www.sootoday.com Open in urlscan Pro
20.49.104.7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Submission Tags: falconsandbox
Submission: On March 28 via api (March 28th 2023, 12:49:44 am UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 17 domains to perform 70 HTTP transactions. The main IP is 20.49.104.7, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.sootoday.com. The Cisco Umbrella rank of the primary domain is 669728.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on December 10th 2022. Valid for: 6 months.

This is the only time www.sootoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	20.49.104.7 20.49.104.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7	18.66.112.105 18.66.112.105	16509 (AMAZON-02) (AMAZON-02)
2	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
1	18.66.97.113 18.66.97.113	16509 (AMAZON-02) (AMAZON-02)
5	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1 3	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.99.107 13.32.99.107	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
70	23

9 20.49.104.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.sootoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.112.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-105.fra56.r.cloudfront.net

www.vmcdn.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1080:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-113.fra56.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

rewards-panel.goloot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-goloot-production.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-107.fra60.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1121375.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googlesyndication.com c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	50 KB
9	sootoday.com www.sootoday.com — Cisco Umbrella Rank: 669728	180 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 70	173 KB
7	cloudfunctions.net us-central1-goloot-production.cloudfunctions.net	2 KB
7	vmcdn.ca www.vmcdn.ca — Cisco Umbrella Rank: 126888	10 KB
5	goloot.io rewards-panel.goloot.io	161 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6058 adservice.google.de — Cisco Umbrella Rank: 8820	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 151	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	getsitecontrol.com l.getsitecontrol.com — Cisco Umbrella Rank: 17495	2 KB
1	sentry.io o1121375.ingest.sentry.io	322 B
1	flipp.com p.flipp.com — Cisco Umbrella Rank: 14874
1	gstatic.com fonts.gstatic.com	17 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	49 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 15208	71 KB
70	17

	Domain	Requested by
9	www.sootoday.com	www.sootoday.com
7	us-central1-goloot-production.cloudfunctions.net	rewards-panel.goloot.io
7	pagead2.googlesyndication.com	www.sootoday.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	www.vmcdn.ca	www.sootoday.com
6	securepubads.g.doubleclick.net	www.sootoday.com securepubads.g.doubleclick.net c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com www.googletagservices.com
5	rewards-panel.goloot.io	www.sootoday.com rewards-panel.goloot.io
4	tpc.googlesyndication.com	c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
3	www.google.com	www.sootoday.com tpc.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects www.sootoday.com
3	www.google-analytics.com	www.sootoday.com
2	c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.de	www.sootoday.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	l.getsitecontrol.com	www.sootoday.com l.getsitecontrol.com
1	o1121375.ingest.sentry.io	rewards-panel.goloot.io
1	p.flipp.com	cdn-gateflipp.flippback.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagservices.com	c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com
1	fonts.googleapis.com	c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn-gateflipp.flippback.com	www.sootoday.com
70	22

This site contains links to these domains. Also see Links.

Domain
www.miosfurniture.com
www.facebook.com
twitter.com
www.instagram.com
docs.google.com
www.villagemedia.ca
www.barrietoday.com
www.baytoday.ca
www.bradfordtoday.ca
www.burlingtontoday.com
www.cambridgetoday.ca
www.canadaflyers.ca
www.collingwoodtoday.ca
www.elliotlaketoday.com
www.elorafergustoday.com
www.guelphtoday.com
www.haltonhillstoday.ca
www.innisfiltoday.ca
www.midlandtoday.ca
www.newmarkettoday.ca
www.notllocal.com
www.northernontariobusiness.com
www.ontarioflyers.ca
www.orilliamatters.com
www.pelhamtoday.ca
www.stratfordtoday.ca
www.sudbury.com
www.thoroldtoday.ca
www.timminstoday.com
www.thetrillium.ca
www.village-life.ca
www.villagereport.ca
www.alimoshotoday.com
www.broomfieldleader.com
www.lasutoday.com
www.longmontleader.com
www.sooleader.com

Subject Issuer	Validity	Valid
www.sootoday.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-12-10` - `2023-06-10`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.vmcdn.ca Amazon RSA 2048 M02	`2023-03-01` - `2023-10-04`	7 months	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2022-03-05` - `2023-04-06`	a year	crt.sh
*.flippback.com Amazon RSA 2048 M02	`2023-02-27` - `2023-07-29`	5 months	crt.sh
rewards-panel.goloot.io GTS CA 1D4	`2023-03-09` - `2023-06-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
flipp.com Amazon RSA 2048 M01	`2023-02-21` - `2023-09-28`	7 months	crt.sh
*.ingest.sentry.io R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Frame ID: FE417F14BAE6E44E9AE593AC0E0FD476
Requests: 44 HTTP requests in this frame

Frame: https://rewards-panel.goloot.io/?publisher_domain=https%3A%2F%2Fwww.sootoday.com&user=null&gl_reward_id=&appname=sootoday
Frame ID: DE57AEF401B2E662FDED1955DC55D640
Requests: 10 HTTP requests in this frame

Frame: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 72B0D4106DC3C952604FF6D042B0BA73
Requests: 1 HTTP requests in this frame

Frame: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 619C97CF376143AF725C8F5AC9A9AD9C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A8EFD59DE745CBE45C9741BCD5B95E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8609BAE4A7AF0E27636A427296BF2FE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page Not Found - Sault Ste. Marie News

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

70
Requests

97 %
HTTPS

68 %
IPv6

17
Domains

22
Subdomains

23
IPs

4
Countries

743 kB
Transfer

2032 kB
Size

12
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: http://www.miosfurniture.com/
Title: Mio's Furniture

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Sootoday

Search URL Search Domain Scan URL

URL: https://twitter.com/SooToday

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sootoday/

Search URL Search Domain Scan URL

URL: https://docs.google.com/document/d/1dOgoLS-jn6McFIAW-bnvR4tLixYBez9qGv0vwoAcjsw/edit?usp=sharing
Title: Political Ads Registry

Search URL Search Domain Scan URL

URL: https://www.villagemedia.ca/

Search URL Search Domain Scan URL

URL: https://www.barrietoday.com/
Title: BarrieToday.com

Search URL Search Domain Scan URL

URL: https://www.baytoday.ca/
Title: BayToday.ca

Search URL Search Domain Scan URL

URL: https://www.bradfordtoday.ca/
Title: BradfordToday.ca

Search URL Search Domain Scan URL

URL: https://www.burlingtontoday.com/
Title: BurlingtonToday.com

Search URL Search Domain Scan URL

URL: https://www.cambridgetoday.ca/
Title: CambridgeToday.ca

Search URL Search Domain Scan URL

URL: https://www.canadaflyers.ca/
Title: CanadaFlyers.ca

Search URL Search Domain Scan URL

URL: https://www.collingwoodtoday.ca/
Title: CollingwoodToday.ca

Search URL Search Domain Scan URL

URL: https://www.elliotlaketoday.com/
Title: ElliotLakeToday.com

Search URL Search Domain Scan URL

URL: https://www.elorafergustoday.com/
Title: EloraFergusToday.com

Search URL Search Domain Scan URL

URL: https://www.guelphtoday.com/
Title: GuelphToday.com

Search URL Search Domain Scan URL

URL: https://www.haltonhillstoday.ca/
Title: HaltonHillsToday.ca

Search URL Search Domain Scan URL

URL: https://www.innisfiltoday.ca/
Title: InnisfilToday.ca

Search URL Search Domain Scan URL

URL: https://www.midlandtoday.ca/
Title: MidlandToday.ca

Search URL Search Domain Scan URL

URL: https://www.newmarkettoday.ca/
Title: NewmarketToday.ca

Search URL Search Domain Scan URL

URL: https://www.notllocal.com/
Title: Niagara-on-the-Lake Local

Search URL Search Domain Scan URL

URL: https://www.northernontariobusiness.com/
Title: Northern Ontario Business

Search URL Search Domain Scan URL

URL: https://www.ontarioflyers.ca/
Title: OntarioFlyers.ca

Search URL Search Domain Scan URL

URL: https://www.orilliamatters.com/
Title: OrilliaMatters.com

Search URL Search Domain Scan URL

URL: https://www.pelhamtoday.ca/
Title: PelhamToday.ca

Search URL Search Domain Scan URL

URL: https://www.stratfordtoday.ca/
Title: StratfordToday.ca

Search URL Search Domain Scan URL

URL: https://www.sudbury.com/
Title: Sudbury.com

Search URL Search Domain Scan URL

URL: https://www.thoroldtoday.ca/
Title: ThoroldToday.ca

Search URL Search Domain Scan URL

URL: https://www.timminstoday.com/
Title: TimminsToday.com

Search URL Search Domain Scan URL

URL: https://www.thetrillium.ca/
Title: The Trillium

Search URL Search Domain Scan URL

URL: https://www.village-life.ca/
Title: Village Life

Search URL Search Domain Scan URL

URL: https://www.villagereport.ca/
Title: Village Report

Search URL Search Domain Scan URL

URL: https://www.alimoshotoday.com/
Title: AlimoshoToday.com

Search URL Search Domain Scan URL

URL: https://www.broomfieldleader.com/
Title: BroomfieldLeader

Search URL Search Domain Scan URL

URL: https://www.lasutoday.com/
Title: LasuToday.com

Search URL Search Domain Scan URL

URL: https://www.longmontleader.com/
Title: LongmontLeader

Search URL Search Domain Scan URL

URL: https://www.sooleader.com/
Title: SooLeader

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://sb.scorecardresearch.com/cs/21059523/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request 1654364 Show response
www.sootoday.com/classifieds/announcements/birth-notices/ 43 KB
44 KB 547ms
128ms Document
text/html 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b9a6c2e6fba4482497deb6720c01f6562ddd4d4807a6b38c8fafe739cf402e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-length: 44438
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 00:49:38 GMT
strict-transport-security: max-age=63072000;

GET
H2 200 template
www.sootoday.com/cssb/ 90 KB
26 KB 116ms
115ms Stylesheet
text/css 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/cssb/template?v=jMkftblghQtKcPT7UnAVA8jw1maM9teapS8pHBi315A1

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

177b0027729899fb2d8d788f4159bd055f79ffd5b53a340b6e586013e8864740

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:38 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
last-modified: Tue, 28 Mar 2023 00:49:39 GMT
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-length: 26427
expires: Wed, 27 Mar 2024 00:49:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 83ms
24ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 00:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2668
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 28 Mar 2023 02:05:11 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 114ms
54ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d2acacecdbed586794652660faf9f06b5dcea0dba6341d0321d826e8e59b9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27401
x-xss-protection: 0
server: sffe
etag: "1524 / 933 of 1000 / last-modified: 1679954902"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Mar 2023 00:49:39 GMT

GET
H2 200 sootoday_white.svg
www.vmcdn.ca/files/sootoday/layout/ 5 KB
2 KB 296ms
30ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/sootoday/layout/sootoday_white.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 785d653df2645599aae40b2bdb678026626afaa365b1fd2819d45d956fab8983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:07:37 GMT
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: CloudFront
age: 1550522
x-amz-cf-pop: FRA56-P5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=sootoday_white.svg
x-amz-cf-id: f0vwhgzdI5_VLkg2i4W90kSr-q8qobPT05g4BO3qEPeXiJw3SKGoiw==
expires: Sun, 09 Apr 2023 02:07:37 GMT

GET
H2 200 blank.gif
www.sootoday.com/images/ 42 B
164 B 113ms
111ms Image
image/gif 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sootoday.com/images/blank.gif

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:38 GMT
strict-transport-security: max-age=63072000;
last-modified: Wed, 15 Mar 2023 18:48:30 GMT
etag: "e54ab4bc6e57d91:0"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 42

GET
H2 200 widgets Show response
www.sootoday.com/jsb/ 12 KB
5 KB 112ms
112ms Script
text/javascript 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/jsb/widgets?v=Pv4AzckcEfT-Bo26-d_EjRCBAUeBKKZnjGkY3LSvtAU1

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e1c3aa23ef96641d075d3937e80d2635e1cee85ba99d230238c65ed1a8886cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:38 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
last-modified: Tue, 28 Mar 2023 00:49:39 GMT
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 4702
expires: Wed, 27 Mar 2024 00:49:39 GMT

GET
H2 200 template Show response
www.sootoday.com/jsb/ 155 KB
67 KB 118ms
115ms Script
text/javascript 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/jsb/template?v=ig_cx8NgpfamsM2tw3L6WkycA6aqHS_3LymM6aLdXds1

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

536a79998ece303a986338ed56d14747c10f874f2c9839a059bacd5ec0bdee46

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:38 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
last-modified: Tue, 28 Mar 2023 00:49:39 GMT
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 68220
expires: Wed, 27 Mar 2024 00:49:39 GMT

GET
H2 200 g4d3m137.js Show response
l.getsitecontrol.com/ 433 B
1 KB 150ms
39ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/g4d3m137.js
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 36ab0d4d9fe092d42d756dbc0afe941434f0561609a43ef22c0b3ed7fa060007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: br
cdn-edgestorageid: 1047
x-amz-request-id: NE6DRT6YR7J8XZS2
x-amz-server-side-encryption: AES256
cdn-cachedat: 03/01/2023 13:03:55
cdn-pullzone: 89704
x-amz-id-2: JIsPYJR3JoesJem6dkxsHvWSdpJyFo3wqneT4WmvX1U14DCTjH+VsP8K+2C+abBTVSEWo09/PS37qLitU0f6Pw==
last-modified: Tue, 28 Feb 2023 20:33:55 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"1186d18095234996e9b1c041a61123a6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
cdn-requestid: d08eb49ad951397e68110c0e40743e90
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 71 KB
71 KB 380ms
304ms Script
application/javascript 18.66.97.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-113.fra56.r.cloudfront.net
Software: envoy /
Resource Hash: 1fa8277373598ddb32619a561943ccc5c52d13268601982d8c54f9f150eda5e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA56-P2
vary: Origin,Origin, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-envoy-upstream-service-time: 2
x-amz-cf-id: L957qfi6k4YF8vt906IffwYasnovJ5-cZQYjbszNxf0ftv63EQz75w==

GET
H2 200 gl-sdk.js Show response
rewards-panel.goloot.io/ 14 KB
5 KB 103ms
26ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards-panel.goloot.io/gl-sdk.js

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4c57573ce4b4e034901b93fc96f3917a2172040784b213ad625aabc206771164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220067-HHN
strict-transport-security: max-age=31556926
content-encoding: br
date: Tue, 28 Mar 2023 00:49:39 GMT
last-modified: Thu, 23 Mar 2023 19:32:15 GMT
x-timer: S1679964579.344455,VS0,VE1
etag: "0c7dab97f6efdd8b5dcf99d84fd58013d84a8b13b536f6bf55da1cccfd39ada7-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4659
x-cache-hits: 1

GET
H2 200 user-o-w.svg
www.vmcdn.ca/files/ui/icons/ 712 B
1 KB 285ms
29ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/user-o-w.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=jMkftblghQtKcPT7UnAVA8jw1maM9teapS8pHBi315A1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: d4626a22c2af8c95f8143af91c42fac2242da36ef36139912f72c2d85d373482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 23:24:44 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: CloudFront
age: 696295
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=user-o-w.svg
content-length: 712
x-amz-cf-id: SSJDT1m9YQBKmfHlDz7jgsu6qDNddF87HDWxx11cJ2RRp5EAoUPm7A==
expires: Tue, 18 Apr 2023 23:24:44 GMT

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bbada45fd68ad952c7630330f2a543b374aa0dff02b612ed8637b09b6cef8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 search.svg
www.vmcdn.ca/files/ui/icons/ 442 B
793 B 286ms
31ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/search.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=jMkftblghQtKcPT7UnAVA8jw1maM9teapS8pHBi315A1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:58:56 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: CloudFront
age: 1723842
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=search.svg
content-length: 442
x-amz-cf-id: ImHwjVw9G1a9VJ-v9Ros-7OWnKseLI0THanIKJp9pP1L1uvfP-ESfQ==
expires: Fri, 07 Apr 2023 01:58:57 GMT

GET
H2 200 facebook-w.svg
www.vmcdn.ca/files/ui/icons/ 253 B
608 B 286ms
32ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/facebook-w.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=jMkftblghQtKcPT7UnAVA8jw1maM9teapS8pHBi315A1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 254fd27c36e073f89ef5961a63316c877148fa78dbf20e612fb3fc1dbc3af906

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 01:33:27 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: CloudFront
age: 947772
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=facebook-w.svg
content-length: 253
x-amz-cf-id: tXr4QWkA2mrOPEKfiW3SKhjEeqK3ESAF05YPCHrJVfYywRNp2O1U3g==
expires: Sun, 16 Apr 2023 01:33:27 GMT

GET
H2 200 twitter-w.svg
www.vmcdn.ca/files/ui/icons/ 506 B
860 B 286ms
32ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/twitter-w.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=jMkftblghQtKcPT7UnAVA8jw1maM9teapS8pHBi315A1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: dba6ea9ecb296ddd7d0c150a586fe6949b8f79fc8026db799723690ac9aa36bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:18:06 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: CloudFront
age: 1121493
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=twitter-w.svg
content-length: 506
x-amz-cf-id: XGMugGdnKLuw9N68Om2gKwvhyhThsiqdNUUM_IKWJzK4TgeWygRhkg==
expires: Fri, 14 Apr 2023 01:18:06 GMT

GET
H2 200 instagram-w.svg
www.vmcdn.ca/files/ui/icons/ 1015 B
874 B 285ms
31ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/instagram-w.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=jMkftblghQtKcPT7UnAVA8jw1maM9teapS8pHBi315A1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: bd1fd9ec6f84a26e819821cb2a75d0e6938f9964fede2d57750976f09ec68432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 02:00:23 GMT
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: CloudFront
age: 859755
x-amz-cf-pop: FRA56-P5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=instagram-w.svg
x-amz-cf-id: wEEW1Odj943sx8_rPsVGeNx2vpWhc26lsxZKN6TE4LJiwPV2aHmU9g==
expires: Mon, 17 Apr 2023 02:00:24 GMT

GET
H2 200 opensans-regular.woff2
www.sootoday.com/css/fonts/ 19 KB
19 KB 113ms
113ms Font
application/font-woff2 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/css/fonts/opensans-regular.woff2

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=jMkftblghQtKcPT7UnAVA8jw1maM9teapS8pHBi315A1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bb83e6c7cf4aa041bcc51c81777e0e24484164c096c675bc0c8728f507eb943f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.sootoday.com/cssb/template?v=jMkftblghQtKcPT7UnAVA8jw1maM9teapS8pHBi315A1
Origin: https://www.sootoday.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:38 GMT
strict-transport-security: max-age=63072000;
last-modified: Wed, 15 Mar 2023 18:48:30 GMT
etag: "409eabbc6e57d91:0"
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19020

GET
H2 200 opensans-bold.woff2
www.sootoday.com/css/fonts/ 19 KB
19 KB 205ms
204ms Font
application/font-woff2 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/css/fonts/opensans-bold.woff2

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=jMkftblghQtKcPT7UnAVA8jw1maM9teapS8pHBi315A1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.sootoday.com/cssb/template?v=jMkftblghQtKcPT7UnAVA8jw1maM9teapS8pHBi315A1
Origin: https://www.sootoday.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:38 GMT
strict-transport-security: max-age=63072000;
last-modified: Wed, 15 Mar 2023 18:48:30 GMT
etag: "9c66aabc6e57d91:0"
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19724

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 97ms
32ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37383801-16&cid=286273264.1679964579&jid=463136680&gjid=1878892697&_gid=2058672145.1679964579&_u=IGDAgEABAAAAAEgAI~&z=1775161402

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Mar 2023 00:49:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sootoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 96ms
33ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37383801-4&cid=286273264.1679964579&jid=1955203579&gjid=1635602922&_gid=2058672145.1679964579&_u=IGDAgEABAAAAAEgAI~&z=459377437

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Mar 2023 00:49:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sootoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 26ms
24ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=953330598&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sootoday.com%2F404%3Furl%3D%2Fclassifieds%2Fannouncements%2Fbirth-notices%2F1654364&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Sault%20Ste.%20Marie%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEABAAAAAAgAI~&jid=463136680&gjid=1878892697&cid=286273264.1679964579&tid=UA-37383801-16&_gid=2058672145.1679964579&cd1=5&z=737928640

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24268
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 26ms
25ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=953330598&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sootoday.com%2F404%3Furl%3D%2Fclassifieds%2Fannouncements%2Fbirth-notices%2F1654364&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Sault%20Ste.%20Marie%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEABAAAAAEgAI~&jid=1955203579&gjid=1635602922&cid=286273264.1679964579&tid=UA-37383801-4&_gid=2058672145.1679964579&cd1=5&z=173452613

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24268
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2023032301.js Show response
securepubads.g.doubleclick.net/gpt/ 400 KB
135 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe829dce759901b47a0db1a0f63bea041f8f950d4dc9c59e39a60e07cbc99b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 21:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137913
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 08:35:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 26 Mar 2024 21:52:45 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 319 B
203 B 87ms
36ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sootoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8171ea8dfb3d5813d7f23e93de0d2b4b7586b1760dbb7261a36897f7f8358ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178
x-xss-protection: 0
expires: Tue, 28 Mar 2023 00:49:39 GMT

POST
H2 200 me Show response
www.sootoday.com/account/ 369 B
708 B 126ms
126ms XHR
application/json 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/account/me

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/widgets?v=Pv4AzckcEfT-Bo26-d_EjRCBAUeBKKZnjGkY3LSvtAU1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

37aed26341630ce7c80f742f5a2ace1e635c5be810bf17359996ec66faea461f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private
content-length: 405

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/21059523/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

27ms
27ms

Script
application/javascript

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:32:25 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 10:02:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1035
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: U5tLtD_hNT2nB_FKwYCOeDvBQMhHxELLW40cAjsewaBAWTCgIMxwFg==

Redirect headers

date: Tue, 28 Mar 2023 00:49:39 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: PwnybzUSuw5Ff3XRTQ1fAF3wAjKywtATu1x4O06I1BgHIS9iYeGo-Q==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 94ms
38ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37383801-16&cid=286273264.1679964579&jid=463136680&_u=IGDAgEABAAAAAEgAI~&z=1622979020

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 00:49:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 100ms
39ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37383801-16&cid=286273264.1679964579&jid=463136680&_u=IGDAgEABAAAAAEgAI~&z=1622979020

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 00:49:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 93ms
37ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37383801-4&cid=286273264.1679964579&jid=1955203579&_u=IGDAgEABAAAAAEgAI~&z=1285829485

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 00:49:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 98ms
38ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37383801-4&cid=286273264.1679964579&jid=1955203579&_u=IGDAgEABAAAAAEgAI~&z=1285829485

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 00:49:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
rewards-panel.goloot.io/ Frame DE57 4 KB
1 KB 26ms
25ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards-panel.goloot.io/?publisher_domain=https%3A%2F%2Fwww.sootoday.com&user=null&gl_reward_id=&appname=sootoday

Requested by

Host: rewards-panel.goloot.io
URL: https://rewards-panel.goloot.io/gl-sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9117f6e0aa1c8fa75d5068c2e78a4836b008437a243db829ddb5ce2100a72dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 1307
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 00:49:39 GMT
etag: "ba2532a34729dabb3f8d9e21c23e05eed2d419a51f4db555f53615ede1082f11-br"
last-modified: Thu, 23 Mar 2023 19:32:15 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-hhn-etou8220067-HHN
x-timer: S1679964579.432288,VS0,VE1

POST
H2 200 weatherwidget Show response
www.sootoday.com/external/ 134 B
354 B 114ms
113ms XHR
application/json 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/external/weatherwidget?weatherCode=ON%2Fs0000479_e

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=ig_cx8NgpfamsM2tw3L6WkycA6aqHS_3LymM6aLdXds1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

571dc891d9cb4f17873cb7fcf0a1d519f46d44a8cbf70d4ce8db722c763754f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Accept: */*
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
last-modified: Tue, 28 Mar 2023 00:36:17 GMT
content-type: application/json; charset=utf-8
cache-control: public, max-age=98
content-length: 234
expires: Tue, 28 Mar 2023 00:51:17 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 110ms
34ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sootoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 108ms
33ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sootoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 bundle.e010e.esm.js Show response
rewards-panel.goloot.io/ Frame DE57 571 KB
146 KB 31ms
30ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards-panel.goloot.io/bundle.e010e.esm.js

Requested by

Host: rewards-panel.goloot.io
URL: https://rewards-panel.goloot.io/?publisher_domain=https%3A%2F%2Fwww.sootoday.com&user=null&gl_reward_id=&appname=sootoday

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

995ccde674cb9a0fd8b4dcc9c252cd1ab542f6bbe5de6ab687cd1637241e9b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://rewards-panel.goloot.io/?publisher_domain=https%3A%2F%2Fwww.sootoday.com&user=null&gl_reward_id=&appname=sootoday
Origin: https://rewards-panel.goloot.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220024-HHN
strict-transport-security: max-age=31556926
content-encoding: br
date: Tue, 28 Mar 2023 00:49:39 GMT
last-modified: Thu, 23 Mar 2023 19:32:15 GMT
x-timer: S1679964579.477632,VS0,VE1
etag: "2d62aac660fd737653f3d2d32b18e890a33935da9e763d36ec775c9bdd7ca14a-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 149429
x-cache-hits: 1

GET
H3 200 bundle.84c81.css
rewards-panel.goloot.io/ Frame DE57 124 KB
8 KB 29ms
29ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards-panel.goloot.io/bundle.84c81.css

Requested by

Host: rewards-panel.goloot.io
URL: https://rewards-panel.goloot.io/?publisher_domain=https%3A%2F%2Fwww.sootoday.com&user=null&gl_reward_id=&appname=sootoday

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

639a60478f71af27f34303dd5c7f977042251b270d6987f8b0dc53ba048f4ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewards-panel.goloot.io/?publisher_domain=https%3A%2F%2Fwww.sootoday.com&user=null&gl_reward_id=&appname=sootoday
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220024-HHN
strict-transport-security: max-age=31556926
content-encoding: br
date: Tue, 28 Mar 2023 00:49:39 GMT
last-modified: Thu, 23 Mar 2023 19:32:15 GMT
x-timer: S1679964579.478188,VS0,VE1
etag: "c0e6df596315770a47469efce20b7476fbb136c2e9cd23719d190dbbb81f496a-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7955
x-cache-hits: 1

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 78ms
77ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4448326198003187&correlator=3047959371963424&eid=31071499%2C31073381%2C44785728&output=ldjh&gdfp_req=1&vrg=2023032301&ptt=17&impl=fifs&iu_parts=5198809%2CNET_Alert%2CNET_TopBlock%2CNET_Background_Roadblock&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2F3&prev_iu_szs=320x50%2C1920x800%7C1920x1200&fluid=height%2C0&ifi=1&adks=1106791960%2C2803743538&didk=977039239~1814067148&sfv=1-0-40&eri=1&cust_params=site%3Dwww.sootoday.com%252Csootoday.com%26SiteType%3DCPM-CA&sc=1&cookie_enabled=1&abxe=1&dt=1679964579476&lmt=1679964579&dlt=1679964579040&idt=397&adxs=0%2C-160&adys=0%2C109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sootoday.com%2Fclassifieds%2Fannouncements%2Fbirth-notices%2F1654364&frm=20&vis=1&psz=1600x-1%7C1920x1200&msz=0x-1%7C0x0&fws=516%2C4&ohw=1600%2C1600&ga_vid=286273264.1679964579&ga_sid=1679964579&ga_hid=953330598&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

889b943c2d2ffed0642b5d96d847afd71914e0045ed5ecbf7afd77a677c35e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10525
x-xss-protection: 0
google-lineitem-id: 5526292015,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424285162,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sootoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 72B0 6 KB
3 KB 130ms
31ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 00:49:39 GMT
expires: Wed, 27 Mar 2024 00:49:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g4d3m137.json Show response
l.getsitecontrol.com/ 26 B
923 B 266ms
132ms XHR
application/json 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/g4d3m137.json
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/g4d3m137.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: br
cdn-edgestorageid: 865
x-amz-request-id: Z3EPDD0S05BN8Q57
x-amz-server-side-encryption: AES256
cdn-cachedat: 03/14/2023 13:58:57
cdn-pullzone: 89704
x-amz-id-2: 8V7Up8p90lehWkf0ozKVxc1W/xUUwGVH+g0CX10ElMZ8+e3Eb/xzjT2TZNcLeGRn3PWDaHqLCN0=
last-modified: Tue, 14 Mar 2023 13:38:13 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"65935a7a53cd9e8558dfdeb52a3bfdb3"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
access-control-max-age: 3000
cdn-requestid: e94e3500217005afb13c79989ca0ba89
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 32.gif
www.vmcdn.ca/files/ui/icons/weather/ 3 KB
4 KB 30ms
28ms Image
image/gif 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/weather/32.gif
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 988f7a89835c559129c4f2370a0556eafb39765e7de90edfa39aed91282b453e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 03:20:17 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: CloudFront
age: 422961
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=32.gif
content-length: 3574
x-amz-cf-id: 4bF1dognaBsiubxXZNqpRoJ6pC9xT4wCSyKeaIaiuRgLgEUCbaSHaw==
expires: Sat, 22 Apr 2023 03:20:18 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 27ms
24ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=21059523&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1679964579557&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sootoday.com%2Fclassifieds%2Fannouncements%2Fbirth-notices%2F1654364&c8=Page%20Not%20Found%20-%20Sault%20Ste.%20Marie%20News&c9=
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: YOIptC6VlyD5MHkRE66b-xrRwELUlbzTp1Id3Zx_Bwk-9WUSE6Zh0w==
x-cache: Miss from cloudfront

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 128ms
59ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sree&pvsid=4448326198003187&vrg=2023032301&nw_id=5198809&nslots=2&eid=31071499%2C31073381%2C44785728&pub_url=https%3A%2F%2Fwww.sootoday.com%2Fclassifieds%2Fannouncements%2Fbirth-notices%2F1654364&sid=4448326198003187&adk=2803743538&nf=true&rc=0&sret=5.000

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 00:49:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 9e690279-a19e-4d5e-8114-f62bac5caaf0
https://rewards-panel.goloot.io/ Frame DE57 46 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rewards-panel.goloot.io/9e690279-a19e-4d5e-8114-f62bac5caaf0
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length: 46922
Content-Type

GET
H2 200 container.html Show response
c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 619C 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 00:49:39 GMT
expires: Wed, 27 Mar 2024 00:49:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
349 B 70ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 00:49:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5.chunk.a4437.esm.js Show response
rewards-panel.goloot.io/ Frame DE57 899 B
706 B 29ms
29ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards-panel.goloot.io/5.chunk.a4437.esm.js

Requested by

Host: rewards-panel.goloot.io
URL: https://rewards-panel.goloot.io/bundle.e010e.esm.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1b90338c3d9757268350fe08778eb434eb692dd9042ac1b29845e3270d45439f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewards-panel.goloot.io/?publisher_domain=https%3A%2F%2Fwww.sootoday.com&user=null&gl_reward_id=&appname=sootoday
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220024-HHN
strict-transport-security: max-age=31556926
content-encoding: br
date: Tue, 28 Mar 2023 00:49:39 GMT
last-modified: Thu, 23 Mar 2023 19:32:15 GMT
x-timer: S1679964580.709950,VS0,VE1
etag: "4fb374b45fee7cbe555cd4e1885f7d9c59a7956869185fb4631c1416c5731e1d-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 375
x-cache-hits: 1

GET
H2 200 info Show response
us-central1-goloot-production.cloudfunctions.net/publishers/sootoday/ Frame DE57 2 KB
1008 B 385ms
292ms XHR
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-goloot-production.cloudfunctions.net/publishers/sootoday/info
Requested by: Host: rewards-panel.goloot.io
URL: https://rewards-panel.goloot.io/bundle.e010e.esm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 0ce076ae19148e32187f00896b5e6d867ac786abd465b7dc885d9e79ae4f837f

Request headers

Accept: application/json, text/plain, */*
Referer: https://rewards-panel.goloot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:40 GMT
content-encoding: gzip
server: Google Frontend
x-powered-by: Express
etag: W/"767-XjzYyvcco5gogXPMvNpXBGgel/I"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rewards-panel.goloot.io
x-cloud-trace-context: 171d3ce331f0ab1a889802e53dce354c
cache-control: private
function-execution-id: ofmmyn3y9ug0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 834

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 619C 24 KB
7 KB 83ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com
URL: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 20:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Mar 2024 20:50:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 619C 3 KB
1 KB 92ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400&lang=de

Requested by

Host: c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com
URL: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:41:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Mar 2023 00:49:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 619C 158 KB
49 KB 100ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com
URL: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b508f51e67897ed88fa49901e1ccbe5e1ddacdc43a391f699f757ce1c0a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49596
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679917726319514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Mar 2023 00:49:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 619C 0
0 64ms
63ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUV8aRYrOswOKCuTR4qGVtI37tpQ3Z20LaWhmYVkU5E7VaUsP8yWAqxkBL7pUEneGm0Irhvc0_2uf_x9ZvgLWvO51ZfI0d7wthEL9GiefY4eU5o4qW3tm80myT5zaU-j2M0gPiBVZqrRxf2wtcUnKA4fTfg9NWhIpZMrxXEKlnpFCBxQiRPekpTfVOF5YkAWSbqJaEx5YKORc20TFH3Kb3KSEb76A4IiqQuoFGPDf1KVQnR75AW9PFK48N7UUJQoVzFIlBrbTund4NcnrT95LFbTV8OO2w7y82TW_SsZjBg4HKuxNQJ460l3MIzSqTubY&sai=AMfl-YS6GViphwAhk0Ont_jhSf3Vqm7J_5K8Wa1KEJVqFWf_gWjPXxd8rSHG0xLPxU9XdRIWPeDDohQpaB99wUUUxKsV0MwYMAGahTH-zHT0XNNi8BroJk7jFb4SlIaHrxsr2KiGodxFM6-jmy7UDmY&sig=Cg0ArKJSzEzVJIu8s-LOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com
URL: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Mar 2023 00:49:39 GMT

OPTIONS
H2 204 auth
us-central1-goloot-production.cloudfunctions.net/publishers/sootoday/ Frame 0
0 141ms
141ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-goloot-production.cloudfunctions.net/publishers/sootoday/auth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,gl-fuid,gl-sid,lang
Access-Control-Request-Method: POST
Origin: https://rewards-panel.goloot.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: content-type,gl-fuid,gl-sid,lang
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://rewards-panel.goloot.io
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 28 Mar 2023 00:49:39 GMT
function-execution-id: p2jok9dzwwnk
server: Google Frontend
vary: Origin, Access-Control-Request-Headers
x-cloud-trace-context: 2b8391a0e09b82249b0ae2cf5507bdf6
x-powered-by: Express

POST
H2 200 auth Show response
us-central1-goloot-production.cloudfunctions.net/publishers/sootoday/ Frame DE57 1 KB
963 B 562ms
561ms XHR
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-goloot-production.cloudfunctions.net/publishers/sootoday/auth
Requested by: Host: rewards-panel.goloot.io
URL: https://rewards-panel.goloot.io/bundle.e010e.esm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: c92203d4e304595dc5dbbcb4ff45d4a74df39b7d772c73cae652f767fcd24d3e

Request headers

gl-fuid: eeef316a-a8bf-4a01-a2b2-4d244cbf798a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
lang: en
Referer: https://rewards-panel.goloot.io/
gl-sid: 6e1d491d-bf31-4f1d-88a2-3d49f460f6c2

Response headers

date: Tue, 28 Mar 2023 00:49:40 GMT
content-encoding: gzip
server: Google Frontend
x-powered-by: Express
etag: W/"420-Y21vfy968++FXkLGVpszaxihw0Q"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rewards-panel.goloot.io
x-cloud-trace-context: 23ab995267b0e550f867e3929c12cc50
cache-control: private
function-execution-id: ja772wg52osx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 827

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 619C 16 KB
17 KB 81ms
25ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 576720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
DATA 200
OK truncated
/ Frame 619C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22f7bab594502107c5728631417f58f808486e2b0331451aa0190e2db182a4f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 619C 0
0 63ms
63ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqx74cGqXANo1YCQRadLfLuCpTOrF-_q4gELVJvjwM2ir6sXC1nm3I6oMGeEOfSdhM03mLYcFEx8oS7zkgW6UpmoBmMHstQPksLdHrdMK9yioJj66cHnT7vevfdMWV7WROyOiAGNcxjN2MzMBma7XZBUXhdAINzr338EDow_mW2mBjIrviU4PWZf2kcKwl8a9C8zHZrA0BOK8dc7NncxwfrgdX5mzTfHG690aMLzkz-g_eb-H2sVn9ZikdVYf2gvzAXtPhA1V1BW7OA5wR6PnMPRMAqtc6_heTroWjyn1HIgU2j_6qYyQEtxQcwwSWRtqQag&sai=AMfl-YTLBk2s15Yp7Dl5EwfobqTvB0FmrzuPoSKVVkqFy6EufIcQyiuZ1U5sG-TrJ6KmgwRukH0Ta9Sc7l68Ke7UU4tjpoj6eDJ_phhb9sEqyptkt8XuY7RCtGCr7Z5fhEAyYCrF9jsTT1Euky0rGQc&sig=Cg0ArKJSzBFJ784ZQNS7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Mar 2023 00:49:39 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 83ms
40ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023032301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5df8bb05fa599e886d8966a515c44f2c8baaf09c54c5be5281a78f701d649ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11334
x-xss-protection: 0

POST
H2 204 beacons
p.flipp.com/ 0
0 288ms
207ms Fetch 13.32.99.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-107.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Mar 2023 00:49:40 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.sootoday.com
access-control-allow-credentials: true
x-amz-cf-id: FFidPIOp14qQ-2CD5mkfg8ofWNHsMsNFKwD8P55CHCZBihs51UkcqA==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 00:49:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A8E 13 KB
5 KB 32ms
29ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 19:17:52 GMT
expires: Tue, 26 Mar 2024 19:17:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A860 783 B
970 B 34ms
33ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

250445cee36bc1271562f6dde727f77f878dd6b044edbca8636fb6370a9ff9aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2FKpjtUKnjg9JQdzwe3S6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-2FKpjtUKnjg9JQdzwe3S6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 00:49:40 GMT
expires: Tue, 28 Mar 2023 00:49:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A860 0
0 55ms
54ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023032301&jk=4448326198003187&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A8E 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 18:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 18:30:15 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3A8E 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EgIyjg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:49:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 204 progress
us-central1-goloot-production.cloudfunctions.net/activities/ Frame 0
0 140ms
140ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-goloot-production.cloudfunctions.net/activities/progress
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,gl-app-key-id,gl-fuid,gl-sid,lang
Access-Control-Request-Method: GET
Origin: https://rewards-panel.goloot.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: authorization,gl-app-key-id,gl-fuid,gl-sid,lang
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://rewards-panel.goloot.io
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 28 Mar 2023 00:49:40 GMT
function-execution-id: r6e7dihaawuc
server: Google Frontend
vary: Origin, Access-Control-Request-Headers
x-cloud-trace-context: b74e9c1549c5350c760ac34615ce2680
x-powered-by: Express

GET
H3 200 progress Show response
us-central1-goloot-production.cloudfunctions.net/activities/ Frame DE57 423 B
296 B 316ms
315ms XHR
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-goloot-production.cloudfunctions.net/activities/progress
Requested by: Host: rewards-panel.goloot.io
URL: https://rewards-panel.goloot.io/bundle.e010e.esm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 16533f8d92a24a1aeab777b72563487c149a3dcaf7ef1260faeaffc96b84b19a

Request headers

gl-fuid: eeef316a-a8bf-4a01-a2b2-4d244cbf798a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk3OWVkMTU1OTdhYjM1Zjc4MjljZTc0NDMwN2I3OTNiN2ViZWIyZjAiLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9nb2xvb3QtcHJvZHVjdGlvbiIsImF1ZCI6ImdvbG9vdC1wcm9kdWN0aW9uIiwiYXV0aF90aW1lIjoxNjc4OTE1MjY3LCJ1c2VyX2lkIjoiTUcwTnlOVDdma1A4M2NUNTMwTHhKN2YxNDlxMiIsInN1YiI6Ik1HME55TlQ3ZmtQODNjVDUzMEx4SjdmMTQ5cTIiLCJpYXQiOjE2Nzk5NjQ1ODAsImV4cCI6MTY3OTk2ODE4MCwiZmlyZWJhc2UiOnsiaWRlbnRpdGllcyI6e30sInNpZ25faW5fcHJvdmlkZXIiOiJhbm9ueW1vdXMiLCJ0ZW5hbnQiOiJhcHA3MWE4NzRkOS01ZjlhLTRjMS1sZzh0biJ9fQ.CenWQXKwnL6g5eNzBNtsrfuk4pJL-3uVGbCLoSXxvOq2S435fmrkGjvHa4Oo7TTipkG9wCNaVgc-TCqLtycqoBw-Av7VM5q2DFOrrTqYOPPIB5XhN-Cgbhu9r9n2RiRxJSNBJBaOCg-nZC02bNGcLjUBY96BqkSD8gVP2ryn8S3NMv1UAkgoG2n0DzUNk9L7GV_HbXh-FKmzqcwIaNqRvTWCgglOF3yw_7a5LoZah9R_lRpGTs_lj9UMdCdqw2nptyYnUoGjE_vU7Jh49tEQzeZvn-j_qmd7UfSB0Yp24aPkXRzVhxFXs9U6HZtjnDlz7vNYvrZe2bRIAC4kdMermA
Accept: application/json, text/plain, */*
lang: en
Referer: https://rewards-panel.goloot.io/
gl-sid: 6e1d491d-bf31-4f1d-88a2-3d49f460f6c2
gl-app-key-id: sNrCm3XSqRUAOykeAAPekOEL1Hsmm1nV

Response headers

date: Tue, 28 Mar 2023 00:49:41 GMT
content-encoding: gzip
server: Google Frontend
x-powered-by: Express
etag: W/"1a7-1Di/GbKMrUOlI3AohWdntWGaVis"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rewards-panel.goloot.io
x-cloud-trace-context: c060064d0ed21a0913e84f788553d870
cache-control: private
function-execution-id: 2d60ir6i1pn1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275

OPTIONS
H3 204 log
us-central1-goloot-production.cloudfunctions.net/events/ Frame 0
0 142ms
142ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-goloot-production.cloudfunctions.net/events/log
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,gl-app-key-id,gl-fuid,gl-sid,lang
Access-Control-Request-Method: POST
Origin: https://rewards-panel.goloot.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,gl-app-key-id,gl-fuid,gl-sid,lang
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://rewards-panel.goloot.io
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 28 Mar 2023 00:49:40 GMT
function-execution-id: my6ttybz52ia
server: Google Frontend
vary: Origin, Access-Control-Request-Headers
x-cloud-trace-context: 882e7027e35f2b252fa17be4e72dfc71
x-powered-by: Express

POST
H3 200 log Show response
us-central1-goloot-production.cloudfunctions.net/events/ Frame DE57 0
15 B 353ms
353ms XHR
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-goloot-production.cloudfunctions.net/events/log
Requested by: Host: rewards-panel.goloot.io
URL: https://rewards-panel.goloot.io/bundle.e010e.esm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

gl-fuid: eeef316a-a8bf-4a01-a2b2-4d244cbf798a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk3OWVkMTU1OTdhYjM1Zjc4MjljZTc0NDMwN2I3OTNiN2ViZWIyZjAiLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9nb2xvb3QtcHJvZHVjdGlvbiIsImF1ZCI6ImdvbG9vdC1wcm9kdWN0aW9uIiwiYXV0aF90aW1lIjoxNjc4OTE1MjY3LCJ1c2VyX2lkIjoiTUcwTnlOVDdma1A4M2NUNTMwTHhKN2YxNDlxMiIsInN1YiI6Ik1HME55TlQ3ZmtQODNjVDUzMEx4SjdmMTQ5cTIiLCJpYXQiOjE2Nzk5NjQ1ODAsImV4cCI6MTY3OTk2ODE4MCwiZmlyZWJhc2UiOnsiaWRlbnRpdGllcyI6e30sInNpZ25faW5fcHJvdmlkZXIiOiJhbm9ueW1vdXMiLCJ0ZW5hbnQiOiJhcHA3MWE4NzRkOS01ZjlhLTRjMS1sZzh0biJ9fQ.CenWQXKwnL6g5eNzBNtsrfuk4pJL-3uVGbCLoSXxvOq2S435fmrkGjvHa4Oo7TTipkG9wCNaVgc-TCqLtycqoBw-Av7VM5q2DFOrrTqYOPPIB5XhN-Cgbhu9r9n2RiRxJSNBJBaOCg-nZC02bNGcLjUBY96BqkSD8gVP2ryn8S3NMv1UAkgoG2n0DzUNk9L7GV_HbXh-FKmzqcwIaNqRvTWCgglOF3yw_7a5LoZah9R_lRpGTs_lj9UMdCdqw2nptyYnUoGjE_vU7Jh49tEQzeZvn-j_qmd7UfSB0Yp24aPkXRzVhxFXs9U6HZtjnDlz7vNYvrZe2bRIAC4kdMermA
Content-Type: application/json
Accept: application/json, text/plain, */*
lang: en
Referer: https://rewards-panel.goloot.io/
gl-sid: 6e1d491d-bf31-4f1d-88a2-3d49f460f6c2
gl-app-key-id: sNrCm3XSqRUAOykeAAPekOEL1Hsmm1nV

Response headers

date: Tue, 28 Mar 2023 00:49:41 GMT
server: Google Frontend
x-powered-by: Express
vary: Origin
content-type: text/html
access-control-allow-origin: https://rewards-panel.goloot.io
x-cloud-trace-context: 68df0ac49915f39020f22b2a890fb742
function-execution-id: yg6h3sn1rnb2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023032301&jk=4448326198003187&bg=!-Pul-6_NAAbO2UOH7tk7ADkAdvg8WuKYD3y_rrneYkG-B5lXVCJGZ0R_LT3rfTkq7c-jHAn0ciO6wIKeKcGdPQ_X2ytlkiFj1SECAAAAXVIAAAAEaAEHmQK12NfHFycnNVqOpZ2fBa1cs_LtK2SSILqGmUEXev9sgMOIf3sxQjhzp9LU4AZkWtmd4cWfCKDODcqlgUkI75bwcncBiUCc54dJCUKGYtV8fkJLnVTdq0SpbWXLiZ0xe19a3VoYZxYJMJO5jDVEMEq9_LZVZf4xGnM51sGTOZXkeZmR5u0pkf_NCEcEIwE7XgPFJVHv5QiTChi0ef0qVMNDjy6l2K2QHf1zvareKIwsGS0PPTJ7NclmHsRib74eqE16pgXZ22cjwjFeY5qUNkWCTdH2rflzUfw8RndWFKJj5ZeGRjWDo4yPWMX9ogKJukF3zPHYq9RKiJ3HKJ1c3YWsJgkXzfIyFERRAwZKRtIuc52k1sf-OJOAFo1ypJzaGivrpBDJferAtM-8iC4B8PHdwircbcn3sZuiHSJipIP_XH3TEM9QsevOaJdHLi4HOGLhEcF85SIyHWi3Xrq89JKBN-rIUS5fGJTY-c4s-DYvHC_bRrW9bgH_yGEgEZwQ6e_eYzLQuJ6mzSYfhtvLHVPiVIk21YPOk6tg1mJmieARSoXouY0iX6KhIs3yF35Zi7NTsHko8Ryb-5aUCPewNxqpseLQZGZICF1vh9fw08s6tC0bwxf_6nD9sXRE5nS0AmP63e8QhskPYok3OW91oDo1loqi1v_J-jzXppKww3w5Mr-hmD_ztW3TfPlw_EFPCfK9ccPqdPJaB9GxVpvNWRR9W8UB6hAu5RTB7G4nuXnpoEVNxyKbB_csncKaxi_sNf2WPx04vWXN8IeofJ2TnIQaPJ2AciOeKeryvpZKDI03we7vehaxmq65InFe8j1KTOfUfHMgkndoeM3Dk2MindFcl3ziuBRMWX2oDHrnNq2jXW56UHU2HH9oU_Lnxn48u1aNSUVcyhSeKpqiOdPScS2UwWDgqKYk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 619C 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKXFeRvVHwOuLl9KG28Di6TK1lrGIh7pzomkv4IRKT3dbnu-kvSaOtVoE-Yl1BFswJmxK8MbrPoCFrd_Jqm2QoQdIUN6rytXGiGEpcGc7qZyIQd7Ve&sig=Cg0ArKJSzHrxdyYa4M8vEAE&id=lidar2&mcvt=1000&p=0,0,28,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230327&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=1106791960&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679964579671&rpt=248&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 00:49:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
o1121375.ingest.sentry.io/api/6157841/envelope/ Frame DE57 41 B
322 B 130ms
34ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1121375.ingest.sentry.io/api/6157841/envelope/?sentry_key=26d7dd35e0e14b10809e8ea0e9161f60&sentry_version=7&sentry_client=sentry.javascript.react%2F7.44.2

Requested by

Host: rewards-panel.goloot.io
URL: https://rewards-panel.goloot.io/bundle.e010e.esm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a3b2c7b86a025dae6179e5f30e50fb29ee4d064f91bd05af85792c8a774aebab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rewards-panel.goloot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Mar 2023 00:49:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://rewards-panel.goloot.io
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.sootoday.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 1731dac2d6ff064c9a5bde69317aa7c4ddf981bbc7c75c52506c583bd988fa88
.www.sootoday.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 1731dac2d6ff064c9a5bde69317aa7c4ddf981bbc7c75c52506c583bd988fa88
.sootoday.com/	1970-01-20 20:15:24	Name: _ga Value: GA1.2.286273264.1679964579
.sootoday.com/	1970-01-20 10:40:50	Name: _gid Value: GA1.2.2058672145.1679964579
.sootoday.com/	1970-01-20 10:39:24	Name: _gat_base Value: 1
.sootoday.com/	1970-01-20 10:39:24	Name: _gat_site Value: 1
www.sootoday.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: Wm8-FWM8Dwk9cV8mVl6s1Me7HwdHoC8ypyByeeDtlZNV-jOj5pBse15g5ChdA1L-vyjUbbVF7KNvSu2zBO5iV6o0m2gsCNmO1YidC58ni2Y1
.sootoday.com/	1970-01-20 20:01:00	Name: __gads Value: ID=6acfaeeeeba3cfb5:T=1679964579:S=ALNI_MaGRhVJMCW2fMDxQldta7a77APC0Q
.sootoday.com/	1970-01-20 20:01:00	Name: __gpi Value: UID=00000bcd675d6dc2:T=1679964579:RT=1679964579:S=ALNI_MbUoLws9Hlu9IX8Vr432DS9IKyeIQ
www.sootoday.com/	1970-01-20 19:25:00	Name: flipp-uid Value: bbaa08d9-a5af-438a-a805-bc05302e715b
.doubleclick.net/	1970-01-20 20:01:00	Name: IDE Value: AHWqTUmTXS9I-jQaX_Vml3CM3EbroLM_SX6xRrhL1IleXbD1AtGb0vT6QJT0fgaVg0M
.p.flipp.com/	1970-01-20 20:15:24	Name: gid Value: "duS8YwADy8zgq12mBZ0/Ag=="

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.sootoday.com/classifieds/announcements/birth-notices/1654364 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c0abe162d2333123d27eaced047906d4.safeframe.googlesyndication.com
cdn-gateflipp.flippback.com
fonts.googleapis.com
fonts.gstatic.com
l.getsitecontrol.com
o1121375.ingest.sentry.io
p.flipp.com
pagead2.googlesyndication.com
rewards-panel.goloot.io
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
us-central1-goloot-production.cloudfunctions.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.sootoday.com
www.vmcdn.ca
13.32.121.37
13.32.99.107
18.66.112.105
18.66.97.113
199.36.158.100
20.49.104.7
2001:4860:4802:36::36
2400:52e0:1e00::1080:1
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9b
34.120.195.249
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0ce076ae19148e32187f00896b5e6d867ac786abd465b7dc885d9e79ae4f837f
16533f8d92a24a1aeab777b72563487c149a3dcaf7ef1260faeaffc96b84b19a
177b0027729899fb2d8d788f4159bd055f79ffd5b53a340b6e586013e8864740
1b90338c3d9757268350fe08778eb434eb692dd9042ac1b29845e3270d45439f
1fa8277373598ddb32619a561943ccc5c52d13268601982d8c54f9f150eda5e7
211b508f51e67897ed88fa49901e1ccbe5e1ddacdc43a391f699f757ce1c0a9c
22f7bab594502107c5728631417f58f808486e2b0331451aa0190e2db182a4f8
2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3
250445cee36bc1271562f6dde727f77f878dd6b044edbca8636fb6370a9ff9aa
254fd27c36e073f89ef5961a63316c877148fa78dbf20e612fb3fc1dbc3af906
2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
36ab0d4d9fe092d42d756dbc0afe941434f0561609a43ef22c0b3ed7fa060007
37aed26341630ce7c80f742f5a2ace1e635c5be810bf17359996ec66faea461f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4bbada45fd68ad952c7630330f2a543b374aa0dff02b612ed8637b09b6cef8ae
4c57573ce4b4e034901b93fc96f3917a2172040784b213ad625aabc206771164
536a79998ece303a986338ed56d14747c10f874f2c9839a059bacd5ec0bdee46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571dc891d9cb4f17873cb7fcf0a1d519f46d44a8cbf70d4ce8db722c763754f1
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5df8bb05fa599e886d8966a515c44f2c8baaf09c54c5be5281a78f701d649ac1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639a60478f71af27f34303dd5c7f977042251b270d6987f8b0dc53ba048f4ed0
7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915
785d653df2645599aae40b2bdb678026626afaa365b1fd2819d45d956fab8983
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
889b943c2d2ffed0642b5d96d847afd71914e0045ed5ecbf7afd77a677c35e5f
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
9117f6e0aa1c8fa75d5068c2e78a4836b008437a243db829ddb5ce2100a72dd4
988f7a89835c559129c4f2370a0556eafb39765e7de90edfa39aed91282b453e
995ccde674cb9a0fd8b4dcc9c252cd1ab542f6bbe5de6ab687cd1637241e9b14
a3b2c7b86a025dae6179e5f30e50fb29ee4d064f91bd05af85792c8a774aebab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d
abe829dce759901b47a0db1a0f63bea041f8f950d4dc9c59e39a60e07cbc99b4
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b9a6c2e6fba4482497deb6720c01f6562ddd4d4807a6b38c8fafe739cf402e0b
bb83e6c7cf4aa041bcc51c81777e0e24484164c096c675bc0c8728f507eb943f
bd1fd9ec6f84a26e819821cb2a75d0e6938f9964fede2d57750976f09ec68432
c92203d4e304595dc5dbbcb4ff45d4a74df39b7d772c73cae652f767fcd24d3e
d4626a22c2af8c95f8143af91c42fac2242da36ef36139912f72c2d85d373482
d8171ea8dfb3d5813d7f23e93de0d2b4b7586b1760dbb7261a36897f7f8358ec
dba6ea9ecb296ddd7d0c150a586fe6949b8f79fc8026db799723690ac9aa36bf
e1c3aa23ef96641d075d3937e80d2635e1cee85ba99d230238c65ed1a8886cb0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d2acacecdbed586794652660faf9f06b5dcea0dba6341d0321d826e8e59b9e

www.sootoday.com Open in urlscan Pro 20.49.104.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

97 %HTTPS

68 %IPv6

17 Domains

22 Subdomains

23 IPs

4 Countries

743 kBTransfer

2032 kBSize

12 Cookies

37 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.sootoday.com Open in urlscan Pro
20.49.104.7 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

97 %
HTTPS

68 %
IPv6

17
Domains

22
Subdomains

23
IPs

4
Countries

743 kB
Transfer

2032 kB
Size

12
Cookies

70 HTTP transactions
2 data transactions