d25-51a083feac77 HTTP 302
https://i.liadm.com/s/e/a-08c7/0/a637e6c3ad9a46f3b5083fe4d5418628?mpid=7156&muid=265a6371-be6f-4300-9577-2a2fb37848d2

Request Chain 124

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=a84739a8-238c-46aa-9e0b-269fed23ec2d HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77 HTTP 302
https://ums.acuityplatform.com/bum?tpid=29&uid=151a43ae-dd83-40ce-a795-090d263d7152&bidswitch_ssp_id=liveintent HTTP 302
https://x.bidswitch.net/sync?dsp_id=236&user_id=&expires=30&user_group=1&ssp=liveintent HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152 HTTP 303
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152

Request Chain 125

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa637e6c3ad9a46f3b5083fe4d5418628%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa637e6c3ad9a46f3b5083fe4d5418628%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-08c7/0/a637e6c3ad9a46f3b5083fe4d5418628?mpid=82775&muid=74421082995705287412500562063660528886

Request Chain 126

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77 HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77&rd=Y

Request Chain 128

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

132 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
boniver.org/
Redirect Chain

http://boniver.org/
https://boniver.org/

56 KB
15 KB

56ms
16ms

Document
text/html

151.101.66.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

337e24fe8cc111c949a7ff16d47d68a3f23546a9a28341c5468e311ed1fb6629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 14586
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 04:05:00 GMT
fastly-restarts: 1
link: <https://boniver.org/wp-json/>; rel="https://api.w.org/"
referrer-policy: no-referrer-when-downgrade
server: Flywheel/5.1.0
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 1
x-cacheable: YES
x-content-type-options: nosniff
x-fw-dynamic: TRUE
x-fw-hash: u7rqgrococ
x-fw-serve: TRUE
x-fw-server: Flywheel/5.1.0
x-fw-static: NO
x-fw-type: VISIT
x-fw-version: 5.0.0
x-served-by: cache-hhn4071-HHN
x-timer: S1668398701.651860,VS0,VE2
x-xss-protection: 1

Redirect headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 14 Nov 2022 04:05:00 GMT
Location: https://boniver.org/
Referrer-Policy: no-referrer-when-downgrade
Server: Flywheel/5.1.0
Vary: Authorization
X-Cache: HIT
X-Cache-Hits: 1
X-Content-Type-Options: nosniff
X-FW-Hash: u7rqgrococ
X-FW-Serve: TRUE
X-FW-Server: Flywheel/5.1.0
X-FW-Static: NO
X-FW-Type: VISIT
X-FW-Version: 5.0.0
X-Served-By: cache-hhn4076-HHN
X-Timer: S1668398701.592199,VS0,VE1
X-XSS-Protection: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 121ms
70ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-70046424-2

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7fb8666a265082a69632025a9298282851c4f0d96aa73667869cf1f65eae0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43614
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Nov 2022 04:05:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 139ms
88ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-982444711

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c90bb5f8ac9e44aee4fbf60c43b1fddea4529bd7e2189cdbb696140d29310ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53033
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Nov 2022 04:05:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 49ms
46ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CK5BY8H3B3

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a9a0bff924dab382273ddbff898e3f15906b4852daab7d0f805822037dfe4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76511
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 04:05:00 GMT

GET
H2 200 style.min.css
boniver.org/wp-includes/css/dist/block-library/ 87 KB
14 KB 24ms
24ms Stylesheet
text/css 151.101.66.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://boniver.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4071-HHN
x-fw-type: VISIT
content-length: 13906
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
server: Flywheel/5.1.0
x-timer: S1668398701.675705,VS0,VE1
etag: W/"634e6020-15b64"
x-fw-hash: u7rqgrococ
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 app.css
boniver.org/wp-content/themes/boniver/assets/stylesheets/ 176 KB
33 KB 18ms
18ms Stylesheet
text/css 151.101.66.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://boniver.org/wp-content/themes/boniver/assets/stylesheets/app.css?ver=1590637844

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

013d4602ea9582548d72a288920d6c1e778cbdec1b7658576a50c5440d64b0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4071-HHN
x-fw-type: VISIT
content-length: 33463
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 May 2020 03:50:44 GMT
server: Flywheel/5.1.0
x-timer: S1668398701.675683,VS0,VE1
etag: W/"5ecf3514-2c163"
x-fw-hash: u7rqgrococ
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 app.js Show response
boniver.org/wp-content/themes/boniver/assets/scripts/ 262 KB
87 KB 25ms
25ms Script
application/javascript 151.101.66.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://boniver.org/wp-content/themes/boniver/assets/scripts/app.js?ver=1590637844

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

c01c8830e13c986ac8bc22f773bef782e81fefa54a427b2874d6cf824509b1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4071-HHN
x-fw-type: VISIT
content-length: 89331
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 May 2020 03:50:44 GMT
server: Flywheel/5.1.0
x-timer: S1668398701.675661,VS0,VE1
etag: W/"5ecf3514-41892"
x-fw-hash: u7rqgrococ
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 brand.svg
boniver.org/wp-content/themes/boniver/assets/images/ 4 KB
2 KB 29ms
25ms Image
image/svg+xml 151.101.66.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://boniver.org/wp-content/themes/boniver/assets/images/brand.svg

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

05810a098f3047b0fba1308d6f002a23065a31c7d3568afa8610b1c31bc223c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4071-HHN
x-fw-type: VISIT
content-length: 1843
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 May 2020 22:35:49 GMT
server: Flywheel/5.1.0
x-timer: S1668398701.816293,VS0,VE1
etag: W/"5ec30dc5-eb0"
x-fw-hash: u7rqgrococ
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 universalpixel.js Show response
tracking.aegpresents.com/universalpixel/ 353 B
720 B 117ms
12ms Script
application/javascript 2600:9000:225e:d400:11:65f0:c080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.aegpresents.com/universalpixel/universalpixel.js?t=1668470400000
Requested by: Host: boniver.org
URL: https://boniver.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:11:65f0:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 860982f7df0344e1608e42a5279603244e7bb6c6c92f99a7d8442ff61a4637a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: yzC2d5nyWhAWpaIfBFOzFwofkVYfpPI6
date: Mon, 14 Nov 2022 01:30:49 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Thu, 25 Oct 2018 06:36:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 9270
etag: "43b149699f79e5268943f6db2d7e2edb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 353
x-amz-cf-id: x7hRgXfb-ANQz1evnk7nV6Yvg3EGz5EWUVwHo4rDKrjdqoDvAf4msg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 71ms
19ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 14 Nov 2022 04:05:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hZH92LEJrt8G6f0DvdFx0M7MkvbeAasBpOVa7keCBFXQmIQ3m73JUh/lw2oaEwu1D2Gw96V93w03cMGQ5zkKMg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET query
hes32-ctp.trendmicro.com/wis/clicktime/v1/ 0
0

GET
H2 200 wp-emoji-release.min.js Show response
boniver.org/wp-includes/js/ 18 KB
6 KB 24ms
21ms Script
application/javascript 151.101.66.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://boniver.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4071-HHN
x-fw-type: VISIT
content-length: 5515
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
server: Flywheel/5.1.0
x-timer: S1668398701.816303,VS0,VE1
etag: W/"634e6020-48b9"
x-fw-hash: u7rqgrococ
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 344ms
14ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70046424-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 03:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2412
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 14 Nov 2022 05:24:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 66ms
61ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-982444711&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70046424-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c288a4166ec88115eb20083aec86caf9e815d5840c3d32b502d60ce368770753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53029
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Nov 2022 04:05:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 67ms
66ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CK5BY8H3B3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70046424-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf36b56d4fdf91496111a42f0aa3abcae1702a188a80f56365b0b7b589559b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 04:05:00 GMT

GET
H2 200 bg-landing.jpg
boniver.org/wp-content/themes/boniver/assets/images/ 562 KB
535 KB 24ms
24ms Image
image/jpeg 151.101.66.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://boniver.org/wp-content/themes/boniver/assets/images/bg-landing.jpg

Requested by

Host: boniver.org
URL: https://boniver.org/wp-content/themes/boniver/assets/stylesheets/app.css?ver=1590637844

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

b3024fbbae4e422bcf07b5ed42e48dd2f0e41023b9390de5c4ce130fe9d2f8cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/wp-content/themes/boniver/assets/stylesheets/app.css?ver=1590637844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4071-HHN
x-fw-type: VISIT
content-length: 547158
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 May 2020 22:35:50 GMT
server: Flywheel/5.1.0
x-timer: S1668398701.843408,VS0,VE7
etag: W/"5ec30dc6-8c741"
x-fw-hash: u7rqgrococ
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 0-450x360.jpg
boniver.org/wp-content/uploads/2020/05/ 27 KB
26 KB 18ms
18ms Image
image/jpeg 151.101.66.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://boniver.org/wp-content/uploads/2020/05/0-450x360.jpg

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

dfb945157f5dd2a5919fa8f7a006dcd547acb9bee5ed5d31a3cb72357b1c0ec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4071-HHN
x-fw-type: VISIT
content-length: 26737
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 May 2020 22:51:27 GMT
server: Flywheel/5.1.0
x-timer: S1668398701.843517,VS0,VE1
etag: W/"5ec3116f-6cd8"
x-fw-hash: u7rqgrococ
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 404 undefined
boniver.org/ 51 KB
51 KB 191ms
191ms Image
text/html 151.101.66.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://boniver.org/undefined

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

6a2b1d11495f65f8c6d44c2684ffb955e36ad134962f6cf1ab14eccefbdde8b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-fw-static: NO
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: NO:Not Cacheable
x-fw-server: Flywheel/5.1.0
x-cache: MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-hhn4071-HHN
x-fw-type: VISIT
content-length: 13660
referrer-policy: no-referrer-when-downgrade
x-fw-dynamic: TRUE
server: Flywheel/5.1.0
x-timer: S1668398701.867585,VS0,VE171
x-fw-hash: u7rqgrococ
x-fw-version: 5.0.0
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-fw-serve: TRUE
cache-control: no-cache, must-revalidate, max-age=0
accept-ranges: bytes
link: <https://boniver.org/wp-json/>; rel="https://api.w.org/"
x-cache-hits: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/982444711/ 2 KB
1 KB 90ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982444711/?random=1668398700881&cv=11&fst=1668398700881&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&auid=1349383364.1668398701&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982444711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd087862e2a3ef1f518e1b259232080e0350c8586eb387599201d1594dbc643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 864
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/982444711/ 2 KB
2 KB 83ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982444711/?random=1668398700915&cv=11&fst=1668398700915&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=_NqjCKvDs58BEKfVu9QD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&auid=1349383364.1668398701&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982444711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9080e229a1a92ca50920aa6e76c37e36d721e079aea8090aa87822d5916b23c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 917
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1014675772&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CK5BY8H3B3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c4836a0b6d85c8abaebd16c604345408775059072208928b520cd8eb60a4a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52999
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Nov 2022 04:05:00 GMT

GET
H3 200 479388125538064 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 105ms
75ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/479388125538064?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95865b042a90f7d70bf5a7b1335a715287493a25f34a9913a44c9b739dda61e5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LxHlghpcT68C06rRIdlKuDkHv3ORIpI9KRpgqVyIZcNlYIw6LkYRSzbWsASxjMVLLxc2quCH2i+1xQ4/A3ARpg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 75ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CK5BY8H3B3&gtm=2oeb90&_p=2025103792&cid=1184729584.1668398701&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668398700&sct=1&seg=0&dl=https%3A%2F%2Fboniver.org%2F&dt=Bon%20Iver&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CK5BY8H3B3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://boniver.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 599 KB
139 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Requested by

Host: tracking.aegpresents.com
URL: https://tracking.aegpresents.com/universalpixel/universalpixel.js?t=1668470400000

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26406fb3c2ab048933e0e626eef3485e51fcb5775265cc9c6a98e77650355bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141823
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Nov 2022 04:05:01 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/982444711/ 42 B
108 B 80ms
29ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/982444711/?random=1668398700881&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3815019335&rmt_tld=0&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/982444711/ 42 B
548 B 76ms
27ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/982444711/?random=1668398700881&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3815019335&rmt_tld=1&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/982444711/ 42 B
548 B 78ms
29ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/982444711/?random=1668398700915&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=_NqjCKvDs58BEKfVu9QD&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=event%3Dconversion&fmt=3&is_vtc=1&random=3653492227&rmt_tld=0&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/982444711/ 42 B
108 B 76ms
28ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/982444711/?random=1668398700915&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=_NqjCKvDs58BEKfVu9QD&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=event%3Dconversion&fmt=3&is_vtc=1&random=3653492227&rmt_tld=1&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1014675772/ 2 KB
962 B 80ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014675772/?random=1668398701018&cv=11&fst=1668398701018&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=JbxOCO2a2qkBELzy6uMD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&value=1&currency_code=GBP&auid=1349383364.1668398701&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1014675772&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad60b8682ea853556d9135855ddae5ef7ded8c50a39cc0496fad99e8a4730897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 936
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 177 KB
50 KB 310ms
145ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Requested by: Host: boniver.org
URL: https://boniver.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 74ee68c7585e34566b6e7de03b0a1c87924022aad61b2d7e7414fb86ad2eded8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-akamai-request-id: b21e5446.f5f8394
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 99,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=12, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 2022111404050127C9FA2850E6D00316E6
x-cache-remote: TCP_MISS from a23-220-104-215.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.220.104.215
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265a64704f3138c53ae8f69cddfe73d64732cbe2be6ffcf3713f61e8eda38b7a48625468cf1b35f77f525f083f95aa2bdce70b3fd2baacbe015dff12c64249320ebb
expires: Mon, 14 Nov 2022 04:05:01 GMT

GET
H2 200 a-08c7.min.js Show response
b-code.liadm.com/ 30 KB
11 KB 65ms
18ms Script
application/javascript 2600:9000:223c:5200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-08c7.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bda6734b310147d742ae002dd389c9a9d1a75884bd951056aff9e0ff845386d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 02:07:25 GMT
content-encoding: gzip
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 7056
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Mzvs54a2iaP0K8oYwAbtuM45rrB-PfQe4VTuRzfLF9UVlFMcZER6Nw==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 60ms
15ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 03:31:55 GMT
Content-Encoding: gzip
Via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 1987
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: KwMEVNMD1q3nO9m015V0JF1tjLhtmHD6Xi4PWxo_-u59_TAuNtuOBQ==

GET
H2 200 sp_2_16_3.js Show response
tracking.aegpresents.com/ 77 KB
78 KB 19ms
19ms Script
application/javascript 2600:9000:225e:d400:11:65f0:c080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.aegpresents.com/sp_2_16_3.js
Requested by: Host: boniver.org
URL: https://boniver.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:11:65f0:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf72c42dffb746770f2d19c47619718c400b840b8bf3218a60137bee7f9a16d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:40:31 GMT
x-amz-version-id: S0PSeETRZEGlDS2kDiQQw_ui5Gf9x1Hi
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Mon, 23 Nov 2020 19:35:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 12271
etag: "061218953601a45264b449ad25f296c7"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 78920
x-amz-cf-id: gb1j5wzhrxmZy4sHT0pudCcnlZjn-Hlop-m2y1ppFD0VZPnqO8S2zg==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1062540359/ 2 KB
871 B 33ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1062540359/?random=1668398701169&cv=11&fst=1668398701169&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&auid=1349383364.1668398701&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c0029e853d36a3e5024e91f32f2a732e2cbd54e3b20cbb4af477e0388e6c12c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 847
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 92ms
23ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230036-FRA

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1054184352/ 2 KB
950 B 35ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1054184352/?random=1668398701181&cv=11&fst=1668398701181&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&auid=1349383364.1668398701&uaw=0&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

446ce12f81408d9a65d13be0c39f2127aac77e25ae34d1645711988be1a7c5e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 926
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=COvWvb_lrPsCFS1DHQkdz6AN8Q;src=6719212;type=retarget;cat=retarg0;ord=2636072601999;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=un... Show response
6719212.fls.doubleclick.net/ Frame 93AE
Redirect Chain

https://6719212.fls.doubleclick.net/activityi;src=6719212;type=retarget;cat=retarg0;ord=2636072601999;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=...
https://6719212.fls.doubleclick.net/activityi;dc_pre=COvWvb_lrPsCFS1DHQkdz6AN8Q;src=6719212;type=retarget;cat=retarg0;ord=2636072601999;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undef...

554 B
307 B

188ms
152ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6719212.fls.doubleclick.net/activityi;dc_pre=COvWvb_lrPsCFS1DHQkdz6AN8Q;src=6719212;type=retarget;cat=retarg0;ord=2636072601999;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

3dac27370d92d12af0d79ed76395d8ceac7c9978b4a0b1962f00fad322c90a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boniver.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 04:05:01 GMT
expires: Mon, 14 Nov 2022 04:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 04:05:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6719212.fls.doubleclick.net/activityi;dc_pre=COvWvb_lrPsCFS1DHQkdz6AN8Q;src=6719212;type=retarget;cat=retarg0;ord=2636072601999;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854631222/ 2 KB
951 B 43ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854631222/?random=1668398701215&cv=11&fst=1668398701215&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&auid=1349383364.1668398701&uaw=0&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a42d943b77449a6219255e29f5b976be82fae93b81d7fa8821a1302874eac48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 927
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1062540359/ 2 KB
952 B 46ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1062540359/?random=1668398701217&cv=11&fst=1668398701217&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&auid=1349383364.1668398701&uaw=0&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6b4a326c2a8f615ce651749e6cec28959b967e33698ab59a11d8109b322aa1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 928
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CL_Nvr_lrPsCFU1HHQkd2B0HcA;src=9382130;type=retarget;cat=retarg0;ord=1024658731187;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=un... Show response
9382130.fls.doubleclick.net/ Frame 3E0D
Redirect Chain

https://9382130.fls.doubleclick.net/activityi;src=9382130;type=retarget;cat=retarg0;ord=1024658731187;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=...
https://9382130.fls.doubleclick.net/activityi;dc_pre=CL_Nvr_lrPsCFU1HHQkd2B0HcA;src=9382130;type=retarget;cat=retarg0;ord=1024658731187;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undef...

554 B
305 B

121ms
84ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9382130.fls.doubleclick.net/activityi;dc_pre=CL_Nvr_lrPsCFU1HHQkd2B0HcA;src=9382130;type=retarget;cat=retarg0;ord=1024658731187;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

d1ed41a98f1abe2448d0999ee3febac23f2616bf2cbc5ed36deb4b9f45858d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boniver.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 282
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 04:05:01 GMT
expires: Mon, 14 Nov 2022 04:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 04:05:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9382130.fls.doubleclick.net/activityi;dc_pre=CL_Nvr_lrPsCFU1HHQkd2B0HcA;src=9382130;type=retarget;cat=retarg0;ord=1024658731187;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/760537739/ 2 KB
951 B 58ms
57ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/760537739/?random=1668398701227&cv=11&fst=1668398701227&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&auid=1349383364.1668398701&uaw=0&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

014cf0c06498d3664263393f95336d7d31cea3ae4ff40e1429842cf5c0a0b535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 927
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CO-Rv7_lrPsCFVFEHQkdi9MJmw;src=9382130;type=retarget;cat=retarg0;ord=7307399068435;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=un... Show response
9382130.fls.doubleclick.net/ Frame F6CA
Redirect Chain

https://9382130.fls.doubleclick.net/activityi;src=9382130;type=retarget;cat=retarg0;ord=7307399068435;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=...
https://9382130.fls.doubleclick.net/activityi;dc_pre=CO-Rv7_lrPsCFVFEHQkdi9MJmw;src=9382130;type=retarget;cat=retarg0;ord=7307399068435;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undef...

531 B
300 B

121ms
92ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9382130.fls.doubleclick.net/activityi;dc_pre=CO-Rv7_lrPsCFVFEHQkdi9MJmw;src=9382130;type=retarget;cat=retarg0;ord=7307399068435;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;~oref=https%3A%2F%2Fboniver.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

66048268ebd643caaeafeed68804def2fc029e13c42c03d04fff9340de5fe1d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boniver.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 277
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 04:05:01 GMT
expires: Mon, 14 Nov 2022 04:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 04:05:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9382130.fls.doubleclick.net/activityi;dc_pre=CO-Rv7_lrPsCFVFEHQkdi9MJmw;src=9382130;type=retarget;cat=retarg0;ord=7307399068435;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;~oref=https%3A%2F%2Fboniver.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CP3mwL_lrPsCFZxFHQkdK84IBA;src=9382130;type=norev0;cat=unive0;ord=6189931454631;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undef... Show response
9382130.fls.doubleclick.net/ Frame C4C2
Redirect Chain

https://9382130.fls.doubleclick.net/activityi;src=9382130;type=norev0;cat=unive0;ord=6189931454631;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=und...
https://9382130.fls.doubleclick.net/activityi;dc_pre=CP3mwL_lrPsCFZxFHQkdK84IBA;src=9382130;type=norev0;cat=unive0;ord=6189931454631;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefine...

598 B
310 B

42ms
39ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9382130.fls.doubleclick.net/activityi;dc_pre=CP3mwL_lrPsCFZxFHQkdK84IBA;src=9382130;type=norev0;cat=unive0;ord=6189931454631;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=boniver.org;u19=music;u20=folk;~oref=https%3A%2F%2Fboniver.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

2cc9422eafb2691947e49ca30ac190508f0328acf749377ed0a7457e0425da45

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boniver.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 287
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 04:05:01 GMT
expires: Mon, 14 Nov 2022 04:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 04:05:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9382130.fls.doubleclick.net/activityi;dc_pre=CP3mwL_lrPsCFZxFHQkdK84IBA;src=9382130;type=norev0;cat=unive0;ord=6189931454631;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=boniver.org;u19=music;u20=folk;~oref=https%3A%2F%2Fboniver.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/674378718/ 2 KB
951 B 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674378718/?random=1668398701250&cv=11&fst=1668398701250&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&auid=1349383364.1668398701&uaw=0&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30d18df29d32dfc82e6e20caa5816b7a731a998bf5fb6e4e02ecc041eedb6790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 927
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/616115828/ 2 KB
1 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616115828/?random=1668398701251&cv=11&fst=1668398701251&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=XmJUCOic3dYBEPTc5KUC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&auid=1349383364.1668398701&uaw=0&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9f97f70b7090f01fbda34637e4b5a0c7c252422ab12ea00bfaefcfd663849cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1043
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
74 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QKEQR920KZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70046424-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

735163a23bddd87e0fe8ac6f755ae48e7366c5eccdcefa85d1efce69d73fdbc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 04:05:01 GMT

GET
H2 200 pixel.js Show response
a.tribalfusion.com/pixel/tags/AEG%20-%20Rogers%20Waters/797983/ 8 KB
2 KB 221ms
177ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/pixel/tags/AEG%20-%20Rogers%20Waters/797983/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63e1ced2d67a6dd31dee6f0256621834e24ef2445a865994d09b4728debc0250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2002
x-function: 151
last-modified: Fri, 13 Aug 2021 06:35:37 GMT
server: cloudflare
x-reuse-index: 61
etag: 11019413891294720992
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 769cddcb29699ba7-FRA
expires: Mon, 14 Nov 2022 05:05:01 GMT

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3...

43 B
855 B

166ms
165ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3D581380979449813845%3Bp%3D0EEE77B1-C021-2F52-4B55-8C71BBAD8383&dcc=t

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 04:05:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H77CVS86BR4NM43DHE10
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 04:05:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6T2N0264YCDKYHFEPJJM
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0eee77b1-c021-2f52-4b55-8c71bbad8383%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.aegworldwide.com/&ex-hargs=v%3D1.0%3Bc%3D581380979449813845%3Bp%3D0EEE77B1-C021-2F52-4B55-8C71BBAD8383&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 1642165242752836 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 62ms
62ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1642165242752836?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1bd18d6637d3290df962380a68f336fa59da15e3b4e04660cc4bfdb3b9fdedac

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: mS1XsEu/ZXA8LtvMF22m+lQpVeB69W7zAfCXGzpzgjhUfqIHM1yt47jA4tIPAQdxl3CKfSmKhxMeUu9KPWabFA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 58ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=479388125538064&ev=PageView&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701295&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/1014675772/ 42 B
64 B 76ms
35ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1014675772/?random=1668398701018&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=JbxOCO2a2qkBELzy6uMD&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&value=1&currency_code=GBP&data=event%3Dconversion&fmt=3&is_vtc=1&random=2728918250&rmt_tld=0&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1014675772/ 42 B
64 B 62ms
29ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014675772/?random=1668398701018&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&label=JbxOCO2a2qkBELzy6uMD&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&value=1&currency_code=GBP&data=event%3Dconversion&fmt=3&is_vtc=1&random=2728918250&rmt_tld=1&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 55ms
23ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2025103792&t=pageview&_s=1&dl=https%3A%2F%2Fboniver.org%2F&ul=en-us&de=UTF-8&dt=Bon%20Iver&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=456602629&gjid=591905545&cid=1184729584.1668398701&tid=UA-70046424-2&_gid=883938241.1668398701&_r=1&gtm=2oub90&z=1454174882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://boniver.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/616115828/ 42 B
64 B 59ms
33ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/616115828/?random=1668398701251&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=XmJUCOic3dYBEPTc5KUC&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&cid=CAQSKQDq26N9nrRpc_EkbXvAF6C79Nvy-v49Yn5NujAmXA1JSMUcx9OksvNiIBM&random=3852546156&rmt_tld=0&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/616115828/ 42 B
64 B 48ms
30ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/616115828/?random=1668398701251&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=XmJUCOic3dYBEPTc5KUC&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&cid=CAQSKQDq26N9nrRpc_EkbXvAF6C79Nvy-v49Yn5NujAmXA1JSMUcx9OksvNiIBM&random=3852546156&rmt_tld=1&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1062540359/ 42 B
64 B 60ms
36ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1062540359/?random=1668398701169&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&fmt=3&is_vtc=1&random=1383668124&rmt_tld=0&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1062540359/ 42 B
64 B 47ms
31ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1062540359/?random=1668398701169&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&fmt=3&is_vtc=1&random=1383668124&rmt_tld=1&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1054184352/ 42 B
64 B 50ms
27ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1054184352/?random=1668398701181&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&random=156691321&rmt_tld=0&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1054184352/ 42 B
64 B 46ms
30ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1054184352/?random=1668398701181&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&random=156691321&rmt_tld=1&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 17ms
15ms Script
application/javascript 2600:9000:223c:5200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-08c7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 09:48:47 GMT
x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
content-encoding: gzip
last-modified: Tue, 10 May 2022 11:48:07 GMT
server: AmazonS3
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=2592000
age: 756974
x-amz-cf-id: 3vvIusnf7HPuldCFFqwlV8TQ3BjyM55c6zakqcx4cSppgHQlo18o9g==

GET
H3 200 /
www.google.com/pagead/1p-user-list/1062540359/ 42 B
64 B 36ms
29ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1062540359/?random=1668398701217&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&random=1773322104&rmt_tld=0&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1062540359/ 42 B
64 B 47ms
41ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1062540359/?random=1668398701217&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&random=1773322104&rmt_tld=1&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/854631222/ 42 B
64 B 36ms
28ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854631222/?random=1668398701215&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&random=2300662900&rmt_tld=0&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/854631222/ 42 B
64 B 45ms
37ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854631222/?random=1668398701215&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&random=2300662900&rmt_tld=1&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/760537739/ 42 B
64 B 43ms
35ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/760537739/?random=1668398701227&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&random=2378112635&rmt_tld=0&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/760537739/ 42 B
64 B 43ms
36ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/760537739/?random=1668398701227&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&random=2378112635&rmt_tld=1&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/674378718/ 42 B
64 B 45ms
37ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/674378718/?random=1668398701250&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&random=52496766&rmt_tld=0&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/674378718/ 42 B
64 B 43ms
37ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/674378718/?random=1668398701250&cv=11&fst=1668398400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fboniver.org%2F&tiba=Bon%20Iver&data=artistName%3DBon%20Iver%3Bgenre%3Dmusic%3BsubGenre%3Dfolk%3BartistMBID%3D437a0e49-c6ae-42f6-a6c1-84f25ed366bc&fmt=3&is_vtc=1&random=52496766&rmt_tld=1&ipr=y

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 165ms
124ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=9f72ce13-6e4d-4f14-ad5d-c3b18f45a8e7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b257eabc-a107-4411-96c0-761ef0f22547&tw_document_href=https%3A%2F%2Fboniver.org%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nygj9&type=javascript&version=2.3.29

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 14 Nov 2022 04:05:00 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 90878a24ffc7600a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3b27aafa6c16e352aa862c5c200461d69c4bb92c1725b514ed1e65feaf22b292
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 415ms
124ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9f72ce13-6e4d-4f14-ad5d-c3b18f45a8e7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b257eabc-a107-4411-96c0-761ef0f22547&tw_document_href=https%3A%2F%2Fboniver.org%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nygj9&type=javascript&version=2.3.29

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 14 Nov 2022 04:05:01 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 73a093a4b3b01652
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: fc249423d42dd5fd79f9a3bd02dbb674ec871e4f5193b21ba04b342a978ea1bf
content-length: 43

OPTIONS
H2 200 tp2
b.aegpresents.com/com.snowplowanalytics.snowplow/ Frame 0
0 604ms
187ms Preflight 52.36.162.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b.aegpresents.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.162.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-162-60.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://boniver.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://boniver.org
access-control-max-age: 600
content-length: 0
date: Mon, 14 Nov 2022 04:05:01 GMT
server: nginx

POST
H2 200 tp2 Show response
b.aegpresents.com/com.snowplowanalytics.snowplow/ 2 B
318 B 582ms
199ms XHR
text/plain 52.36.162.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b.aegpresents.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: tracking.aegpresents.com
URL: https://tracking.aegpresents.com/sp_2_16_3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.162.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-162-60.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://boniver.org
date: Mon, 14 Nov 2022 04:05:02 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QKEQR920KZ&gtm=2oeb90&_p=2025103792&_gaz=1&cid=1184729584.1668398701&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668398701&sct=1&seg=0&dl=https%3A%2F%2Fboniver.org%2F&dt=Bon%20Iver&en=page_view&_fv=1&_ss=1&ep.artist_name=Bon%20Iver&ep.genre=music&ep.sub_genre=folk&ep.artist_mbid=437a0e49-c6ae-42f6-a6c1-84f25ed366bc&ep.content_type=artist%20site
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QKEQR920KZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://boniver.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 241ms
28ms Ping
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QKEQR920KZ&cid=1184729584.1668398701&gtm=2oeb90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QKEQR920KZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://boniver.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 34ms
34ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QKEQR920KZ&cid=1184729584.1668398701&gtm=2oeb90&aip=1&z=2095277552

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 235ms
27ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-70046424-2&cid=1184729584.1668398701&jid=456602629&gjid=591905545&_gid=883938241.1668398701&_u=YADAAUAAAAAAACAAI~&z=516642637

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 14 Nov 2022 04:05:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://boniver.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CP3mwL_lrPsCFZxFHQkdK84IBA;src=9382130;type=norev0;cat=unive0;ord=6189931454631;gtm=2wgb90;auiddc=*;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefine...
adservice.google.com/ddm/fls/z/ Frame C4C2 42 B
107 B 239ms
56ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP3mwL_lrPsCFZxFHQkdK84IBA;src=9382130;type=norev0;cat=unive0;ord=6189931454631;gtm=2wgb90;auiddc=*;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=boniver.org;u19=music;u20=folk;~oref=https%3A%2F%2Fboniver.org%2F

Requested by

Host: 9382130.fls.doubleclick.net
URL: https://9382130.fls.doubleclick.net/activityi;dc_pre=CP3mwL_lrPsCFZxFHQkdK84IBA;src=9382130;type=norev0;cat=unive0;ord=6189931454631;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u10=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u18=boniver.org;u19=music;u20=folk;~oref=https%3A%2F%2Fboniver.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9382130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1668398701475&aid=a-08c7&se=e30&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&tna=v2.5.1&pu=https%3A%2F%2Fboniver.org%2F&wpn=lc-bundle&c=PHRpdGxlPkJvbiBJdmVyIDwvdGl0bG...
https://rp4.liadm.com/j?dtstmp=1668398701475&aid=a-08c7&se=e30&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&tna=v2.5.1&pu=https%3A%2F%2Fboniver.org%2F&wpn=lc-bundle&c=PHRpdGxlPkJvbiBJdmVyIDwvdGl0b...

13 B
552 B

456ms
110ms

XHR
application/json

54.146.241.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1668398701475&aid=a-08c7&se=e30&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&tna=v2.5.1&pu=https%3A%2F%2Fboniver.org%2F&wpn=lc-bundle&c=PHRpdGxlPkJvbiBJdmVyIDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Imh0dHBzOi8vdC5jby82djBHZldPTzhoIj48aDEgY2xhc3M9InNlY3Rpb24tdGl0bGUiPjxhIGhyZWY9Ii9uZXdzIj5OZXdzPC9hPjwvaDE-PGgxIGNsYXNzPSJzZWN0aW9uLXRpdGxlIj48YSBocmVmPSIvdG91ciI-VG91cjwvYT48L2gxPg&i6=MjAwMTphYzg6MjA6M2QwMDoxMDEyOmVkZDphMGNhOmRhOTM%3D&n3pc=true

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Server

54.146.241.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-241-124.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:02 GMT
x-pixel-event-id: 46eaac66-9394-4628-b278-08532edf9987
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: d758695319459a24
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 14 Nov 2022 04:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1668398701475&aid=a-08c7&se=e30&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&tna=v2.5.1&pu=https%3A%2F%2Fboniver.org%2F&wpn=lc-bundle&c=PHRpdGxlPkJvbiBJdmVyIDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Imh0dHBzOi8vdC5jby82djBHZldPTzhoIj48aDEgY2xhc3M9InNlY3Rpb24tdGl0bGUiPjxhIGhyZWY9Ii9uZXdzIj5OZXdzPC9hPjwvaDE-PGgxIGNsYXNzPSJzZWN0aW9uLXRpdGxlIj48YSBocmVmPSIvdG91ciI-VG91cjwvYT48L2gxPg&i6=MjAwMTphYzg6MjA6M2QwMDoxMDEyOmVkZDphMGNhOmRhOTM%3D&n3pc=true
access-control-allow-origin: https://boniver.org
request-time: 0
access-control-allow-credentials: true
trace-id: 29c41f28301d9a4d
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 1350815971637563 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1350815971637563?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4bbb94dc3f0ef31288f6248ace9cef411c68ed006945e46ba4e95a503db5a1c6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86143
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: O9Xr5uI14IL5iS11Ip98ea1UQ48gFrjTmlK3+hT9XfUnOVJbbj8DFXKWLgqdk9MksMVWVdfED5xg4QiB2lvJDQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 34ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1642165242752836&ev=PageView&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701483&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ 677 B
689 B 201ms
188ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8279861476
Requested by: Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/AEG%20-%20Rogers%20Waters/797983/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9078c0253495c8c8c2d3e4bb6b78db130a47eb3718ed67053e92ecd355894e74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 306
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 769cddcc7b299ba7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329
expires: Sun, 12 Feb 2023 04:05:01 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 172ms
171ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-akamai-request-id: ca669ce.f5f83f6
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 137,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=125, origin; dur=12, inner; dur=2
content-length: 30843
pragma: no-cache
server: nginx
x-tt-logid: 202211140405016D35B8ADB6ABAAFC4E24
x-cache-remote: TCP_MISS from a23-220-104-219.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.220.104.219
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265ad080b96dc91942390defb0215dd91f8d8dd67e1b639cb6b503f301f56880d1247ed87b4cd87fcf10c60f895844497c0374e97585bf3583867ae399e3578e00b6
expires: Mon, 14 Nov 2022 04:05:01 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
688 B 136ms
135ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d8e8d919.f5f8414
date: Mon, 14 Nov 2022 04:05:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 95,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=7, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022111404050101709999F25A93FE2FAC
x-cache-remote: TCP_MISS from a23-220-104-198.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.198
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265a8f6a8d971a29746639f5ddd46e18b2bf152b166cf0cf4c7022a3ae51cbf9387fc6e1291092f1736c8ba8703230e42ec625cbc158b0308e7564294389420c4265
expires: Mon, 14 Nov 2022 04:05:01 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
685 B 143ms
143ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 58930b60.f5f8420
date: Mon, 14 Nov 2022 04:05:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 95,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=7, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221114040501F2DB17028D735302B3F2
x-cache-remote: TCP_MISS from a23-220-104-202.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.202
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265a4dec3e9d1a244851e2a01e815b99fa192a2277765543c638eef44a9fb7bca3db9a71c7708034605513b1c8f155a05f28a6d12239912c61d82972b6413c382171
expires: Mon, 14 Nov 2022 04:05:01 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
689 B 156ms
156ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2edc1c3c.f5f8421
date: Mon, 14 Nov 2022 04:05:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 98,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=10, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221114040501BBAA738D6301FF0068EF
x-cache-remote: TCP_MISS from a23-220-104-203.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.220.104.203
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265af14b23ee15baa84985a2b9550b00b9c674097fd193095be18e5e90cd954c99d9e6afff2956e056c382f86747f85935112d09f7e2d0582a60dbe983f6af68c497
expires: Mon, 14 Nov 2022 04:05:01 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
687 B 157ms
157ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 194e6174.f5f8422
date: Mon, 14 Nov 2022 04:05:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 94,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=6, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022111404050111E3D3261936E3FAEBDF
x-cache-remote: TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.204
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265a7979cb37570a9574382c17a96f04e3044a14025e80543672e2d9381e730f76bc01e68ddbc69a02317ca0019e3e6ac867cbc654e3c5fc00819b75ce137308e0bc
expires: Mon, 14 Nov 2022 04:05:01 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 167ms
166ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C2T72MSAJ6IAHR393GU0&hostname=boniver.org
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c0d33307da5baed86e3ec1022f0aa811c9842e7f74ee7bc2560a00e9dfc9cba5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-akamai-request-id: 40512fb2.f5f8429
date: Mon, 14 Nov 2022 04:05:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 95,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=8, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 20221114040501EE6A461EE926B7FC46CC
x-cache-remote: TCP_MISS from a23-220-104-205.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.205
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265a943c9d5ac920967e9691b1a9338533798fd8f19f9210c531e5a6f8dc3dff39dc733f7c82414911aa250d5941eb85833453c6e4a3ad1f426c1b89daedcdab71e6
expires: Mon, 14 Nov 2022 04:05:01 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
687 B 172ms
170ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: dd10bcac.f5f842a
date: Mon, 14 Nov 2022 04:05:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 95,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=7, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022111404050151D929E6B18FDDF97F38
x-cache-remote: TCP_MISS from a23-220-104-207.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.207
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265aeca0cbb1c2cb2575c23b48bec9826dcec1eaf3179fceb1afc3053063bd603c51eedb74cbf8fa1b791665d0675e5175d6115928685eada9978a8046cf854a7ed6
expires: Mon, 14 Nov 2022 04:05:01 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
688 B 190ms
190ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f7cc643.f5f842b
date: Mon, 14 Nov 2022 04:05:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 108,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=22, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202211140405016725F1191AA69805D986
x-cache-remote: TCP_MISS from a23-220-104-210.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.220.104.210
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265a62d2fd9d10ff1a7a10a45c19ed14ea3b577243961735906f42c84b13276b94a0579147e7f6a8d2309e3c3ce3f029cab9facd92590855251f5693e517578043f0
expires: Mon, 14 Nov 2022 04:05:01 GMT

GET
H2 200 dc_pre=CL_Nvr_lrPsCFU1HHQkd2B0HcA;src=9382130;type=retarget;cat=retarg0;ord=1024658731187;gtm=2wgb90;auiddc=*;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undef...
adservice.google.com/ddm/fls/z/ Frame 3E0D 42 B
494 B 65ms
53ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CL_Nvr_lrPsCFU1HHQkd2B0HcA;src=9382130;type=retarget;cat=retarg0;ord=1024658731187;gtm=2wgb90;auiddc=*;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F

Requested by

Host: 9382130.fls.doubleclick.net
URL: https://9382130.fls.doubleclick.net/activityi;dc_pre=CL_Nvr_lrPsCFU1HHQkd2B0HcA;src=9382130;type=retarget;cat=retarg0;ord=1024658731187;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9382130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CO-Rv7_lrPsCFVFEHQkdi9MJmw;src=9382130;type=retarget;cat=retarg0;ord=7307399068435;gtm=2wgb90;auiddc=*;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undef...
adservice.google.com/ddm/fls/z/ Frame F6CA 42 B
107 B 57ms
55ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO-Rv7_lrPsCFVFEHQkdi9MJmw;src=9382130;type=retarget;cat=retarg0;ord=7307399068435;gtm=2wgb90;auiddc=*;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;~oref=https%3A%2F%2Fboniver.org%2F

Requested by

Host: 9382130.fls.doubleclick.net
URL: https://9382130.fls.doubleclick.net/activityi;dc_pre=CO-Rv7_lrPsCFVFEHQkdi9MJmw;src=9382130;type=retarget;cat=retarg0;ord=7307399068435;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;~oref=https%3A%2F%2Fboniver.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9382130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COvWvb_lrPsCFS1DHQkdz6AN8Q;src=6719212;type=retarget;cat=retarg0;ord=2636072601999;gtm=2wgb90;auiddc=*;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undef...
adservice.google.com/ddm/fls/z/ Frame 93AE 42 B
107 B 54ms
53ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COvWvb_lrPsCFS1DHQkdz6AN8Q;src=6719212;type=retarget;cat=retarg0;ord=2636072601999;gtm=2wgb90;auiddc=*;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F

Requested by

Host: 6719212.fls.doubleclick.net
URL: https://6719212.fls.doubleclick.net/activityi;dc_pre=COvWvb_lrPsCFS1DHQkdz6AN8Q;src=6719212;type=retarget;cat=retarg0;ord=2636072601999;gtm=2wgb90;auiddc=1349383364.1668398701;u1=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=Bon%20Iver;u9=undefined;u18=boniver.org;u19=music;u20=folk;u21=undefined;u22=undefined;u23=null;~oref=https%3A%2F%2Fboniver.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6719212.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 04:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 217011611820041 Show response
connect.facebook.net/signals/config/ 294 KB
84 KB 25ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/217011611820041?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60dcf94ba430765bb26974cb5fca9f05276e0a8c6f83cf40bfb78b6969ad8a07

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86381
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: wIhLvObpHg7KiN82R1Eq3vnXOcjZgFZS3cIixyvbTygYytz61MmxyTLS5S4rTMBmE2GcoOBqyqaDa7TX2rQXtA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 27ms
25ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1350815971637563&ev=PageView&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701688&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 27ms
26ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=479388125538064&ev=%3CEVENT_NAME%3E&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701690&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 28ms
27ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1642165242752836&ev=%3CEVENT_NAME%3E&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701692&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 29ms
28ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1350815971637563&ev=%3CEVENT_NAME%3E&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701703&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
687 B 163ms
162ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: cad82dd.f5f845f
date: Mon, 14 Nov 2022 04:05:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 125,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=108, origin; dur=22, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202211140405013B533BC3B7F358FF8836
x-cache-remote: TCP_MISS from a23-220-104-211.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.220.104.211
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265a11fa32cef1a4a967ae394e4dcaba4a397c79234da07dc8c95d33b58bffc6551e6d9fca5ceab2ae9c93dc9028cd323ac161af22490ee43b8c42717b1cd32ed057
expires: Mon, 14 Nov 2022 04:05:01 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://s.tribalfusion.com/insights?%7B%22tagKey%22%3A%222969779413%22%2C%22th%22%3A8279861476%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22armneM3cUXXb3ATAXp5mFb2S7nQ6JLAf%22%2C%22url%22%3A%22htt...
https://a4.tribalfusion.com/ipg?ip6=2001:ac8:20:3d00:1012:edd:a0ca:da93&kv=%7B%22ord%22%3A%207454317%2C%20%22clientID%22%3A%20797983%7D&redirect=https://ib.adnxs.com/getuidu?https://a.tribalfusion....
https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24

43 B
1 KB

16ms
15ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 04:05:02 GMT
AN-X-Request-Uuid: 407730b3-5b5c-464b-a072-8777358f23b7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.68; 217.64.151.68; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 04:05:02 GMT
AN-X-Request-Uuid: fef7d2d6-5f16-4e59-872e-29d23645ed23
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.68; 217.64.151.68; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 478942729720536 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/478942729720536?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b06e77c88c10fe230e19bbf93de2bc3c73f2ed583daf53602b8fb0c16e3d4e7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86267
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: IzODxs1AS++lCTN4FtESoeF8F920JD/XpZiQSvO+ioBxTBXHx+2dNH+O9apJ8/XUmliHWXHsfiTjv+fGLJ1crw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 18ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=217011611820041&ev=PageView&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701771&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 20ms
17ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=217011611820041&ev=PageView&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701772&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&tm=1&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 21ms
18ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=217011611820041&ev=ViewContent&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701773&cd[host]=boniver.org&cd[funnelStep]=artistsite&cd[artistName]=Bon%20Iver&cd[artistMBID]=437a0e49-c6ae-42f6-a6c1-84f25ed366bc&cd[genre]=music&cd[subGenre]=folk&cd[trigger]=gtm&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&tm=1&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
689 B 160ms
159ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 67e73d2c.f5f848b
date: Mon, 14 Nov 2022 04:05:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 121,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=34, inner; dur=25
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202211140405011743A07AF8B91B040842
x-cache-remote: TCP_MISS from a23-220-104-212.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.220.104.212
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265a74ea1418ea4aabfabd81b93f9a0c34c9a174a23eaabb280a2b93b7bd3fe1338fe3131dc973f7cc1cdef78a3bdede92bed3b0c9693d3d70d9b39d9457174cf1f6
expires: Mon, 14 Nov 2022 04:05:01 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
690 B 166ms
165ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: e1323193.f5f848d
date: Mon, 14 Nov 2022 04:05:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
x-parent-response-time: 123,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=24, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202211140405018C08D8D820941005E887
x-cache-remote: TCP_MISS from a23-220-104-213.deploy.akamaitechnologies.com (AkamaiGHost/10.10.1-44825277) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.220.104.213
x-tt-trace-host: 015f984a4358c782127b4218b7cd4142eab8f58b59a7af27f33a39c73ccf0d265a5085e03f7d2b8fe668c41a55e31a79d2dc068d2bb554566bbd82ac4e84b7feafb865a51ee0e08dd4fec2624a37de72f46779bd6745025943c1a9ed004400c9aa
expires: Mon, 14 Nov 2022 04:05:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 15ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478942729720536&ev=PageView&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701815&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&tm=1&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478942729720536&ev=ViewContent&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701816&cd[host]=boniver.org&cd[funnelStep]=artistsite&cd[artistName]=Bon%20Iver&cd[artistMBID]=437a0e49-c6ae-42f6-a6c1-84f25ed366bc&cd[genre]=music&cd[subGenre]=folk&cd[trigger]=gtm&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&tm=1&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 20ms
19ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=479388125538064&ev=Microdata&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701817&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bon%20Iver%20%22%2C%22meta%3Adescription%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Bon%20Iver%22%2C%22og%3Atitle%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fboniver.org%22%2C%22og%3Adescription%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fboniver.org%2Fwp-content%2Fthemes%2Fboniver%2Fassets%2Fimages%2Fog-img.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 16ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1642165242752836&ev=Microdata&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398701984&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bon%20Iver%20%22%2C%22meta%3Adescription%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Bon%20Iver%22%2C%22og%3Atitle%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fboniver.org%22%2C%22og%3Adescription%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fboniver.org%2Fwp-content%2Fthemes%2Fboniver%2Fassets%2Fimages%2Fog-img.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 18ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1350815971637563&ev=Microdata&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398702194&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bon%20Iver%20%22%2C%22meta%3Adescription%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Bon%20Iver%22%2C%22og%3Atitle%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fboniver.org%22%2C%22og%3Adescription%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fboniver.org%2Fwp-content%2Fthemes%2Fboniver%2Fassets%2Fimages%2Fog-img.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 27ms
23ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=217011611820041&ev=Microdata&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398702272&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bon%20Iver%20%22%2C%22meta%3Adescription%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Bon%20Iver%22%2C%22og%3Atitle%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fboniver.org%22%2C%22og%3Adescription%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fboniver.org%2Fwp-content%2Fthemes%2Fboniver%2Fassets%2Fimages%2Fog-img.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=3&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK a-08c7 Show response
i.liadm.com/s/c/ Frame 8500 1 KB
1 KB 499ms
117ms Document
text/html 3.210.106.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.210.106.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-106-149.compute-1.amazonaws.com

Software

Resource Hash

c22ad519bd4d6b15312f30e661579a5dc5df363bb2fde967461d001017f459d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://boniver.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 635
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 04:05:02 GMT
ETag: 1.61803398874
Request-Time: 7
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H/1.1 200
OK a-08c7 Show response
i.liadm.com/s/c/ Frame B93C 1 KB
1 KB 494ms
115ms Document
text/html 3.210.106.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.210.106.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-106-149.compute-1.amazonaws.com

Software

Resource Hash

a467a732faba4f91c2fdc920994aaf9edc35a595a88c66e3d2a05ca3c05fc3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://boniver.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 636
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 04:05:02 GMT
ETag: 1.61803398874
Request-Time: 5
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 16ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478942729720536&ev=Microdata&dl=https%3A%2F%2Fboniver.org%2F&rl=&if=false&ts=1668398702316&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bon%20Iver%20%22%2C%22meta%3Adescription%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Bon%20Iver%22%2C%22og%3Atitle%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fboniver.org%22%2C%22og%3Adescription%22%3A%22https%3A%2F%2Ft.co%2F6v0GfWOO8h%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fboniver.org%2Fwp-content%2Fthemes%2Fboniver%2Fassets%2Fimages%2Fog-img.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1668398701294.1527374404&it=1668398700951&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: boniver.org
URL: https://boniver.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boniver.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Nov 2022 04:05:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 tp2 Show response
b.aegpresents.com/com.snowplowanalytics.snowplow/ 2 B
317 B 186ms
186ms XHR
text/plain 52.36.162.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b.aegpresents.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: tracking.aegpresents.com
URL: https://tracking.aegpresents.com/sp_2_16_3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.162.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-162-60.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://boniver.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://boniver.org
date: Mon, 14 Nov 2022 04:05:02 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
b.aegpresents.com/com.snowplowanalytics.snowplow/ Frame 0
0 183ms
182ms Preflight 52.36.162.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b.aegpresents.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.162.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-162-60.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://boniver.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://boniver.org
access-control-max-age: 600
content-length: 0
date: Mon, 14 Nov 2022 04:05:02 GMT
server: nginx

GET
H/1.1

200
OK

a9beee41c8444f3c8916b077d4add7d5
i.liadm.com/s/e/a-08c7/0/ Frame B93C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa9beee41c8444f3c8916b077d4add7d5%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&ea01e67e-4dc4-4dad-9d25-51a...
https://i.liadm.com/s/e/a-08c7/0/a9beee41c8444f3c8916b077d4add7d5?mpid=7156&muid=088e6371-be6f-4b00-bece-487be72920d5

43 B
274 B

108ms
107ms

Image
image/gif

3.210.106.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-08c7/0/a9beee41c8444f3c8916b077d4add7d5?mpid=7156&muid=088e6371-be6f-4b00-bece-487be72920d5

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Server

3.210.106.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-106-149.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 04:05:03 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Date: Mon, 14 Nov 2022 04:05:03 GMT
Server: MT3 4629 97bee97 master nrt-pixel-x3 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://i.liadm.com/s/e/a-08c7/0/a9beee41c8444f3c8916b077d4add7d5?mpid=7156&muid=088e6371-be6f-4b00-bece-487be72920d5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 14 Nov 2022 04:05:02 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B93C 70 B
265 B 144ms
37ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Nov 2022 04:05:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

52164
i.liadm.com/s/ Frame B93C
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152
https://x.bidswitch.net/sync?ssp=liveintent&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=151a43ae-dd83-40ce-a795-090d263d7152
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=151a43ae-dd83-40ce-a795-090d263d7152
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2c50b60f-f108-4939-a701-55ffa036c448&user_group=1&ssp=liveintent&bsw_param=151a43ae-dd83-40ce-a795-090d263d7152
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152

43 B
436 B

135ms
110ms

Image
image/gif

3.210.106.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152

Requested by

Protocol

HTTP/1.1

Server

3.210.106.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-106-149.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 04:05:03 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: //i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152
Date: Mon, 14 Nov 2022 04:05:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

a9beee41c8444f3c8916b077d4add7d5
i.liadm.com/s/e/a-08c7/0/ Frame B93C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa9beee41c8444f3c8916b077d4add7d5%3Fmpid%3D82775%26muid%3D%2...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa9beee41c8444f3c8916b077d4add7d5%3Fmp...
https://i.liadm.com/s/e/a-08c7/0/a9beee41c8444f3c8916b077d4add7d5?mpid=82775&muid=40517952645631345970329347599536815864

43 B
274 B

135ms
111ms

Image
image/gif

3.210.106.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-08c7/0/a9beee41c8444f3c8916b077d4add7d5?mpid=82775&muid=40517952645631345970329347599536815864

Requested by

Protocol

HTTP/1.1

Server

3.210.106.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-106-149.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 04:05:03 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-1-v045-02ae087c0.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Dvkj8ZgHQUg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-08c7/0/a9beee41c8444f3c8916b077d4add7d5?mpid=82775&muid=40517952645631345970329347599536815864
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame B93C
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77&rd=Y

43 B
602 B

253ms
253ms

Image
image/gif

2.18.232.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77&rd=Y

Requested by

Protocol

Server

2.18.232.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Mon, 14 Nov 2022 04:05:03 GMT
pragma: no-cache
date: Mon, 14 Nov 2022 04:05:03 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77&rd=Y
pragma: no-cache
date: Mon, 14 Nov 2022 04:05:03 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 14 Nov 2022 04:05:03 GMT

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame B93C 43 B
376 B 101ms
24ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 14 Nov 2022 04:05:02 GMT
via: 1.1 varnish
x-served-by: cache-hhn4020-HHN
server: nginx
x-timer: S1668398703.917808,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

35004
i6.liadm.com/s/ Frame B93C
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

43 B
436 B

388ms
102ms

Image
image/gif

2600:1f18:ed:550e:c0f4:8461:4273:acdc
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:c0f4:8461:4273:acdc Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 04:05:03 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date: Mon, 14 Nov 2022 04:05:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H/1.1

200
OK

a637e6c3ad9a46f3b5083fe4d5418628
i.liadm.com/s/e/a-08c7/0/ Frame 8500
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa637e6c3ad9a46f3b5083fe4d5418628%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&ea01e67e-4dc4-4dad-9d25-51a...
https://i.liadm.com/s/e/a-08c7/0/a637e6c3ad9a46f3b5083fe4d5418628?mpid=7156&muid=265a6371-be6f-4300-9577-2a2fb37848d2

43 B
274 B

110ms
110ms

Image
image/gif

3.210.106.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-08c7/0/a637e6c3ad9a46f3b5083fe4d5418628?mpid=7156&muid=265a6371-be6f-4300-9577-2a2fb37848d2

Requested by

Protocol

HTTP/1.1

Server

3.210.106.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-106-149.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 04:05:03 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Date: Mon, 14 Nov 2022 04:05:03 GMT
Server: MT3 4629 97bee97 master nrt-pixel-x14 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://i.liadm.com/s/e/a-08c7/0/a637e6c3ad9a46f3b5083fe4d5418628?mpid=7156&muid=265a6371-be6f-4300-9577-2a2fb37848d2
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 14 Nov 2022 04:05:02 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8500 70 B
264 B 136ms
38ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Nov 2022 04:05:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

52164
i6.liadm.com/s/ Frame 8500
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=a84739a8-238c-46aa-9e0b-269fed23ec2d
https://x.bidswitch.net/sync?ssp=liveintent&user_id=ea01e67e-4dc4-4dad-9d25-51a083feac77
https://ums.acuityplatform.com/bum?tpid=29&uid=151a43ae-dd83-40ce-a795-090d263d7152&bidswitch_ssp_id=liveintent
https://x.bidswitch.net/sync?dsp_id=236&user_id=&expires=30&user_group=1&ssp=liveintent
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152

43 B
436 B

468ms
102ms

Image
image/gif

2600:1f18:ed:550e:c0f4:8461:4273:acdc
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:c0f4:8461:4273:acdc Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 04:05:03 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=151a43ae-dd83-40ce-a795-090d263d7152
Date: Mon, 14 Nov 2022 04:05:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H/1.1

200
OK

a637e6c3ad9a46f3b5083fe4d5418628
i.liadm.com/s/e/a-08c7/0/ Frame 8500
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa637e6c3ad9a46f3b5083fe4d5418628%3Fmpid%3D82775%26muid%3D%2...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=ea01e67e-4dc4-4dad-9d25-51a083feac77&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-08c7%2F0%2Fa637e6c3ad9a46f3b5083fe4d5418628%3Fmp...
https://i.liadm.com/s/e/a-08c7/0/a637e6c3ad9a46f3b5083fe4d5418628?mpid=82775&muid=74421082995705287412500562063660528886

43 B
274 B

108ms
107ms

Image
image/gif

3.210.106.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-08c7/0/a637e6c3ad9a46f3b5083fe4d5418628?mpid=82775&muid=74421082995705287412500562063660528886

Requested by

Protocol

HTTP/1.1

Server

3.210.106.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-106-149.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 04:05:03 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-1-v045-04c35fc5e.edge-irl1.demdex.com 26 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: to5n+0B4Q/c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-08c7/0/a637e6c3ad9a46f3b5083fe4d5418628?mpid=82775&muid=74421082995705287412500562063660528886
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 8500
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77&rd=Y

43 B
605 B

175ms
174ms

Image
image/gif

2.18.232.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77&rd=Y

Requested by

Protocol

Server

2.18.232.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Mon, 14 Nov 2022 04:05:03 GMT
pragma: no-cache
date: Mon, 14 Nov 2022 04:05:03 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ea01e67e-4dc4-4dad-9d25-51a083feac77&rd=Y
pragma: no-cache
date: Mon, 14 Nov 2022 04:05:03 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 14 Nov 2022 04:05:03 GMT

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 8500 43 B
112 B 108ms
33ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=6315f61b569b--01ght4zps2zn7x92jjg069n1m9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms: 16
pragma: no-cache
date: Mon, 14 Nov 2022 04:05:02 GMT
via: 1.1 varnish
x-served-by: cache-hhn4020-HHN
server: nginx
x-timer: S1668398703.917940,VS0,VE16
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

35004
i6.liadm.com/s/ Frame 8500
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

43 B
436 B

365ms
105ms

Image
image/gif

2600:1f18:ed:550e:c0f4:8461:4273:acdc
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:c0f4:8461:4273:acdc Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 04:05:03 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date: Mon, 14 Nov 2022 04:05:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame FFC0 0
181 B 45ms
38ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3rqwsjg&ref=https%3A%2F%2Fboniver.org%2F&upid=55rk4fk&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=Bon%20Iver&td6=undefined&td7=boniver.org&td8=music&td9=folk
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boniver.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 14 Nov 2022 04:05:03 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 02FE 0
181 B 43ms
38ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3rqwsjg&ref=https%3A%2F%2Fboniver.org%2F&upid=55rk4fk&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=Bon%20Iver&td6=undefined&td7=boniver.org&td8=music&td9=folk
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boniver.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 14 Nov 2022 04:05:03 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hes32-ctp.trendmicro.com
URL: https://hes32-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fwww.googletagmanager.com%2fgtag%2fjs%3fid%3dAW%2d1014675772%22%3e%3c%2fscript%3e&umid=1a12fb25-cd9a-4afe-9fa3-0f15983c0b30&auth=b9aa05b4ce1a6a17a2c0c7e98e5954c76104f8ce-6be54d85a0c672aba4ad628751bce96f94f0f25c%3Cscript%3E%20%20window.dataLayer%20=%20window.dataLayer%20||%20[];%20%20function%20gtag(){dataLayer.push(arguments);}%20%20gtag(%27js%27,%20new%20Date());%20%20gtag(%27config%27,%20%27AW-1014675772%27);%3C/script%3E%3C!--%20Event%20snippet%20for%20Bon%20Iver%20remarketing%20page%20--%3E%3Cscript%3E%20%20gtag(%27event%27,%20%27conversion%27,%20{%20%20%20%20%20%20%27send_to%27:%20%27AW-1014675772/JbxOCO2a2qkBELzy6uMD%27,%20%20%20%20%20%20%27value%27:%201.0,%20%20%20%20%20%20%27currency%27:%20%27GBP%27,%20%20%20%20%20%20%27aw_remarketing_only%27:%20true%20%20});%3C/script%3E%20%20%20%3C!--%20Global%20site%20tag%20(gtag.js)%20-%20Google%20Ads:%201014675772%20--%3E%3Cscript%20async%20src=

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 08:09:50	Name: _li_ss Value: MgYIgQEQ3BMyBQgMENwTMgkI_____wcQ3BM
.boniver.org/	1970-01-20 09:36:14	Name: _gcl_au Value: 1.1.1349383364.1668398701
.boniver.org/	1970-01-20 17:02:38	Name: _ga_CK5BY8H3B3 Value: GS1.1.1668398700.1.0.1668398700.0.0.0
.doubleclick.net/	1970-01-20 16:48:14	Name: IDE Value: AHWqTUn9LyCn5iz-hbQOi102Wu2_cyMdt39Vs6WRsWkUOqhHAfR9abHZHTp6UKdN
.boniver.org/	1970-01-20 09:36:14	Name: _fbp Value: fb.1.1668398701294.1527374404
.boniver.org/	1970-01-20 07:28:05	Name: _gid Value: GA1.2.883938241.1668398701
.boniver.org/	1970-01-20 07:26:38	Name: _gat_gtag_UA_70046424_2 Value: 1
.boniver.org/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .boniver.org
.boniver.org/	1970-01-20 17:02:38	Name: _lc2_fpi Value: 6315f61b569b--01ght4zps2zn7x92jjg069n1m9
.boniver.org/	1970-01-20 07:26:40	Name: _sp_ses.8c17 Value: *
.boniver.org/	1970-01-20 17:02:38	Name: _sp_id.8c17 Value: 0c445749-7857-4dce-83d9-bf938aa74d5c.1668398701.1.1668398701.1668398701.b626253d-590c-4c34-84cf-7861f5f02a7c
.boniver.org/	1970-01-20 17:02:38	Name: _ga_QKEQR920KZ Value: GS1.1.1668398701.1.0.1668398701.60.0.0
.boniver.org/	1970-01-20 17:02:38	Name: _ga Value: GA1.1.1184729584.1668398701
.t.co/	1970-01-20 17:02:38	Name: muc_ads Value: 70b36bee-3851-4265-bbb7-280929764403
.tiktok.com/	1970-01-20 16:48:14	Name: _ttp Value: 2HWR9RWfpw7SEejfhkc1r1G8bhY
.boniver.org/	1970-01-20 16:48:14	Name: _tt_enable_cookie Value: 1
.boniver.org/	1970-01-20 16:48:14	Name: _ttp Value: e18fa354-703e-42ce-a58f-ab150f10083d
.twitter.com/	1970-01-20 17:02:38	Name: personalization_id Value: "v1_YKeuFKVLA4T+EzVICioMjQ=="
.liadm.com/	1970-01-20 17:02:38	Name: lidid Value: ea01e67e-4dc4-4dad-9d25-51a083feac77
.tribalfusion.com/	1970-01-20 09:36:14	Name: ANON_ID Value: aKnrmexNeTnBeZdwQMhEwPZcEg34xs8mgaI5uUnWVqT6ORdqQUykopjMydnwIFr7oZboDxX
.amazon-adsystem.com/	1970-01-20 12:56:24	Name: ad-id Value: AyuPtNFEEE2qqiqHDNduhFo
.amazon-adsystem.com/	1970-01-20 17:02:38	Name: ad-privacy Value: 0
boniver.org/	1970-01-20 07:26:38	Name: _liChk Value: 0.23813753998257292
.adnxs.com/	1970-01-20 09:36:14	Name: uuid2 Value: 4941696694641440856
.adnxs.com/	1970-01-20 09:36:14	Name: anj Value: dTM7k!M4/YE:2jUF']wIg2E?dFGG!g!@wnfH)iRzPifus=3fkE2Rz$H5*:B402V4zA`m=+X7B7a/X%W#.wL4W1Qw1rR^=N:
b.aegpresents.com/	1970-01-20 16:12:14	Name: _cf Value: df2b688b-79ca-4279-a39f-f0d808073cc2
.bidswitch.net/	1970-01-20 16:12:14	Name: c Value: 1668398702
.bidswitch.net/	1970-01-20 16:12:14	Name: tuuid_lu Value: 1668398702
.bidswitch.net/	1970-01-20 16:12:14	Name: tuuid Value: 151a43ae-dd83-40ce-a795-090d263d7152
.acuityplatform.com/	1970-01-20 16:12:14	Name: aum Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjn6jXVzZXJNYXRjaGluZ0lkJLqRbGFzdERyb3BUaW1lTWlsbGlzJQFCHQl+EqyYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBQh0JfhKsj3RoaXJkUGFydHlVc2VySWRjMTUxYTQzYWUtZGQ4My00MGNlLWE3OTUtMDkwZDI2M2Q3MTUy+/uGdmVyc2lvbsL7
.addthis.com/	1970-01-20 16:56:53	Name: na_tc Value: Y
pool.admedo.com/	1970-01-20 16:12:14	Name: tuuid Value: 2c50b60f-f108-4939-a701-55ffa036c448
pool.admedo.com/	1970-01-20 16:12:14	Name: c Value: 1668398703
pool.admedo.com/	1970-01-20 16:12:14	Name: tuuid_lu Value: 1668398703
.dlx.addthis.com/	1970-01-20 08:09:50	Name: na_sc_x Value: 1
.addthis.com/	1970-01-20 16:56:53	Name: na_id Value: 2022111404050300012227728765
.addthis.com/	1970-01-20 16:56:53	Name: uid Value: 6371be6feee67de7
.addthis.com/	1970-01-20 16:56:53	Name: ouid Value: 6371be6f0001f3633691204e7281ba350db09c8257c40278188c
.dpm.demdex.net/	1970-01-20 11:45:50	Name: dpm Value: 74421082995705287412500562063660528886
.demdex.net/	1970-01-20 11:45:50	Name: demdex Value: 74421082995705287412500562063660528886
.mathtag.com/	1970-01-20 16:52:33	Name: uuid Value: 265a6371-be6f-4300-9577-2a2fb37848d2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://boniver.org/undefined Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6719212.fls.doubleclick.net
9382130.fls.doubleclick.net
a.tribalfusion.com
a4.tribalfusion.com
adservice.google.com
analytics.tiktok.com
analytics.twitter.com
b-code.liadm.com
b.aegpresents.com
b1sync.zemanta.com
boniver.org
connect.facebook.net
dpm.demdex.net
googleads.g.doubleclick.net
hes32-ctp.trendmicro.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
pool.admedo.com
region1.analytics.google.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
s.amazon-adsystem.com
s.tribalfusion.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.mathtag.com
t.co
tracking.aegpresents.com
trc.taboola.com
ums.acuityplatform.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
hes32-ctp.trendmicro.com
103.229.205.242
104.18.12.14
104.244.42.197
104.244.42.67
108.138.15.119
142.250.185.166
146.75.116.157
151.101.66.159
154.59.122.79
2.16.186.242
2.18.232.236
2001:4860:4802:34::36
2600:1f18:730:b130:806:7e95:75ec:c485
2600:1f18:ed:550e:c0f4:8461:4273:acdc
2600:9000:223c:5200:8:8845:1500:93a1
2600:9000:225e:d400:11:65f0:c080:93a1
2606:4700::6812:18ad
2a00:1450:4001:800::2008
2a00:1450:4001:802::2004
2a00:1450:4001:806::200e
2a00:1450:4001:812::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:400c:c08::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::300
3.126.211.249
3.210.106.149
35.210.53.219
37.252.171.53
52.223.40.198
52.36.162.60
52.46.151.131
54.146.241.124
54.229.28.236
64.202.112.159
013d4602ea9582548d72a288920d6c1e778cbdec1b7658576a50c5440d64b0d8
014cf0c06498d3664263393f95336d7d31cea3ae4ff40e1429842cf5c0a0b535
05810a098f3047b0fba1308d6f002a23065a31c7d3568afa8610b1c31bc223c9
0a42d943b77449a6219255e29f5b976be82fae93b81d7fa8821a1302874eac48
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
1a9a0bff924dab382273ddbff898e3f15906b4852daab7d0f805822037dfe4e4
1bd18d6637d3290df962380a68f336fa59da15e3b4e04660cc4bfdb3b9fdedac
26406fb3c2ab048933e0e626eef3485e51fcb5775265cc9c6a98e77650355bb7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2cc9422eafb2691947e49ca30ac190508f0328acf749377ed0a7457e0425da45
30d18df29d32dfc82e6e20caa5816b7a731a998bf5fb6e4e02ecc041eedb6790
337e24fe8cc111c949a7ff16d47d68a3f23546a9a28341c5468e311ed1fb6629
3dac27370d92d12af0d79ed76395d8ceac7c9978b4a0b1962f00fad322c90a14
446ce12f81408d9a65d13be0c39f2127aac77e25ae34d1645711988be1a7c5e7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbb94dc3f0ef31288f6248ace9cef411c68ed006945e46ba4e95a503db5a1c6
4c90bb5f8ac9e44aee4fbf60c43b1fddea4529bd7e2189cdbb696140d29310ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c0029e853d36a3e5024e91f32f2a732e2cbd54e3b20cbb4af477e0388e6c12c
5c4836a0b6d85c8abaebd16c604345408775059072208928b520cd8eb60a4a35
60dcf94ba430765bb26974cb5fca9f05276e0a8c6f83cf40bfb78b6969ad8a07
63e1ced2d67a6dd31dee6f0256621834e24ef2445a865994d09b4728debc0250
66048268ebd643caaeafeed68804def2fc029e13c42c03d04fff9340de5fe1d2
6a2b1d11495f65f8c6d44c2684ffb955e36ad134962f6cf1ab14eccefbdde8b3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
735163a23bddd87e0fe8ac6f755ae48e7366c5eccdcefa85d1efce69d73fdbc2
74ee68c7585e34566b6e7de03b0a1c87924022aad61b2d7e7414fb86ad2eded8
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52
860982f7df0344e1608e42a5279603244e7bb6c6c92f99a7d8442ff61a4637a3
8b06e77c88c10fe230e19bbf93de2bc3c73f2ed583daf53602b8fb0c16e3d4e7
8cd087862e2a3ef1f518e1b259232080e0350c8586eb387599201d1594dbc643
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9078c0253495c8c8c2d3e4bb6b78db130a47eb3718ed67053e92ecd355894e74
9080e229a1a92ca50920aa6e76c37e36d721e079aea8090aa87822d5916b23c5
95865b042a90f7d70bf5a7b1335a715287493a25f34a9913a44c9b739dda61e5
a467a732faba4f91c2fdc920994aaf9edc35a595a88c66e3d2a05ca3c05fc3a5
a7fb8666a265082a69632025a9298282851c4f0d96aa73667869cf1f65eae0e6
a9f97f70b7090f01fbda34637e4b5a0c7c252422ab12ea00bfaefcfd663849cb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad60b8682ea853556d9135855ddae5ef7ded8c50a39cc0496fad99e8a4730897
b3024fbbae4e422bcf07b5ed42e48dd2f0e41023b9390de5c4ce130fe9d2f8cc
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bda6734b310147d742ae002dd389c9a9d1a75884bd951056aff9e0ff845386d9
bf36b56d4fdf91496111a42f0aa3abcae1702a188a80f56365b0b7b589559b99
bf72c42dffb746770f2d19c47619718c400b840b8bf3218a60137bee7f9a16d3
c01c8830e13c986ac8bc22f773bef782e81fefa54a427b2874d6cf824509b1f1
c0d33307da5baed86e3ec1022f0aa811c9842e7f74ee7bc2560a00e9dfc9cba5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22ad519bd4d6b15312f30e661579a5dc5df363bb2fde967461d001017f459d5
c288a4166ec88115eb20083aec86caf9e815d5840c3d32b502d60ce368770753
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1ed41a98f1abe2448d0999ee3febac23f2616bf2cbc5ed36deb4b9f45858d9d
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb945157f5dd2a5919fa8f7a006dcd547acb9bee5ed5d31a3cb72357b1c0ec0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f6b4a326c2a8f615ce651749e6cec28959b967e33698ab59a11d8109b322aa1a
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

boniver.org Open in urlscan Pro 151.101.66.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

89 %HTTPS

43 %IPv6

27 Domains

42 Subdomains

30 IPs

6 Countries

2045 kBTransfer

5171 kBSize

41 Cookies

10 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

boniver.org Open in urlscan Pro
151.101.66.159 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

89 %
HTTPS

43 %
IPv6

27
Domains

42
Subdomains

30
IPs

6
Countries

2045 kB
Transfer

5171 kB
Size

41
Cookies

132 HTTP transactions
0 data transactions