rinehartfarm.com Open in urlscan Pro
213.226.126.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rinehartfarm.com/
Effective URL:
https://rinehartfarm.com/
Submission: On March 17 via api (March 17th 2023, 3:31:35 pm UTC) from PL — Scanned from PL

Summary HTTP 340 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 42 IPs in 4 countries across 32 domains to perform 340 HTTP transactions. The main IP is 213.226.126.234, located in St Petersburg, Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is rinehartfarm.com.
TLS certificate: Issued by R3 on February 27th 2023. Valid for: 3 months.

This is the only time rinehartfarm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 55	213.226.126.234 213.226.126.234	9123 (TIMEWEB-AS) (TIMEWEB-AS)
31	87.248.119.251 87.248.119.251	34010 (YAHOO-IRD) (YAHOO-IRD)
8	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
1	87.248.100.208 87.248.100.208	34010 (YAHOO-IRD) (YAHOO-IRD)
15	87.248.119.252 87.248.119.252	203220 (YAHOO-DEB) (YAHOO-DEB)
1	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
10	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
6	152.199.21.65 152.199.21.65	15133 (EDGECAST) (EDGECAST)
12	192.229.221.24 192.229.221.24	15133 (EDGECAST) (EDGECAST)
2	87.248.100.216 87.248.100.216	34010 (YAHOO-IRD) (YAHOO-IRD)
15	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
6	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
6	54.154.227.195 54.154.227.195	16509 (AMAZON-02) (AMAZON-02)
14	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
4 16	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
23	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
5	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
27	142.250.186.33 142.250.186.33	() ()
15	142.250.186.129 142.250.186.129	() ()
2	142.250.184.202 142.250.184.202	() ()
2	142.250.186.35 142.250.186.35	() ()
3 7	142.250.185.228 142.250.185.228	() ()
5	142.250.184.194 142.250.184.194	() ()
2	108.138.17.95 108.138.17.95	() ()
2	52.222.213.56 52.222.213.56	() ()
2	35.157.25.58 35.157.25.58	() ()
2 6	141.94.240.141 141.94.240.141	() ()
2	23.35.236.201 23.35.236.201	() ()
2	185.64.189.221 185.64.189.221	() ()
3 3	141.94.170.64 141.94.170.64	() ()
1 2	172.67.13.182 172.67.13.182	() ()
1	18.184.216.10 18.184.216.10	() ()
1	142.250.185.130 142.250.185.130	() ()
3 5	185.80.39.216 185.80.39.216	() ()
2 3	185.89.211.12 185.89.211.12	() ()
2	65.109.114.33 65.109.114.33	() ()
1 1	35.204.158.49 35.204.158.49	() ()
1 1	52.208.110.188 52.208.110.188	() ()
1 1	13.32.27.67 13.32.27.67	() ()
1 1	124.146.215.45 124.146.215.45	() ()
1 1	3.71.149.231 3.71.149.231	() ()
1	18.193.246.45 18.193.246.45	() ()
2 2	70.42.32.191 70.42.32.191	() ()
11	192.229.233.6 192.229.233.6	() ()
2	162.55.246.95 162.55.246.95	() ()
1 2	172.217.16.198 172.217.16.198	() ()
1	152.199.23.180 152.199.23.180	() ()
340	42

55 213.226.126.234 (St Petersburg, Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: vds-cb47696.timeweb.ru

rinehartfarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 87.248.119.251 (Meath, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edge-mcdn.secure.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

udc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3p-geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.100.208 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-ui71.prod.media.vip.ir2.yahoo.com

embed.fireplace.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 87.248.119.252 (Meath, Ireland)

ASN203220 (YAHOO-DEB, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com

5.ras.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
openweb.jac.yahoosandbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

web-oao.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-central-1-web-oao.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.199.21.65 (United States)

ASN15133 (EDGECAST, US)

aka-cdn.adtechus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.221.24 (United States)

ASN15133 (EDGECAST, US)

o.aolcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.216 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-fp74.prod.media.vip.ir2.yahoo.com

www.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

service.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.154.227.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-227-195.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

apx.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.18.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

d4a014d216dd95ba6d2867676257a334.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
969d3c5ffe7672690c93caa2f13106b7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
39825f9fb93011878253fdb8ed70b896.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.186.33 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.129 (None, )

ASN- ()

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.202 (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.228 (None, ) 3 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.194 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.17.95 (None, )

ASN- ()

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.213.56 (None, )

ASN- ()

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.25.58 (None, )

ASN- ()

prod-m-node-3111.ssp.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.94.240.141 (None, ) 2 redirects

ASN- ()

adserver-eu.dsp.onprospects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.onprospects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.221 (None, )

ASN- ()

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.170.64 (None, ) 3 redirects

ASN- ()

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.13.182 (None, ) 1 redirects

ASN- ()

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.216.10 (None, )

ASN- ()

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (None, ) 3 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.12 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.109.114.33 (None, )

ASN- ()

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.110.188 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.67 (None, ) 1 redirects

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.45 (None, ) 1 redirects

ASN- ()

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (None, ) 1 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.246.45 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.191 (None, ) 2 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.229.233.6 (None, )

ASN- ()

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.246.95 (None, )

ASN- ()

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (None, ) 1 redirects

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.180 (None, )

ASN- ()

opus.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 d4a014d216dd95ba6d2867676257a334.safeframe.googlesyndication.com 969d3c5ffe7672690c93caa2f13106b7.safeframe.googlesyndication.com 39825f9fb93011878253fdb8ed70b896.safeframe.googlesyndication.com tpc.googlesyndication.com 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com	366 KB
55	rinehartfarm.com 1 redirects rinehartfarm.com	2 MB
45	yahoo.com query2.finance.yahoo.com Failed udc.yahoo.com — Cisco Umbrella Rank: 2768 guce.yahoo.com Failed query1.finance.yahoo.com Failed embed.fireplace.yahoo.com — Cisco Umbrella Rank: 30317 5.ras.yahoo.com — Cisco Umbrella Rank: 3653 edge-mcdn.secure.yahoo.com — Cisco Umbrella Rank: 5474 3p-geo.yahoo.com — Cisco Umbrella Rank: 6218 web-oao.ssp.yahoo.com — Cisco Umbrella Rank: 4745 www.yahoo.com — Cisco Umbrella Rank: 1487 service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 909 eu-central-1-web-oao.ssp.yahoo.com — Cisco Umbrella Rank: 28097 geo.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com opus.analytics.yahoo.com	30 KB
34	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	706 KB
24	yimg.com s.yimg.com — Cisco Umbrella Rank: 438	508 KB
20	moatads.com geo.moatads.com — Cisco Umbrella Rank: 724 apx.moatads.com — Cisco Umbrella Rank: 6270	5 KB
15	revjet.com ads.revjet.com cdn.revjet.com pix.revjet.com	263 KB
15	ampproject.org cdn.ampproject.org	327 KB
12	aolcdn.com o.aolcdn.com — Cisco Umbrella Rank: 3999	13 KB
11	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com	4 KB
6	onprospects.com 2 redirects adserver-eu.dsp.onprospects.com pixel-eu.onprospects.com	30 KB
6	js7k.com cdn.js7k.com — Cisco Umbrella Rank: 850	97 KB
6	adtechus.com aka-cdn.adtechus.com — Cisco Umbrella Rank: 8847	639 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
4	pubmatic.com ads.pubmatic.com st.pubmatic.com	28 KB
4	geoedge.be rumcdn.geoedge.be gw.geoedge.be	187 KB
4	google.pl adservice.google.pl — Cisco Umbrella Rank: 31607	1 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	onaudience.com 3 redirects pixel-eu.onaudience.com	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	838 B
2	advertising.com prod-m-node-3111.ssp.advertising.com	473 B
2	gstatic.com fonts.gstatic.com	72 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	sharethrough.com match.sharethrough.com	35 B
1	socdm.com 1 redirects tg.socdm.com	1021 B
1	smaato.net 1 redirects s.ad.smaato.net	442 B
1	simpli.fi 1 redirects um.simpli.fi	713 B
1	googletagservices.com www.googletagservices.com	49 KB
1	eyeota.net ps.eyeota.net	344 B
1	yahoosandbox.com openweb.jac.yahoosandbox.com — Cisco Umbrella Rank: 11613	39 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 153	265 B
340	32

	Domain	Requested by
55	rinehartfarm.com	1 redirects rinehartfarm.com
27	tpc.googlesyndication.com	securepubads.g.doubleclick.net s.yimg.com tpc.googlesyndication.com cdn.ampproject.org 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com rinehartfarm.com googleads.g.doubleclick.net
24	s.yimg.com	rinehartfarm.com s.yimg.com rumcdn.geoedge.be
23	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com rinehartfarm.com 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
15	cdn.ampproject.org	securepubads.g.doubleclick.net
15	securepubads.g.doubleclick.net	web-oao.ssp.yahoo.com securepubads.g.doubleclick.net s.yimg.com
14	apx.moatads.com	s.yimg.com rinehartfarm.com
14	5.ras.yahoo.com	rinehartfarm.com
12	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
12	o.aolcdn.com	rinehartfarm.com
11	cdn.revjet.com	ads.revjet.com srcdoc
7	www.google.com	3 redirects tpc.googlesyndication.com
6	geo.moatads.com	aka-cdn.adtechus.com rumcdn.geoedge.be
6	cdn.js7k.com	web-oao.ssp.yahoo.com rumcdn.geoedge.be
6	service.idsync.analytics.yahoo.com	web-oao.ssp.yahoo.com rumcdn.geoedge.be
6	aka-cdn.adtechus.com	rinehartfarm.com
6	web-oao.ssp.yahoo.com	rinehartfarm.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	s.yimg.com rinehartfarm.com 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	adserver-eu.dsp.onprospects.com	rumcdn.geoedge.be adserver-eu.dsp.onprospects.com
4	geo.yahoo.com	rinehartfarm.com
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.pl	securepubads.g.doubleclick.net
4	eu-central-1-web-oao.ssp.yahoo.com	web-oao.ssp.yahoo.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	pixel-eu.onaudience.com	3 redirects
3	3p-geo.yahoo.com	rinehartfarm.com
2	ad.doubleclick.net	1 redirects srcdoc
2	pix.revjet.com	srcdoc
2	b1sync.zemanta.com	2 redirects
2	ads.revjet.com	635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com ads.revjet.com
2	635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	pixel-eu.onprospects.com	2 redirects
2	st.pubmatic.com	rumcdn.geoedge.be
2	ads.pubmatic.com	rumcdn.geoedge.be
2	prod-m-node-3111.ssp.advertising.com	rinehartfarm.com
2	gw.geoedge.be	rumcdn.geoedge.be
2	rumcdn.geoedge.be	rinehartfarm.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	www.yahoo.com	rinehartfarm.com
1	opus.analytics.yahoo.com	openweb.jac.yahoosandbox.com
1	match.sharethrough.com	635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
1	ups.analytics.yahoo.com	1 redirects
1	tg.socdm.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	www.googletagservices.com	635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
1	ps.eyeota.net	adserver-eu.dsp.onprospects.com
1	mwzeom.zeotap.com	adserver-eu.dsp.onprospects.com
1	spl.zeotap.com	1 redirects
1	39825f9fb93011878253fdb8ed70b896.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	969d3c5ffe7672690c93caa2f13106b7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	d4a014d216dd95ba6d2867676257a334.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	openweb.jac.yahoosandbox.com	rinehartfarm.com
1	edge-mcdn.secure.yahoo.com	rinehartfarm.com
1	sb.scorecardresearch.com	rinehartfarm.com
1	embed.fireplace.yahoo.com	rinehartfarm.com
1	udc.yahoo.com	rinehartfarm.com
0	query1.finance.yahoo.com Failed	s.yimg.com rinehartfarm.com
0	guce.yahoo.com Failed	rinehartfarm.com
0	query2.finance.yahoo.com Failed	rinehartfarm.com
340	63

This site contains links to these domains. Also see Links.

Domain
www.coindesk.com
www.facebook.com
twitter.com
ir.btc.com
www.prnewswire.com
finance.yahoo.com

Subject Issuer	Validity	Valid
rinehartfarm.com R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-04-19`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-06` - `2023-05-31`	6 months	crt.sh
yho.com DigiCert SHA2 High Assurance Server CA	`2023-01-17` - `2023-07-12`	6 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-04-19`	2 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
jp.techcrunch.com DigiCert SHA2 High Assurance Server CA	`2023-01-19` - `2023-04-19`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
aka-cdn.adtechus.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-27` - `2023-06-02`	a year	crt.sh
o.aolcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-26` - `2023-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.google.pl GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-02-21` - `2023-10-10`	8 months	crt.sh
ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-22` - `2023-05-24`	3 months	crt.sh
*.dsp.onprospects.com SSL.com RSA SSL subCA	`2022-08-22` - `2023-08-22`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-11`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
opus.analytics.yahoo.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-26` - `2023-06-26`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://rinehartfarm.com/
Frame ID: EAA5A1D8F3D34A444AF4F44E846225CF
Requests: 112 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-csc.html
Frame ID: AB8D74AA30D3A5F962F4593F490986F6
Requests: 1 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: 7F0D5316A9C2E7164B816491B759F727
Requests: 19 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: EC3BD5B1F9820B7F2AB58545D19878A8
Requests: 24 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: F5B478CE0B595528146EC654DE5B4C8D
Requests: 19 HTTP requests in this frame

Frame: https://d4a014d216dd95ba6d2867676257a334.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3DA746F7DFDC60FCC9E8DA99016328A2
Requests: 1 HTTP requests in this frame

Frame: https://969d3c5ffe7672690c93caa2f13106b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 12AA2F744B2D634F80BF55BEB68C2461
Requests: 1 HTTP requests in this frame

Frame: https://39825f9fb93011878253fdb8ed70b896.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D289C16747912CED25D8BC5F1B874C19
Requests: 1 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: 324D63725895FDA9B3B19947C70718F5
Requests: 20 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: A425311BB269D73F0F5FF7BE5385F5C3
Requests: 15 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: 512A77E58F0C3E52CF995E21CD773435
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs
Frame ID: 585C6FA8754B0740B1373EC656D7A55D
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs
Frame ID: 545F42FAD5F050797C8D86E884DE2BA2
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs
Frame ID: C21F9A82B16BA50FDED56CF3A827F896
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5D09250DAF10D3C4A388243531DEC42
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FD7B807AB055E0FF299D53BE045CE4A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C515744C230E8668DF7FEC83E3BA04DC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8BB71FE0B77B8A351796CE65BEE3642
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC4C7339805893F19E69E90924926265
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F9AE5053403FD0760ECF37CA2D8C5E1
Requests: 1 HTTP requests in this frame

Frame: https://adserver-eu.dsp.onprospects.com/data/c/html/28e51844-ef5b-4080-96e4-487cd7745866.html?rg=eu&s=pubmatic-cortb-bidder-eu&b_i=BB594B9A-2F24-4C2E-AF46-A54AFB38BAF8_1&b_p=0.37
Frame ID: 03773EBA8D74C7748CF0FA4961B7389D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 72CF530858C8A4AC412CF66BA59142DB
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=162347&siteId=991256&adId=4672379&imprId=6E5C8D7F-BB21-42CE-A428-814E3844E39C&cksum=6D76C7B370E3AA39&adType=10&adServerId=243&kefact=0.259000&kaxefact=0.259000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1679067089&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.370000&dcId=3&tldId=0&passback=0&svr=BID23232&adsver=_3167765704&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=0YcUZAqzAADvW7sU9PiHXu4muFDH_VwGClEM5rH-cbqI_3tq&ekaxefact=0YcUZBSzAAC5MFNstCPp-BP2w5_QEwmsx778WWbDEx0hu0kC&ekpbmtpfact=0YcUZByzAACNkCO7atSt8xyKDxdhFrU2eGatxDpZlyflR9eK&enpp=0YcUZCSzAACKCwSoxHCWdjHX1GbydBqJcr-mwm-0Q0bVAVy5&pfi=1&domId=12164250932016601703&dc=lhr19&crID=1169eu&lpu=cloudtechnologies.pl&ucrid=8016777352668248110&campaignId=22966&creativeId=0&pctr=0.000000&wDSPByrId=ct&wDspId=409&wbId=0&wrId=0&wAdvID=400561&isRTB=1&rtbId=BB594B9A-2F24-4C2E-AF46-A54AFB38BAF8&ver=6&dateHr=2023031715&oid=6E5C8D7F-BB21-42CE-A428-814E3844E39C&cntryId=180&sec=1&pAuSt=2&wops=0&sURL=finance.yahoo.com&BrID=5&oiabdvt=2
Frame ID: CAAA04595ECB5133B7E59920ABDF8A1F
Requests: 1 HTTP requests in this frame

Frame: https://adserver-eu.dsp.onprospects.com/data/c/html/28e51844-ef5b-4080-96e4-487cd7745866.html?rg=eu&s=pubmatic-cortb-bidder-eu&b_i=E9592211-4840-48C6-B2EA-0B9611141588_1&b_p=0.39
Frame ID: 19F795D2E3C0A3D132050A7AC01DB2D2
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9C2E370D431678C467A3B02946FAD264
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=162347&siteId=991256&adId=4672379&imprId=7F61277A-0BA6-4285-BE79-CFAE0F0A6AFC&cksum=48C222267EA0541B&adType=10&adServerId=243&kefact=0.273000&kaxefact=0.273000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1679067089&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.390000&dcId=3&tldId=0&passback=0&svr=BID22454U&adsver=_3167765704&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=0YcUZPvpAQBU6jw3bzfFy7LSQ9SdMREDOhOgCYghDc3ndWya&ekaxefact=0YcUZAbqAQDEGoFOH6iF1S4roy_VEFElL6u29DdFktWdEfjB&ekpbmtpfact=0YcUZA_qAQDLJUyWoFSso6Dizwv4q1IKmOOaiJ0RTwaHrwrV&enpp=0YcUZBnqAQAxZuw-yX-muxRtVNWEjmv4Tv1y5N1U0lxj2Hjd&pfi=1&domId=12164250932016601703&dc=AMS&crID=1169eu&lpu=cloudtechnologies.pl&ucrid=8016777352668248110&campaignId=22966&creativeId=0&pctr=0.000000&wDSPByrId=ct&wDspId=409&wbId=0&wrId=0&wAdvID=400561&isRTB=1&rtbId=E9592211-4840-48C6-B2EA-0B9611141588&ver=9&dateHr=2023031715&oid=7F61277A-0BA6-4285-BE79-CFAE0F0A6AFC&cntryId=180&sec=1&pAuSt=2&wops=0&sURL=finance.yahoo.com&BrID=5&oiabdvt=2
Frame ID: BEC5101D3C85CEAD093DEEB90B143C1D
Requests: 1 HTTP requests in this frame

Frame: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DDAA4D2B603C10529B0297C20B862238
Requests: 1 HTTP requests in this frame

Frame: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FA0E8A3866A6D2C9BC70BADFDBAC08E1
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLjm3OMBMAE&v=APEucNXAIN7E2SYO_mz0u3XVTAKF8p9S6QBRWtsfjrsLzsWIWTcP8iN87qwRrXVz7olLPn0kFl4te-cUqf2oaCNVp56_Qh_qpt82T-_rLyoefyIG2SKrIOA
Frame ID: F8EF82C1A2E55CE4B3C053F07DFC8CDA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F61ECBEB2CE8642FE416D7AA872AE7BB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E7334B1A99B297EBEFAFF88D48C31FBA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD961A97FD296AF659B1F39C711C8DBC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A03CCAC26ECE00CF376303BF69C04003
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
Frame ID: E19780C9DFC79A7493A4433E432FB002
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: 0C6F837F84BC490C9F009F8DC0CA8592
Requests: 12 HTTP requests in this frame

Frame: https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=
Frame ID: 4BA1B6ADDF9C9EC1629E987AC2D1A1B7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chinese Bitcoin Mining Company Delivers First Machines to Kazakhstan

Page URL History Show full URLs

http://rinehartfarm.com/ HTTP 301
https://rinehartfarm.com/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Lightbox (JavaScript Libraries) Expand

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

340
Requests

89 %
HTTPS

0 %
IPv6

32
Domains

63
Subdomains

42
IPs

4
Countries

5000 kB
Transfer

15193 kB
Size

5
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.coindesk.com/
Title: CoinDesk

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=458584288257241&link=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%3Fsoc_src%3Dsocial-sh%26soc_trk%3Dfb%26tsrc%3Dfb

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Chinese%20Bitcoin%20Mining%20Company%20Delivers%20First%20Machines%20to%20Kazakhstan&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%3Fsoc_src%3Dsocial-sh%26soc_trk%3Dtw%26tsrc%3Dtwtr&via=YahooFinance

Search URL Search Domain Scan URL

URL: https://ir.btc.com/2021-06-21-BIT-Mining-Successfully-Delivers-Mining-Machines-to-Kazakhstan
Title: said

Search URL Search Domain Scan URL

URL: https://www.prnewswire.com/news-releases/bit-mining-limited-to-invest-in-cryptocurrency-mining-in-kazakhstan-301297680.html
Title: move

Search URL Search Domain Scan URL

URL: https://www.coindesk.com/wp-admin/post.php?post=637593&action=edit
Title: invested

Search URL Search Domain Scan URL

URL: https://www.coindesk.com/bitcoin-unpacking-hashrate-nic-cart-migration
Title: Go West, Bitcoin! Unpacking the Great Hashrate Migration

Search URL Search Domain Scan URL

URL: https://www.coindesk.com/market-wrap-bitcoin-slides-ether-below-2k-china-reiterates-crypto-ban
Title: Market Wrap: Bitcoin Slides to Two-Week Low, Ether to Below $2K as China Reiterates Crypto Ban

Search URL Search Domain Scan URL

URL: https://www.coindesk.com/podcasts/coindesk-podcast-network/de-chinafication-bitcoin-ban
Title: The De-Chinafication of Bitcoin

Search URL Search Domain Scan URL

URL: https://www.coindesk.com/chinese-logistics-firm-airlifting-bitcoin-mining-machines-to-maryland-report
Title: Chinese Logistics Firm Airlifting Bitcoin Mining Machines to Maryland: Report

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/china-committee-debuts-eye-major-052045820.html
Title: New China committee debuts with eye on major policy shifts

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/supreme-court-weighs-biden-student-051041624.html
Title: Supreme Court weighs Biden student loan plan worth billions

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/volkswagen-china-chief-visits-xinjiang-050336782.html
Title: Volkswagen China chief visits Xinjiang plant, sees no sign of forced labour

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/19-billion-derivative-bond-trade-010547766.html
Title: A $19 Billion Derivative Bond Trade in India Will Unwind With Modi’s New Tax

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/ex-kremlins-adviser-soviet-era-045153368.html
Title: Ex-Kremlin's adviser, Soviet-era dissident Pavlovsky dies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rinehartfarm.com/ HTTP 301
https://rinehartfarm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 228

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 229

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 233

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 263

https://pixel-eu.onprospects.com/?attribute=137105152&type=STRING&value=1169&b_i=BB594B9A-2F24-4C2E-AF46-A54AFB38BAF8_1&b_a=imp&b_s=pubmatic-cortb-bidder-eu&b_p=0.37 HTTP 301
https://pixel-eu.onaudience.com/?attribute=137105152&type=STRING&value=1169&b_i=BB594B9A-2F24-4C2E-AF46-A54AFB38BAF8_1&b_a=imp&b_s=pubmatic-cortb-bidder-eu&b_p=0.37&onp HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=32d1cdf238b15153 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0cb42c1f-def1-4f5b-7d74-e43ff9c7886d&reqId=2ba234c5-8293-4336-42a1-232ff74cd4c9&zcluid=32d1cdf238b15153&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEI7OWTz-2lb28MWK1VlgF9g&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0cb42c1f-def1-4f5b-7d74-e43ff9c7886d&reqId=2ba234c5-8293-4336-42a1-232ff74cd4c9&zcluid=32d1cdf238b15153&zdid=1332

Request Chain 267

https://pixel-eu.onprospects.com/?attribute=137105152&type=STRING&value=1169&b_i=E9592211-4840-48C6-B2EA-0B9611141588_1&b_a=imp&b_s=pubmatic-cortb-bidder-eu&b_p=0.39 HTTP 301
https://pixel-eu.onaudience.com/?attribute=137105152&type=STRING&value=1169&b_i=E9592211-4840-48C6-B2EA-0B9611141588_1&b_a=imp&b_s=pubmatic-cortb-bidder-eu&b_p=0.39&onp HTTP 302
https://pixel-eu.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=10d2bcfb5e87f870

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBerf7q4nHJEFoT4juBE9Ko&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBerf7q4nHJEFoT4juBE9Ko&google_cver=1&gdpr=0&C=1

Request Chain 295

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBSH0.Skfvy-K5F6LjIbdQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBerf7q4nHJEFoT4juBE9Ko&google_cver=1&gdpr=0&google_hm=2

Request Chain 296

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEOg_hLpoQcUML_LDixShgcw&google_cver=1

Request Chain 297

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwODY3MzI3Njg2MzYxNzAzNA%3D%3D

Request Chain 313

https://um.simpli.fi/gp_match?google_gid=CAESECMqfcxmQ0jr4aJ10uPy3x8&google_cver=1&google_push=Aa02lx90fnDnDftD6O-4m684cKJ7XMWaVpxXrSzPYuTg3aVIXM0FjVKCt_uXuKzdibf0jNgi8GVWWsJddMNP02r1NAxAj5GUunw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0E7C658CD9754D2CADFFE73B1BA11C4F&google_push=Aa02lx90fnDnDftD6O-4m684cKJ7XMWaVpxXrSzPYuTg3aVIXM0FjVKCt_uXuKzdibf0jNgi8GVWWsJddMNP02r1NAxAj5GUunw

Request Chain 314

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF_XRULYuBUoPBAwBVl1fvA&google_cver=1&google_push=Aa02lx8NQaMNhaXxWaHT1p0fwD2YzxIitI_47EziXnZDjuY-WReaDNNATiXnO92HrNRjJ5uSciP9zWzuZ1BQ16FyHkDhDJjteT8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8NQaMNhaXxWaHT1p0fwD2YzxIitI_47EziXnZDjuY-WReaDNNATiXnO92HrNRjJ5uSciP9zWzuZ1BQ16FyHkDhDJjteT8&google_hm=eS1PQm1xMFoxRTJwRmJTbW5PV09TOGtHQ1hBeGNmVkd4Sn5B

Request Chain 315

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBHeWxKHc0E86jWdzygsEO0&google_cver=1&google_push=Aa02lx8WUDtQIAKUPQakjBhLYIq_By8f4X9_kmSRVKNfXQcFxA4ZmZLuKTexmL1cSVJSth5ztXEyVK-E1H4iJlk5s-bQWas0aFk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8WUDtQIAKUPQakjBhLYIq_By8f4X9_kmSRVKNfXQcFxA4ZmZLuKTexmL1cSVJSth5ztXEyVK-E1H4iJlk5s-bQWas0aFk

Request Chain 316

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEGH8CdodbtURjg0QamaNoSE&google_cver=1&google_push=Aa02lx8iE6yHMbIiTcNL0liNJSXnzRi4ludrEUvrSQ58v-PYJht36EruFQJ_NLSRJBtKE3fwpoBuZwZ0e8Y7cA6jrDHH3RMI-rI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx8iE6yHMbIiTcNL0liNJSXnzRi4ludrEUvrSQ58v-PYJht36EruFQJ_NLSRJBtKE3fwpoBuZwZ0e8Y7cA6jrDHH3RMI-rI&google_hm=WkJTSDFjQ284WVFBQU1oSEppZ0FBQUFB

Request Chain 317

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZufvNZoWddeAyTIESLDZ4&google_cver=1&google_push=Aa02lx9XKTgXY0i8jUFXbbg1t8p2qIBGDmEIUh89JE4KQhnIsQ8w_XWgqdaDRxio9OJVAcB7x_aEgfdO-8opBp0Q3qwiwmw4-B80 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VN1MzQWpCRTJ1RlIuaGpwZTJMcWdqYm9aVEEwTEd6Zn5B&google_push=Aa02lx9XKTgXY0i8jUFXbbg1t8p2qIBGDmEIUh89JE4KQhnIsQ8w_XWgqdaDRxio9OJVAcB7x_aEgfdO-8opBp0Q3qwiwmw4-B80

Request Chain 319

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEOUgkm3knW5WuGtGNABxr1Y&google_cver=1&google_push=Aa02lx-GO-cGHBL6to7RKRnCy-e2PwuGtGMYm74xEHrYhwakdX-64io8kxSzbwXWwn7IWwxYb6_KQ8u1oszmGDi-o9IrmFmAZpWU HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEOUgkm3knW5WuGtGNABxr1Y&google_push=Aa02lx-GO-cGHBL6to7RKRnCy-e2PwuGtGMYm74xEHrYhwakdX-64io8kxSzbwXWwn7IWwxYb6_KQ8u1oszmGDi-o9IrmFmAZpWU&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx-GO-cGHBL6to7RKRnCy-e2PwuGtGMYm74xEHrYhwakdX-64io8kxSzbwXWwn7IWwxYb6_KQ8u1oszmGDi-o9IrmFmAZpWU&google_hm=T01JbFVNOGRudXREWVdBSTBxQ0s=

Request Chain 336

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067092942 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_pre=CPaPmq2k4_0CFSD-uwgd2J0Bbw;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067092942

340 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
rinehartfarm.com/
Redirect Chain

http://rinehartfarm.com/
https://rinehartfarm.com/

640 KB
120 KB

284ms
175ms

Document
text/html

213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 8aeac920ec9dbdec2102d5790c0c97031685bae8f252caed19125ae08cad9a0d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Mar 2023 15:31:22 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Mar 2023 15:31:22 GMT
Expires: 0
Location: https://rinehartfarm.com/
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK 8368c9215f9423b15b43e2840f6356fb
rinehartfarm.com/lander/vayt-masha-28.02-6/img/ 360 KB
360 KB 371ms
153ms Image
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/img/8368c9215f9423b15b43e2840f6356fb
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:23 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK YahooSans-VF-Web.woff2
rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/ 64 KB
64 KB 284ms
107ms Font
font/woff2 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/YahooSans-VF-Web.woff2
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c77ac0aa1aa3c9715cacb1fc76feaf226e30927a9636e5c75c4dfeb75c0f8f98

Request headers

Referer: https://rinehartfarm.com/
Origin: https://rinehartfarm.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-fe98"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65176
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H2 200 YahooSansCond-XBold.woff2
s.yimg.com/cv/apiv2/fonts/2019/ 12 KB
12 KB 152ms
52ms Font
font/woff2 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/fonts/2019/YahooSansCond-XBold.woff2

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

a20c6fca1545a35f9ecd601cc41f9df7b24f55cfced32d55abe50b46b5842a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rinehartfarm.com/
Origin: https://rinehartfarm.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 16:40:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ZZ2WYQJC9GAVXBX3
age: 82268
x-amz-server-side-encryption: AES256
content-length: 12064
x-amz-id-2: 2/5xJb38x+Sipzn2LYRG56HeI81g10BRivajSC4vIZRpBaWhQrS/p5lD6f/UQsQR2+pLVGvhUHA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Sep 2019 19:59:06 GMT
server: ATS
etag: "6f15483a73d1b9823661757777f54b18"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H/1.1 200
OK fusion.atomic.b6ce8976b99c528880199405b20d4522.css
rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 69 KB
17 KB 209ms
104ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/css/fusion.atomic.b6ce8976b99c528880199405b20d4522.css
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 8845be6e7a95e3a872fbe0c447d743096b3adf8ee1b6f0d59bcdbdec18aeea36

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1140a"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:22 GMT

GET
H/1.1 200
OK bundle.c60a6d54.css
rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 4 KB
2 KB 161ms
56ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/css/bundle.c60a6d54.css
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: dfdfd45ff45df936750142130afa1fd5781410a300088470c0b54849e96cac44

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-10a5"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:22 GMT

GET
H/1.1 200
OK yahoosans.4e1e076763861e0d17cdc2af84ef1ef4.css
rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 3 KB
3 KB 167ms
58ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/css/yahoosans.4e1e076763861e0d17cdc2af84ef1ef4.css
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c25eb9ef13d4c6fc1509e8f478899f196165bdf32f17acb2163cb329820f1c7d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:22 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-b21"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2849
Expires: Mon, 27 Mar 2023 15:31:22 GMT

GET
H/1.1 200
OK desktopweb.db9adc4ea43e2feffc0a59fd0980c7b9.css
rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 7 KB
2 KB 167ms
59ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/css/desktopweb.db9adc4ea43e2feffc0a59fd0980c7b9.css
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 81871a231bd7e95f87d000c40a52a9e9670d4895e46824e030ac11ddc93e11ce

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1aaa"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:22 GMT

GET
H/1.1 200
OK colors_1.1.27.min.css
rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 6 KB
2 KB 168ms
59ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/css/colors_1.1.27.min.css
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c4785a51adadef034b8274f06cd3ba259f313f67269f1c8f06bb9ce88ae9137a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1823"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:22 GMT

GET
H/1.1 200
OK tdv2-wafer-content-list.custom.45f01f005c629741cf7c510f94504957.css
rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 1 KB
2 KB 216ms
53ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/css/tdv2-wafer-content-list.custom.45f01f005c629741cf7c510f94504957.css
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 67abefd44cdbe95de18cacac973e61226611e6c1bf7c76ca9cd2f7289afc8332

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-5af"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1455
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H/1.1 200
OK tdv2-wafer-header.ybar.desktop.a5ef55315256ad2c3ff918a06f48f42e.css
rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 175 B
507 B 226ms
51ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/css/tdv2-wafer-header.ybar.desktop.a5ef55315256ad2c3ff918a06f48f42e.css
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 3016ee9e02f913a7cac4c4fdc28c5552afea273ee310d94f7520eb47d50669f9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-af"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H/1.1 200
OK caas.9d51dd81df00ec18726ffe5ad0918865.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 41 KB
16 KB 83ms
72ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/caas.9d51dd81df00ec18726ffe5ad0918865.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 20ab02ab4d58b6fad10d4ec2d856dd2fcc6984f5f43832cc09f490ba69ad9307

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-a4c0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H/1.1 200
OK g-r-min.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 204 KB
87 KB 1312ms
1301ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 8c6a14a96e308f070f495f999af4e39027527d649157fe1a3ffc116870e14697

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-32f1e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H/1.1 200
OK wf-loader-2.6.15.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 12 KB
3 KB 1243ms
1242ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-loader-2.6.15.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 2da8e6f60e9698291e4cfecbaf95ba806282637c28fa1cc7c2d7ef0e32e660e9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-30ff"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H/1.1 200
OK sda.49ad5a43996ff69d6b12c33e7705e129.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 4 KB
2 KB 1227ms
1226ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/sda.49ad5a43996ff69d6b12c33e7705e129.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 4a66b92fc3985947226e9cba3cdd5687ed4746876da1c1f7e399a1cdd6c62409

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-105d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H/1.1 200
OK wf-sticky-1.2.2.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 9 KB
3 KB 1228ms
1228ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-sticky-1.2.2.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 6df75e91352dff7a5d6c9827c27612ff26c7954cf2fea7c6da459773865c6bc9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-227c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H/1.1 200
OK rapid-3.53.38.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 50 KB
18 KB 241ms
58ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/rapid-3.53.38.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 1236e3d07c5be99605a2ce51cf62277390130d7e1666e31757c7182173c31f1c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-c816"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H/1.1 200
OK cmp.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 64 KB
17 KB 110ms
105ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/cmp.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: f204ab420a5067e50cf449c161ca633301e47849248e691863bae78110990e60

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-101f5"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK cs_1.4.0.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 1 KB
2 KB 64ms
59ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/cs_1.4.0.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: d636b7c6e03c525b4bb0030d0a9d2908fb6e1e51bfbfc0ea0b25fb7b8da50321

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-4d8"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1240
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK tdv2-wafer-utils.19c76fb8.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 3 KB
4 KB 50ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/tdv2-wafer-utils.19c76fb8.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 30797f2f9f4f25064a692331c35f0216ef5225c11627cd1393847db1e8cff8ff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-d5d"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3421
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK finSearch.min.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 172 KB
54 KB 267ms
57ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/finSearch.min.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: f1c5cc39ece1de53f6288d53ff3847e660425d77debd81a7ac493903d74926be

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-2b1cf"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H/1.1 200
OK consent.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 55 KB
17 KB 105ms
100ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/consent.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 3d7ffe1ecb061100760ab496bae435770032c862df220c02160bfd98fdaf07d1

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-daf4"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-module-2.0.0.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 5 KB
2 KB 92ms
53ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-module-2.0.0.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 5f86ec9907f6433f430f9caa406d5244809b9623f8ebac90868ae331775438c5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1208"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK spotIm.custom.SpotImJAC.a890015a7cd1c52f9ca06097087591ab.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 33 KB
11 KB 54ms
53ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/spotIm.custom.SpotImJAC.a890015a7cd1c52f9ca06097087591ab.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: a18f1f61513a044194cece1b38c0e512126976c8e590f800fe4bd406e697dc57

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-82f6"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-fetch-1.18.11.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 17 KB
6 KB 55ms
54ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-fetch-1.18.11.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c99e18f340da3013a89d08357f05aa510393fdbfc400c364f85439f6f8bcda9f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-42f3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-video-2.20.1.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 29 KB
9 KB 51ms
51ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-video-2.20.1.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 60a7550cfbb885a0a9f7007c8efcc3c0d9c2f968f87d263b5061d5cf8322c80b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-75b3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-beacon-1.3.4.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 11 KB
4 KB 53ms
50ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-beacon-1.3.4.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 504e05e34c69c7ecb5293f3fb31be8600db94d8b1076675844bc0b94cabd54f1

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-2b81"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-scrollview-2.18.8.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 32 KB
9 KB 55ms
54ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-scrollview-2.18.8.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: dc85247b4034d72a283958d72065ec4e1b937a3b3572944b948c5cdd12dd6f67

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-8198"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-toggle-1.15.4.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 13 KB
4 KB 50ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-toggle-1.15.4.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 18c32790c19d6483d673c06a3d9cf7f6d717fb88bf3698afbae2b04b033ed537

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-3289"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-form-1.33.0.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 14 KB
5 KB 52ms
51ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-form-1.33.0.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 52d9389cd526906e929ccece229fc8122685205a9a2a0aaf667d0907ef933576

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-3728"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-darla-1.8.0.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 12 KB
5 KB 53ms
52ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-darla-1.8.0.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 17657f91dc8a7010a869b39af18f5bdee723126a7467f77f929aaef9c53f2e40

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-30e7"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-caas-1.19.1.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 23 KB
8 KB 73ms
50ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-caas-1.19.1.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c67c77e7757e42a7c7a8e394e3a162dc2ea087d2f09afd7a1e39c3660a86c62b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-5dab"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-lightbox-1.10.5.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 14 KB
5 KB 55ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-lightbox-1.10.5.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c9bbc35341f4aeaffb38d9d1a98b84e59eda553ce1faeaba1410006b90df518d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-3835"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-countdown-1.2.5.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 5 KB
2 KB 74ms
53ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-countdown-1.2.5.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: a1060b6dd1609d1165ffc70733edcc780fd8192fd74d229cba17f1fd402a43a4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-12f8"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-image-1.4.0.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 7 KB
3 KB 55ms
54ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-image-1.4.0.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 2b3162b9d90ea855e1d140d94062ed56fb3b8d98193f1f37680f864320d481fc

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1b10"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK tdv2-wafer-content-list.custom.c5b1d1b30a366567b8d67f27e343f60d.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 4 KB
4 KB 57ms
56ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/tdv2-wafer-content-list.custom.c5b1d1b30a366567b8d67f27e343f60d.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: ad24df8561b589323813953f7fd01e7aac1253b8570e78c9c2d07ac6488ea0e4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-fe1"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4065
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK wf-rapid-1.10.6.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 13 KB
4 KB 114ms
50ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-rapid-1.10.6.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 93b4d7141f0235efab12760ea30046e4640c1ea82e336561ff918435b04c1673

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-328b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK react-wafer-featurebar.custom.default.95a7979b4c06295e22960043d003fb49.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 2 KB
2 KB 52ms
51ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/react-wafer-featurebar.custom.default.95a7979b4c06295e22960043d003fb49.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 33de9ebb711226b9d7ebc94f2c9e9eaea6ab6346ea7bfd79828ec1fb819de33f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-647"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1607
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK react-wafer-subscription.custom.monalixa.default.3acd4d714f1d5780da18a78eccee4d24.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 1 KB
1 KB 53ms
51ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/react-wafer-subscription.custom.monalixa.default.3acd4d714f1d5780da18a78eccee4d24.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 314e1fe839edf550dc0b9df5652a95424a597f72fbc78c00f80976f297696a0d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-48c"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1164
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK 3c2171b.caas-article2_web.min.css
rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 105 KB
17 KB 275ms
103ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/css/3c2171b.caas-article2_web.min.css
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 4a94f6bee75aa79866b9b5e432a352b6e45c906c10eb348ca31b5b4317294d11

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1a4ee"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H2 200 yahoo_finance_en-US_h_p_financev2.png
s.yimg.com/rz/p/ 5 KB
6 KB 1374ms
55ms Image
image/png 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/rz/p/yahoo_finance_en-US_h_p_financev2.png

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

879c22d7d11e8394e045a7ab8dfd514a9f9f8ef27adf8070a8372f69e07943b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:07:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: PXNJE7RXWZD4ZCXD
age: 1415
x-amz-server-side-encryption: AES256
content-length: 5453
x-amz-id-2: 0JH69Zq6XFK4LQLv75M6kTpV97M8FJIiH7QbAgjfM3tMOHESne1VHC8wiS0OHcVbUCIlevIRGfI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Mar 2023 21:32:39 GMT
server: ATS
etag: "2ff14860d1612c92b9373b855cf3d0d9"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
expires: Fri, 17 Mar 2023 23:00:00 GMT

GET
H2 200 yahoo_finance_en-US_h_w_financev2.png
s.yimg.com/rz/p/ 4 KB
4 KB 1470ms
151ms Image
image/png 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/rz/p/yahoo_finance_en-US_h_w_financev2.png

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e4202fdaa44bd24962e5cc9943e81f3880c07261b70240417755975eff513bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 10:08:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: S4SM9ATSCXWX7TTJ
age: 19376
x-amz-server-side-encryption: AES256
content-length: 3779
x-amz-id-2: 9K/i8Ypuu9UWBN17ozwmgmfiroPFsLQ7LdtKSmNe8I865WlI2Qv8rQDZ3YAi18QSF+Y/DB3MOqM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Mar 2023 21:32:39 GMT
server: ATS
etag: "9d5d82593dae940c6529b473900ddfdb"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
expires: Fri, 17 Mar 2023 23:00:00 GMT

GET
H/1.1 200
OK logo-18-18.svg
rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/ 741 B
1 KB 55ms
54ms Image
image/svg+xml 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/logo-18-18.svg
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: e4ee215e9c740c7eb984b200253336cbd8c65695492c9d443f4a6e3e256f870d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-2e5"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 741
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK cerebro_min.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 6 KB
2 KB 70ms
69ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/cerebro_min.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: b168be397ac36dbca02b07547dad2a928427e765df9b49a931f05db057f3a83c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1604"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK 0f36fba0-1cea-11ed-bee7-af68ceb219c6
rinehartfarm.com/lander/vayt-masha-28.02-6/img/ 29 KB
29 KB 158ms
122ms Image
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/img/0f36fba0-1cea-11ed-bee7-af68ceb219c6
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK wf-core-1.61.3.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 174 KB
40 KB 69ms
67ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-core-1.61.3.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 983142f7f74bc016f252894067351b2af7d87a59d31a201376e08f374413eaeb

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-2b8be"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H/1.1 200
OK yaft-0.3.28.min.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 17 KB
6 KB 61ms
61ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/yaft-0.3.28.min.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-42f0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 200
OK feb44f4.caas-article2_web.min.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 128 KB
32 KB 60ms
60ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/feb44f4.caas-article2_web.min.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 5fea1a0dbbe96d453e3c8d4b47e1f8f646a7ecc4abcbf7779862f491ac4a09e0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1ff07"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET
H/1.1 200
OK advertisement_0.0.19.js Show response
rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 158 B
504 B 83ms
71ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/advertisement_0.0.19.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:23 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-9e"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 158
Expires: Mon, 27 Mar 2023 15:31:23 GMT

GET US
query2.finance.yahoo.com/v1/finance/trending/ 0
0

GET
H/1.1 200
OK spritify-sprite-light-fd484ded-e3dce7a4.png
rinehartfarm.com/lander/vayt-masha-28.02-6/img/ 12 KB
12 KB 54ms
51ms Image
image/png 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/img/spritify-sprite-light-fd484ded-e3dce7a4.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 506648db425e3801b3b45aca2382efaed10698e5af1dcb90fc8cffb2b090704e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-2ebf"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11967
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H2 200 marketTime.fbd97d839c0f2c235883.js Show response
s.yimg.com/uc/finance/webcore/js/ 203 KB
64 KB 99ms
75ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uc/finance/webcore/js/marketTime.fbd97d839c0f2c235883.js

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

cf6e8632455597e764c74736941b8859a7458b4de5f2294947a4abdf1662751b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: J13QHMQHNCAM60NH
age: 2446019
x-amz-server-side-encryption: AES256
content-length: 65215
x-amz-id-2: cdB5jQ54WDbjGLkou/ReyhkqNBq3KBIA/26fcEbnAC75hqQqy5yyKPT+vS/RDWRHfLuRbSfF8So=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Feb 2023 22:06:49 GMT
server: ATS
etag: "f405fdc5cbbcaf1cbac192d171f89571-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 marketSummary.49bc65bfd2fd44d6fc91.js Show response
s.yimg.com/uc/finance/webcore/js/ 259 KB
85 KB 165ms
150ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uc/finance/webcore/js/marketSummary.49bc65bfd2fd44d6fc91.js

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

68b6d95d23388dfe19a9e50f5697c58fa43418da4cf7bc8571e065afc730d767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: MHR9JNTXFG787TPR
age: 1379838
x-amz-server-side-encryption: AES256
x-amz-id-2: lUHLe4QD9i4heplW9JiyHC25eQkKoJ3Nx4+0KZDLm7BGIyoUesZ0bc7Mh451litPC9UIAS7Udas=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 21:14:58 GMT
server: ATS
etag: "70c67d8e390336bc71db1366f8f1a926-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H/1.1 200
OK YahooSansCond-XBold.woff2
rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/ 12 KB
12 KB 60ms
48ms Font
font/woff2 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/YahooSansCond-XBold.woff2
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/css/yahoosans.4e1e076763861e0d17cdc2af84ef1ef4.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: a20c6fca1545a35f9ecd601cc41f9df7b24f55cfced32d55abe50b46b5842a95

Request headers

Referer: https://rinehartfarm.com/lander/vayt-masha-28.02-6/css/yahoosans.4e1e076763861e0d17cdc2af84ef1ef4.css
Origin: https://rinehartfarm.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-2f20"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12064
Expires: Mon, 27 Mar 2023 15:31:24 GMT

GET
H/1.1 404
Not Found __rapid-worker-1.2.js
rinehartfarm.com/ 548 B
696 B 100ms
48ms Other
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/__rapid-worker-1.2.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET
H2 200 337_842fb37f16.chunk.js Show response
s.yimg.com/aaq/c/ 10 KB
4 KB 184ms
184ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/337_842fb37f16.chunk.js

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/feb44f4.caas-article2_web.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

7e926fbc63ec1370ffa4ca3778637b9b183d6da7a7a1539b78329cafc2f22f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:36:43 GMT
x-amz-version-id: iFZz9HhbmU6oiUNH4Ga36zW3WB7rDL_E
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 1S98513B9D479M1J
age: 1587283
x-amz-server-side-encryption: AES256
x-amz-id-2: UgPvR1yn5kojzBUf0vvpvuV/UJvurt0ck72ZLI4C3dL6OA9tMs4j1MyxVMUPCL9D2u6+t7CtyQM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 26 Feb 2023 07:09:58 GMT
server: ATS
etag: "4006fd808ab8bbc0325ca65d29ef64e6-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 2927_842fb37f16.chunk.js Show response
s.yimg.com/aaq/c/ 20 KB
6 KB 182ms
182ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/2927_842fb37f16.chunk.js

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/feb44f4.caas-article2_web.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

a0db2bd28c98bd3023a5f63cd4c4fa1e180bfeb8a220f8ed07ed7cc2a7dc2607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:36:43 GMT
x-amz-version-id: Lw6.fMWw0Eq74kc47bDo3QAsS96MCWcf
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 1S9AW5F2MC1TCNEV
age: 1587283
x-amz-server-side-encryption: AES256
x-amz-id-2: Myya8As5sYcksPh388zCxfu3dmCOaQ+CIZppPNAAjl1pcXHPTFHRc3H3msSKhUNZMPHpvkQqEqg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 26 Feb 2023 07:09:57 GMT
server: ATS
etag: "a08a04d158e22fa57da1792f10542576-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
444 B 230ms
69ms XHR
text/plain 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1183310220&yhlCT=2&yhlBTMS=1679067084692&yhlClientVer=3.53.38&yhlRnd=R3ScBSSUKCBQz7El&yhlCompressed=0

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rinehartfarm.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:24 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://rinehartfarm.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
expires: -1

GET consentRecord
guce.yahoo.com/v1/ 0
0

GET markettime
query1.finance.yahoo.com/v6/finance/ 0
0

OPTIONS
H2 204 remote
embed.fireplace.yahoo.com/_rcv/ Frame 0
0 360ms
88ms Preflight 87.248.100.208
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.fireplace.yahoo.com/_rcv/remote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.208 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-ui71.prod.media.vip.ir2.yahoo.com

Software

ATS / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ampproject.org .aol.com .autoblog.com .betterme-magazine.com .campaign.yahoo.com.tw .launch3d.com .engadget.com .google.com .huffingtonpost.ca .huffingtonpost.co.uk .huffingtonpost.com.au .huffingtonpost.com .huffingtonpost.es .huffingtonpost.fr .huffingtonpost.gr .huffingtonpost.it .huffingtonpost.jp .huffingtonpost.kr .huffpost.ca .huffpost.com .huffpost.net .huffpostbrasil.com .intheknow.com .oath.com .paas.ec.yahoo.com:4443 pnr.ouryahoo.com .pnr.ouryahoo.com .shopping.yahoo.com .tw.campaign.yahoo.net .yahoo.ca .yahoo.com:3000 .yahoo.com.tw .yahoo.com enlight.yahoo.net enlight-stage.yahoo.net; font-src s.yimg.com; report-uri https://csp.yahoo.com/beacon/csp?src=embed.fireplace.yahoo.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rinehartfarm.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST
age: 0
cache-control: max-age=0, private
content-length: 0
content-security-policy: frame-ancestors 'self' *.ampproject.org *.aol.com *.autoblog.com *.betterme-magazine.com *.campaign.yahoo.com.tw *.launch3d.com *.engadget.com *.google.com *.huffingtonpost.ca *.huffingtonpost.co.uk *.huffingtonpost.com.au *.huffingtonpost.com *.huffingtonpost.es *.huffingtonpost.fr *.huffingtonpost.gr *.huffingtonpost.it *.huffingtonpost.jp *.huffingtonpost.kr *.huffpost.ca *.huffpost.com *.huffpost.net *.huffpostbrasil.com *.intheknow.com *.oath.com *.paas.ec.yahoo.com:4443 pnr.ouryahoo.com *.pnr.ouryahoo.com *.shopping.yahoo.com *.tw.campaign.yahoo.net *.yahoo.ca *.yahoo.com:3000 *.yahoo.com.tw *.yahoo.com enlight.yahoo.net enlight-stage.yahoo.net; font-src s.yimg.com; report-uri https://csp.yahoo.com/beacon/csp?src=embed.fireplace.yahoo.com
date: Fri, 17 Mar 2023 15:31:25 GMT
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
expires: -1
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-decorator-operation: fireplace-module-server--mtls-production-ir2.fireplace-k8s.svc.yahoo.local:4080/*
x-envoy-upstream-service-time: 3
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-xss-protection: 1; mode=block

POST remote
embed.fireplace.yahoo.com/_rcv/ 0
0

POST
H/1.1 200
OK remote Show response
rinehartfarm.com/nel_ms/_rcv/ 640 KB
120 KB 181ms
155ms Fetch
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/nel_ms/_rcv/remote?m_id=tdv2-wafer-content-list&ctrl=Stream&module=moreStories&site=finance&device=desktop&lang=en-US&region=US&bucket=finance-US-en-US-def&rid=ajt4qvdhvr4fi&m_mode=json
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-core-1.61.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 92048fe17ab99379696001bc409ad3456f8bc3d01670f6e2993e9d93b2d55874

Request headers

Referer: https://rinehartfarm.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:24 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

POST
H/1.1 200
OK remote Show response
rinehartfarm.com/fp_ms/_rcv/ 640 KB
120 KB 278ms
251ms Fetch
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/fp_ms/_rcv/remote?m_mode=json&ctrl=SubscriptionMonalixa&m_id=react-wafer-subscription
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-core-1.61.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 344c047bd023bf7735dad087f56e67c775aac4cf0b9c20c8de483f244b82caa6

Request headers

Referer: https://rinehartfarm.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET spark
query1.finance.yahoo.com/v7/finance/ 0
0

GET quote
query1.finance.yahoo.com/v7/finance/ 0
0

GET
H2 200 r-csc.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame AB8D 2 KB
1 KB 99ms
95ms Document
text/html 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-csc.html

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

3f1fdef4f502d2db072df997a1b83e977c3e257521551a9e4de98b1c28fa8a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 2265
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 1160
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 14:53:40 GMT
etag: "1ff9b6e511ccd76562520a75bae161d2-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: mK/ec+Sb4aQ3olaAgqFpE0KDH/jZ1wi/aWfSaZ75ZmKhecuy7rBgaJdPo5LLMOzeux6Qm5NSkNY=
x-amz-request-id: 33VQWD50DPEJE8RV
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame 7F0D 2 KB
963 B 88ms
54ms Document
text/html 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6516
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame EC3B 2 KB
802 B 120ms
111ms Document
text/html 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6516
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame F5B4 2 KB
802 B 61ms
54ms Document
text/html 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6516
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adcount%7C2.0%7C5113.1%7C4948213%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=31766;adcid=0;itime=562354435;reqtype=5;;impref=16775623542580318895;imprefseq=14360940497606356;imprefts=1677562354;adcl...
5.ras.yahoo.com/ 1 B
203 B 276ms
150ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4948213%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=31766;adcid=0;itime=562354435;reqtype=5;;impref=16775623542580318895;imprefseq=14360940497606356;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=MAST;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y409682;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4948339%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=33881;adcid=0;itime=562354437;reqtype=5;;impref=16775623542580318898;imprefseq=14360940497606359;imprefts=1677562354;adcl...
5.ras.yahoo.com/ 1 B
477 B 271ms
145ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4948339%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=33881;adcid=0;itime=562354437;reqtype=5;;impref=16775623542580318898;imprefseq=14360940497606359;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=MON;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y409828;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C5206752%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=14320;adcid=0;itime=562354418;reqtype=5;;impref=16775623542580318832;imprefseq=14360940497606335;imprefts=1677562354;adcln...
5.ras.yahoo.com/ 1 B
202 B 273ms
149ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C5206752%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=14320;adcid=0;itime=562354418;reqtype=5;;impref=16775623542580318832;imprefseq=14360940497606335;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=INARTICLE;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y963903263;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4863223%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=5060;adcid=0;itime=562354411;reqtype=5;;impref=16775623542580318769;imprefseq=14360940497606323;imprefts=1677562354;adclnt...
5.ras.yahoo.com/ 1 B
202 B 270ms
148ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4863223%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=5060;adcid=0;itime=562354411;reqtype=5;;impref=16775623542580318769;imprefseq=14360940497606323;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=BTNA;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y407889;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4863233%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=7509;adcid=0;itime=562354413;reqtype=5;;impref=16775623542580318792;imprefseq=14360940497606326;imprefts=1677562354;adclnt...
5.ras.yahoo.com/ 1 B
202 B 272ms
151ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4863233%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=7509;adcid=0;itime=562354413;reqtype=5;;impref=16775623542580318792;imprefseq=14360940497606326;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=BTNB;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y407890;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4863240%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=9827;adcid=0;itime=562354415;reqtype=5;;impref=16775623542580318804;imprefseq=14360940497606329;imprefts=1677562354;adclnt...
5.ras.yahoo.com/ 1 B
202 B 266ms
147ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4863240%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=9827;adcid=0;itime=562354415;reqtype=5;;impref=16775623542580318804;imprefseq=14360940497606329;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=BTNC;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y407891;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4863245%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=12080;adcid=0;itime=562354416;reqtype=5;;impref=16775623542580318817;imprefseq=14360940497606332;imprefts=1677562354;adcln...
5.ras.yahoo.com/ 1 B
201 B 145ms
144ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4863245%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=12080;adcid=0;itime=562354416;reqtype=5;;impref=16775623542580318817;imprefseq=14360940497606332;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=BTND;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y407892;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4948593%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=35972;adcid=0;itime=562354438;reqtype=5;;impref=16775623542580318909;imprefseq=14360940497606362;imprefts=1677562354;adcl...
5.ras.yahoo.com/ 1 B
203 B 143ms
142ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4948593%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=35972;adcid=0;itime=562354438;reqtype=5;;impref=16775623542580318909;imprefseq=14360940497606362;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=MON2;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y410010;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830144%7C0%7C225%7CAdId=11101939;BnId=2;ct=3963478407;st=16948;adcid=1;itime=562354419;reqtype=5;;impref=16775623542580318841;imprefseq=14360940497606338;imprefts=16775623...
5.ras.yahoo.com/ 1 B
203 B 436ms
435ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830144%7C0%7C225%7CAdId=11101939;BnId=2;ct=3963478407;st=16948;adcid=1;itime=562354419;reqtype=5;;impref=16775623542580318841;imprefseq=14360940497606338;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LDRB;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402804;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830165%7C0%7C170%7CAdId=11101861;BnId=2;ct=3963478407;st=22090;adcid=1;itime=562354423;reqtype=5;;impref=16775623542580318853;imprefseq=14360940497606344;imprefts=16775623...
5.ras.yahoo.com/ 1 B
203 B 169ms
168ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830165%7C0%7C170%7CAdId=11101861;BnId=2;ct=3963478407;st=22090;adcid=1;itime=562354423;reqtype=5;;impref=16775623542580318853;imprefseq=14360940497606344;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LREC;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402806;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830145%7C0%7C170%7CAdId=11101864;BnId=2;ct=3963478407;st=24595;adcid=1;itime=562354427;reqtype=5;;impref=16775623542580318861;imprefseq=14360940497606347;imprefts=16775623...
5.ras.yahoo.com/ 1 B
203 B 434ms
433ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830145%7C0%7C170%7CAdId=11101864;BnId=2;ct=3963478407;st=24595;adcid=1;itime=562354427;reqtype=5;;impref=16775623542580318861;imprefseq=14360940497606347;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LREC2;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402807;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
265 B 164ms
47ms Image
image/gif 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=7241469&c5=1183310220&c7=other%2Fchinese-bitcoin-mining-company-delivers-084958533.html&c14=-1&c8=Chinese%20Bitcoin%20Mining%20Company%20Delivers%20First%20Machines%20to%20Kazakhstan&c9=&gdpr=0&gdpr_consent=&cs_ucfr=0&ns_c=UTF-8&ns__t=1679067085231
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 43
x-amz-cf-id: v3vGLAjHWIsYfYQwLI8PaB4AabnQeOCiegZ-I6X432hgJLhBc8Yz3A==
x-cache: Miss from cloudfront
content-type: image/gif

GET
H2 200 exp.json Show response
edge-mcdn.secure.yahoo.com/ybar/ 2 KB
2 KB 55ms
48ms Fetch
application/json 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-mcdn.secure.yahoo.com/ybar/exp.json

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/cerebro_min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

5cb2b348029a5c8cad5342d73f5f78ac09ad0cf6ebde80b5a1ed069f08332ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:13:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 1109KSX494BVASW5
age: 15472
x-amz-server-side-encryption: AES256
content-length: 1784
x-amz-id-2: 24MvSw6MzNytd/DHTqUYfJdewm9Th8Ao3Ff5a7Xdf1X305JN/CnDZ1moD6TJ42CaacoacPti8/E=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Dec 2022 17:20:56 GMT
server: ATS
etag: "877792d86d801176269a36ac7b4e6e02"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 streamer.70fa1a924bdc58efa713.js Show response
s.yimg.com/uc/finance/webcore/js/ 292 KB
93 KB 51ms
50ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uc/finance/webcore/js/streamer.70fa1a924bdc58efa713.js

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e4747850a5b4d1e9920a61fb7f0e247efaae09920c22cc0f0d86ed70fbf2e10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 02:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 8P6RJJKVWYAHT2ZK
age: 1344035
x-amz-server-side-encryption: AES256
x-amz-id-2: kru2JsvO+ax1RmSxHsGwhvM2U/54+eoLpu8T6k16FdgM4KAeSglziAdPwHb9/fOthOGjZG6S3S8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 21:14:58 GMT
server: ATS
etag: "c584de8dd6eb1c385c4057d85c7c8123-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 perf-vitals_3.1.0.js Show response
s.yimg.com/cx/pv/ 8 KB
3 KB 55ms
54ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cx/pv/perf-vitals_3.1.0.js

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

baa52e8ac769d702e14fd1fa5a4363a1fc7e6462115ab6bcdbb317ce0e99da8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 14:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: JDAGAE490ZJQ69SW
age: 3416
x-amz-server-side-encryption: AES256
x-amz-id-2: 7TbWEZ16+ofHgQnV1EDUdYPjXT6px2DAXTxf8YzKzj3eA826AryRuAlF6gkVWHosg29ax9CYrZZ/d5mAnOys2Q==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Jan 2023 00:09:27 GMT
server: ATS
etag: "26831b6bd9ea430823f593b6a70c7375-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame 7F0D 63 KB
27 KB 48ms
48ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WD7RRDRJ81T9KQ82
age: 367932
x-amz-server-side-encryption: AES256
x-amz-id-2: 9DuXYeb7yLSXc7zSRTkyODcUAnRWRZmy/VxfQLDxA2q5GgbGXRjHM6TAOFMPvqD68lUD6yR2Bo8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame F5B4 63 KB
27 KB 49ms
49ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WD7RRDRJ81T9KQ82
age: 367932
x-amz-server-side-encryption: AES256
x-amz-id-2: 9DuXYeb7yLSXc7zSRTkyODcUAnRWRZmy/VxfQLDxA2q5GgbGXRjHM6TAOFMPvqD68lUD6yR2Bo8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame EC3B 63 KB
27 KB 71ms
70ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WD7RRDRJ81T9KQ82
age: 367932
x-amz-server-side-encryption: AES256
x-amz-id-2: 9DuXYeb7yLSXc7zSRTkyODcUAnRWRZmy/VxfQLDxA2q5GgbGXRjHM6TAOFMPvqD68lUD6yR2Bo8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 jac.js Show response
openweb.jac.yahoosandbox.com/1.5.0/ 130 KB
39 KB 244ms
47ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/spotIm.custom.SpotImJAC.a890015a7cd1c52f9ca06097087591ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://yahoo.com https://*.yahoo.com https://techcrunch.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 10:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors https://yahoo.com https://*.yahoo.com https://techcrunch.com
x-amz-request-id: W0C1T786DFN97AVX
age: 19350
x-amz-server-side-encryption: AES256
content-length: 39811
x-amz-id-2: YeHQDgw0Nwk4bX2C5ExhmF0Afs7Z32Cmob8Gn6+GC+g3ac0K6V7wiMNvjqDPt1vhqBfJaFwZEzk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
server: ATS
etag: "ba7ab9e2045b668f3f93509ade11995d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes

POST
H/1.1 200
OK reporting-observer
rinehartfarm.com/_td_api/beacon/ 640 KB
120 KB 223ms
222ms Ping
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/_td_api/beacon/reporting-observer?meta=%7B%22sourceFile%22%3Anull%2C%22lineNumber%22%3Anull%2C%22columnNumber%22%3Anull%2C%22id%22%3A%224302%22%2C%22message%22%3A%22Deprecation%20messages%20are%20stored%20in%20the%20devtools-frontend%20repo%20at%20front_end%2Fmodels%2Fissues_manager%2FDeprecationIssue.ts.%22%2C%22anticipatedRemoval%22%3Anull%7D&src=deprecation&_rdn=085303&rid=ajt4qvdhvr4fi&bucket=finance-US-en-US-def&device=desktop&osName=linux&browserName=firefox&browserVersion=45.0&site=finance
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/tdv2-wafer-utils.19c76fb8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 87cae86ffab4a825efd06a602c30563b9e29208314ba093a26a3550013358080

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

POST
H/1.1 200
OK error
rinehartfarm.com/_td_api/beacon/ 640 KB
120 KB 225ms
225ms Ping
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/_td_api/beacon/error?err=WaferFetch&beaconType=wafer_err&info=%7B%22message%22%3A%22Malformed%20response%22%2C%22retryCount%22%3A2%2C%22targetElem%22%3A%7B%7D%2C%22url%22%3A%22/fp_ms/_rcv/remote%3Fm_mode%3Djson%26ctrl%3DSubscriptionMonalixa%26m_id%3Dreact-wafer-subscription%22%7D&stack=&connection=%7B%22downlink%22%3A10%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&rid=ajt4qvdhvr4fi&bucket=finance-US-en-US-def&device=desktop&osName=linux&browserName=firefox&browserVersion=45.0
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-core-1.61.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 8aeac920ec9dbdec2102d5790c0c97031685bae8f252caed19125ae08cad9a0d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

POST
H/1.1 200
OK error
rinehartfarm.com/_td_api/beacon/ 640 KB
120 KB 313ms
313ms Ping
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rinehartfarm.com/_td_api/beacon/error?err=WaferFetch&beaconType=wafer_err&info=%7B%22message%22%3A%22Malformed%20response%22%2C%22retryCount%22%3A2%2C%22targetElem%22%3A%7B%7D%2C%22url%22%3A%22/nel_ms/_rcv/remote%3Fm_id%3Dtdv2-wafer-content-list%26ctrl%3DStream%26module%3DmoreStories%26site%3Dfinance%26device%3Ddesktop%26lang%3Den-US%26region%3DUS%26bucket%3Dfinance-US-en-US-def%26rid%3Dajt4qvdhvr4fi%26m_mode%3Djson%22%7D&stack=&connection=%7B%22downlink%22%3A10%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&rid=ajt4qvdhvr4fi&bucket=finance-US-en-US-def&device=desktop&osName=linux&browserName=firefox&browserVersion=45.0
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-core-1.61.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 8aeac920ec9dbdec2102d5790c0c97031685bae8f252caed19125ae08cad9a0d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

POST
H2 200 p
3p-geo.yahoo.com/ 43 B
476 B 89ms
72ms Ping
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://3p-geo.yahoo.com/p?s=1183310220&t=q9HVzCAR7EsJpdtx,0.7882826152334146&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03PZwqoY0dS3BymMdu%04_w%03rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_ttfb%22%3A955%2C%22perf_ttfb_rating%22%3A%22needs-improvement%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067085%04_ms%03332%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
3p-geo.yahoo.com/ 43 B
74 B 90ms
73ms Ping
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://3p-geo.yahoo.com/p?s=1183310220&t=uh4KFSaHgZ8NYU8H,0.06293683720883081&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03PZwqoY0dS3BymMdu%04_w%03rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_fcp%22%3A1546%2C%22perf_fcp_rating%22%3A%22good%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067085%04_ms%03335%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame 7F0D 4 KB
2 KB 475ms
291ms Script
application/x-javascript 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB|562354419&brxdSiteId=4451051&yadpos=LDRB&pos=ipemeafinanceldrb&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5b913352ea1a6eac1ab13c11cd8331211143ff19211eb6836b18ff73a64cfaa7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 1704
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame 7F0D 318 KB
107 KB 216ms
35ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1796
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame 7F0D 565 B
731 B 163ms
43ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
x-amz-version-id: null
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
age: 39176
x-amz-request-id: KPNXB3V80ADW05F8
etag: "349bad1100a940608cb9109eb2b166a2"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame 7F0D 1 KB
2 KB 157ms
38ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
x-amz-version-id: null
nel: {"report_to": "default", "max_age": 43200, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age: 80694
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
report-to: {"group": "default", "max_age": 43200, "endpoints":[{"url": "https://report.edgecast.com/nel/v0?s=QlcUD0dUXhNXDlABC1NW", "priority": 1}, {"url": "https://nelcollector.sre.ecsvc.net/report", "priority": 2}]}
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
BLOB 200
OK a5c30fe3-09f7-45b7-8cff-7370e49096ec
https://rinehartfarm.com/ 61 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rinehartfarm.com/a5c30fe3-09f7-45b7-8cff-7370e49096ec
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f443dae9efcdc4c0cfd4960546a25253059320066ec50a7b27bca4c4f96f1040

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 62362
Content-Type

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame F5B4 4 KB
2 KB 367ms
212ms Script
application/x-javascript 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC2|562354427&brxdSiteId=4451051&yadpos=LREC2&pos=ipemeafinancelrec2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 666129f9cc4a9c2b1ae701451477e8456f324e37c2327bd7de2576f6634f32bc

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 1703
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame F5B4 318 KB
107 KB 254ms
103ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1796
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame F5B4 565 B
637 B 135ms
44ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
x-amz-version-id: null
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
age: 39176
x-amz-request-id: KPNXB3V80ADW05F8
etag: "349bad1100a940608cb9109eb2b166a2"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame F5B4 1 KB
1 KB 131ms
42ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
x-amz-version-id: null
age: 80694
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame EC3B 4 KB
2 KB 432ms
304ms Script
application/x-javascript 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC|562354423&brxdSiteId=4451051&yadpos=LREC&pos=ipemeafinancelrec&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 021d38e4d1439c38ed1165c38065766ca0e73c9623e844c65752fabe1ecb2b11

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 1707
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame EC3B 318 KB
107 KB 260ms
136ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1796
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame EC3B 565 B
637 B 109ms
45ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
x-amz-version-id: null
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
age: 39176
x-amz-request-id: KPNXB3V80ADW05F8
etag: "349bad1100a940608cb9109eb2b166a2"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame EC3B 1 KB
1 KB 102ms
39ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
x-amz-version-id: null
nel: {"report_to": "default", "max_age": 43200, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age: 80694
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
report-to: {"group": "default", "max_age": 43200, "endpoints":[{"url": "https://report.edgecast.com/nel/v0?s=QlcUD0dUXhNXDlABC1NW", "priority": 1}, {"url": "https://nelcollector.sre.ecsvc.net/report", "priority": 2}]}
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 404 px.gif
www.yahoo.com/ 0
0 1074ms
75ms Image
text/html 87.248.100.216
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yahoo.com/px.gif?ch=1&rn=6.349411862255239
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.248.100.216 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: media-router-fp74.prod.media.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 px.gif
www.yahoo.com/ 0
0 1086ms
87ms Image
text/html 87.248.100.216
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yahoo.com/px.gif?ch=2&rn=6.349411862255239
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.248.100.216 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: media-router-fp74.prod.media.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

POST
H2 200 p
3p-geo.yahoo.com/ 43 B
243 B 81ms
67ms Ping
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://3p-geo.yahoo.com/p?s=1183310220&t=8al0AqsKbIdTUw6a,0.32909570343145234&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03PZwqoY0dS3BymMdu%04_w%03rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_pfb%03955%04A_pbp%03195%04A_psr%03370%04A_pdi%032684%04A_pdl%031%04A_psh%0360%04A_psc%03108%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067085%04_ms%03708%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:25 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F5B4 79 KB
27 KB 870ms
64ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC2|562354427&brxdSiteId=4451051&yadpos=LREC2&pos=ipemeafinancelrec2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

31665c7c01527083a4492b70d9a202462499a041939f3cc381e02ec1939efd39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27471
x-xss-protection: 0
server: sffe
etag: "1513 / 972 of 1000 / last-modified: 1679051351"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 15:31:26 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame F5B4 19 B
150 B 862ms
56ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58301,58294,55953,55936,58292,58160,55938,55859,58222,57630,58309&referrer=finance.yahoo.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame F5B4 43 B
109 B 89ms
55ms Image
image/gif 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926533&grp=%3F%3F%3F&nl=1679067085762&rts=1679067085599&pix=1&et=1&a=db99d546b90f41859d0725ebcc59bb50&m=aXAtMTAtMjItMTEwLTI0MQ..&b=MTMxMjM7RU1FQSAtIEFkWCBQYXNzYmFjazs_Pz87Ozs7MzU4YmJiOWI5OWE3NDEzN2FmYzM0OTA3NDg0Nzg0NmE7Mjk0NjMzMjI7MTY3OTA2MzU1OTs7MDs7MDs7cGFzc2JhY2stMTI3MTQ7OzE7MTs.&uid=y-FY.Np49E2rPMHIehvf4SOHm9K9a4soxm0T45nn36Vh2f%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&af=7&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=5
Requested by: Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC2|562354427&brxdSiteId=4451051&yadpos=LREC2&pos=ipemeafinancelrec2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame F5B4 69 KB
16 KB 196ms
51ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: R93NYTQJHP6Z4902
age: 6825
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: yXnqdLO6DRB/BQlg5BYxYqfN0He3tDNZpowJaNfl3kxZz1E9zkQ3DapYMQ49bnfRQSGcvDjm58Aur0Xk4MN9rg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7F0D 79 KB
27 KB 829ms
100ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB|562354419&brxdSiteId=4451051&yadpos=LDRB&pos=ipemeafinanceldrb&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

31665c7c01527083a4492b70d9a202462499a041939f3cc381e02ec1939efd39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27471
x-xss-protection: 0
server: sffe
etag: "1513 / 280 of 1000 / last-modified: 1679051351"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 15:31:26 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 7F0D 19 B
44 B 786ms
57ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58301,58294,55953,55936,58292,58160,55938,55859,58222,58309,47&referrer=finance.yahoo.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB|562354419&brxdSiteId=4451051&yadpos=LDRB&pos=ipemeafinanceldrb&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame 7F0D 43 B
70 B 50ms
49ms Image
image/gif 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926548&grp=%3F%3F%3F&nl=1679067085841&rts=1679067085599&pix=1&et=1&a=872b68b2433b44e79b476c3abc841576&m=aXAtMTAtMjItOTktMTc0&b=MTMxMjM7RU1FQSAtIEFkWCBQYXNzYmFjazs_Pz87Ozs7YmI0YmQ5ZGI4MjFkNDg2OGIxY2U4NzMzZWQ0OTg5ZWY7Mjk0NjMzMjI7MTY3OTA2MzU1OTs7MDs7MDs7cGFzc2JhY2stMTI3MTU7OzE7MTs.&uid=y-FY.Np49E2rPMHIehvf4SOHm9K9a4soxm0T45nn36Vh2f%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&af=7&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=5
Requested by: Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB|562354419&brxdSiteId=4451051&yadpos=LDRB&pos=ipemeafinanceldrb&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 7F0D 69 KB
16 KB 118ms
50ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB|562354419&brxdSiteId=4451051&yadpos=LDRB&pos=ipemeafinanceldrb&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: R93NYTQJHP6Z4902
age: 6825
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: yXnqdLO6DRB/BQlg5BYxYqfN0He3tDNZpowJaNfl3kxZz1E9zkQ3DapYMQ49bnfRQSGcvDjm58Aur0Xk4MN9rg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EC3B 79 KB
27 KB 848ms
137ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC|562354423&brxdSiteId=4451051&yadpos=LREC&pos=ipemeafinancelrec&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

31665c7c01527083a4492b70d9a202462499a041939f3cc381e02ec1939efd39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27471
x-xss-protection: 0
server: sffe
etag: "1513 / 65 of 1000 / last-modified: 1679051351"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 15:31:26 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame EC3B 19 B
44 B 769ms
59ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58292,55939,55938,55859,47,58309,58294,55936,58683,55964,55953,58301&referrer=finance.yahoo.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC|562354423&brxdSiteId=4451051&yadpos=LREC&pos=ipemeafinancelrec&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame EC3B 43 B
70 B 53ms
49ms Image
image/gif 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926530&grp=%3F%3F%3F&nl=1679067085848&rts=1679067085599&pix=1&et=1&a=f5b5062773084fea86e509ec329e6f8d&m=aXAtMTAtMjItOTgtMjUz&b=MTMxMjM7RU1FQSAtIEFkWCBQYXNzYmFjazs_Pz87Ozs7ZjRmODY2MDYzY2I0NDRjMTk2ODQyZjIyNDYxZDM1ZTg7Mjk0NjMzMjI7MTY3OTA2MzU1OTs7MDs7MDs7cGFzc2JhY2stMTI3MTQ7OzE7MTs.&uid=y-LtbzQPhE2rO.p6MUy71p0eC4YFCt2zxvESQvNO0eN.A.%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&af=7&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=5
Requested by: Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC|562354423&brxdSiteId=4451051&yadpos=LREC&pos=ipemeafinancelrec&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:25 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame EC3B 69 KB
16 KB 97ms
49ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC|562354423&brxdSiteId=4451051&yadpos=LREC&pos=ipemeafinancelrec&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: R93NYTQJHP6Z4902
age: 6825
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: yXnqdLO6DRB/BQlg5BYxYqfN0He3tDNZpowJaNfl3kxZz1E9zkQ3DapYMQ49bnfRQSGcvDjm58Aur0Xk4MN9rg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 7F0D 82 B
253 B 576ms
87ms Script
text/html 54.154.227.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067086692&de=542575223070&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067086692&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101939%3A26888735%3A-&zMoatBannerInfo=498041664&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830144&zMoatAlias=y402804&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=846140539&cs=0&callback=DOMlessLLDcallback_6885180
Requested by: Host: aka-cdn.adtechus.com
URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.227.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-227-195.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 88327ccd76fc342e6f49d8ad72db3a3adac91df0b100663fea881cb33a2f79ef

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:27 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "20cee29b7b2a56cf529cab8bec807f3c23e93912"
content-length: 82
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7F0D 43 B
260 B 494ms
67ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067086692&de=542575223070&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067086692&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101939%3A26888735%3A-&zMoatBannerInfo=498041664&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830144&zMoatAlias=y402804&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=385460084&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:27 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame EC3B 84 B
256 B 450ms
85ms Script
text/html 54.154.227.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067086882&de=241805498985&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067086882&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101861%3A26888708%3A-&zMoatBannerInfo=498041666&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1236964653&cs=0&callback=DOMlessLLDcallback_29567738
Requested by: Host: aka-cdn.adtechus.com
URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.227.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-227-195.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 5d99370b93b9a2a7c741a232137e613db59791637bb0f6c59503b4fbc2a19c43

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:27 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "2a7d00b3c2cee1353b6cf28e808aa63099bc99b2"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame EC3B 43 B
260 B 381ms
56ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067086882&de=241805498985&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067086882&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101861%3A26888708%3A-&zMoatBannerInfo=498041666&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1687334164&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:27 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame F5B4 84 B
257 B 232ms
79ms Script
text/html 54.154.227.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067086969&de=852781550646&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067086969&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101864%3A26888709%3A-&zMoatBannerInfo=498041668&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830145&zMoatAlias=y402807&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=2127655790&cs=0&callback=DOMlessLLDcallback_58423132
Requested by: Host: aka-cdn.adtechus.com
URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.227.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-227-195.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 5881f3f993faa9cadced7966c9594acbd436f52bcc223f8b603695c1386dfe3a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:27 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "ad923abd470ff0454eeba9e4daa453d5304368a0"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame F5B4 43 B
260 B 191ms
63ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067086969&de=852781550646&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067086969&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101864%3A26888709%3A-&zMoatBannerInfo=498041668&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830145&zMoatAlias=y402807&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=756987311&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:27 GMT

GET
H2 200 pubads_impl_2023031301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F5B4 397 KB
134 KB 139ms
54ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136873
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 08:34:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Mar 2024 12:48:18 GMT

GET
H2 200 pubads_impl_2023031301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EC3B 397 KB
134 KB 179ms
94ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136873
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 08:34:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Mar 2024 12:48:18 GMT

GET
H2 200 pubads_impl_2023031301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7F0D 397 KB
134 KB 167ms
115ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136873
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 08:34:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Mar 2024 12:48:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame F5B4 107 B
531 B 211ms
52ms Script
application/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F5B4 107 B
456 B 182ms
58ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F5B4 51 KB
11 KB 374ms
371ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2660711253983299&correlator=731457551698881&eid=31073113&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=121124594%2Cad-exchange-gpt%2Cyahoo-nonmail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=2211125567&sfv=1-0-40&prev_scp=ADPOSITION%3DLREC2%26SITEID%3D222418&eri=4&sc=1&cdm=s.yimg.com&abxe=1&dt=1679067087929&dlt=1679067085217&idt=2440&adxs=0&adys=14&biw=-12245933&bih=-12245933&isw=299&ish=249&scr_x=-12245933&scr_y=-12245933&ucis=enel40du1w7k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&top=rinehartfarm.com&frm=24&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=699004995.1679067088&ga_sid=1679067088&ga_hid=1637890542&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

4ae77ccd1af6d34259034b5541fbf516a92e27ee3282fd1b826d65c7a1bb22a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11716
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F5B4 15 KB
11 KB 209ms
92ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

cb433915db286304dff4f70aff2e32fc4f539f016b7627977fbc62f36d56c86f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11202
x-xss-protection: 0

GET
H2 200 container.html Show response
d4a014d216dd95ba6d2867676257a334.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3DA7 6 KB
3 KB 185ms
54ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4a014d216dd95ba6d2867676257a334.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:31:28 GMT
expires: Sat, 16 Mar 2024 15:31:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame EC3B 107 B
165 B 108ms
73ms Script
application/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EC3B 107 B
165 B 70ms
69ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EC3B 44 KB
10 KB 326ms
319ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1516167285328178&correlator=1037585629112928&eid=31072886%2C31073059&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=121124594%2Cad-exchange-gpt%2Cyahoo-nonmail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1021484889&sfv=1-0-40&prev_scp=ADPOSITION%3DLREC%26SITEID%3D222418&eri=4&sc=1&cdm=s.yimg.com&abxe=1&dt=1679067088021&dlt=1679067085249&idt=2547&adxs=0&adys=14&biw=-12245933&bih=-12245933&isw=299&ish=249&scr_x=-12245933&scr_y=-12245933&ucis=iuy5cn9ewvsl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&top=rinehartfarm.com&frm=24&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=744104326.1679067088&ga_sid=1679067088&ga_hid=1156871&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

c21f71fb93604c39def5a250fac08e1c3be61f22270653ea4ee66e02a02d7a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10592
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EC3B 15 KB
11 KB 136ms
105ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c12cfa76dad0082769ad735fe5a5b69dcffa3336e9e4cb63bfda895e4fef21a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11345
x-xss-protection: 0

GET
H2 200 container.html Show response
969d3c5ffe7672690c93caa2f13106b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 12AA 6 KB
3 KB 106ms
56ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://969d3c5ffe7672690c93caa2f13106b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:31:28 GMT
expires: Sat, 16 Mar 2024 15:31:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 7F0D 107 B
165 B 59ms
54ms Script
application/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7F0D 107 B
165 B 64ms
60ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7F0D 62 KB
12 KB 424ms
407ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3345236712385395&correlator=2840617071889564&eid=31071361%2C31072019&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=121124594%2Cad-exchange-gpt%2Cyahoo-nonmail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=1247926164&sfv=1-0-40&prev_scp=ADPOSITION%3DLDRB%26SITEID%3D222418&eri=4&sc=1&cdm=s.yimg.com&abxe=1&dt=1679067088082&dlt=1679067085208&idt=2616&adxs=0&adys=14&biw=-12245933&bih=-12245933&isw=727&ish=89&scr_x=-12245933&scr_y=-12245933&ucis=xf3jogmr5m7o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&top=rinehartfarm.com&frm=24&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=995321912.1679067088&ga_sid=1679067088&ga_hid=1390983018&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

48ec4260476a44776e57b5fed27a5c04b050e7f782336b851615d4ed5a7dd439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12702
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7F0D 15 KB
11 KB 171ms
124ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ca0303dc4a18ac8399d388d476e0d7b5a50b6ab027920a74a8cec3277fc10cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11386
x-xss-protection: 0

GET
H2 200 container.html Show response
39825f9fb93011878253fdb8ed70b896.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D289 6 KB
3 KB 126ms
72ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://39825f9fb93011878253fdb8ed70b896.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:31:28 GMT
expires: Sat, 16 Mar 2024 15:31:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame 324D 2 KB
808 B 55ms
54ms Document
text/html 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6519
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame A425 2 KB
804 B 59ms
57ms Document
text/html 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6519
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame 512A 2 KB
804 B 77ms
74ms Document
text/html 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6519
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830142%7C0%7C225%7CAdId=11101985;BnId=3;ct=3963478407;st=19519;adcid=1;itime=562354421;reqtype=5;;impref=16775623542580318848;imprefseq=14360940497606341;imprefts=16775623...
5.ras.yahoo.com/ 1 B
225 B 157ms
154ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830142%7C0%7C225%7CAdId=11101985;BnId=3;ct=3963478407;st=19519;adcid=1;itime=562354421;reqtype=5;;impref=16775623542580318848;imprefseq=14360940497606341;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LDRB2;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402805;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:28 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830146%7C0%7C170%7CAdId=11101812;BnId=2;ct=3963478407;st=27119;adcid=1;itime=562354430;reqtype=5;;impref=16775623542580318872;imprefseq=14360940497606350;imprefts=16775623...
5.ras.yahoo.com/ 1 B
34 B 158ms
155ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830146%7C0%7C170%7CAdId=11101812;BnId=2;ct=3963478407;st=27119;adcid=1;itime=562354430;reqtype=5;;impref=16775623542580318872;imprefseq=14360940497606350;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LREC3;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402808;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:28 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830166%7C0%7C170%7CAdId=11101914;BnId=2;ct=3963478407;st=29575;adcid=1;itime=562354434;reqtype=5;;impref=16775623542580318883;imprefseq=14360940497606353;imprefts=16775623...
5.ras.yahoo.com/ 1 B
34 B 422ms
420ms Image
application/x-javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830166%7C0%7C170%7CAdId=11101914;BnId=2;ct=3963478407;st=29575;adcid=1;itime=562354434;reqtype=5;;impref=16775623542580318883;imprefseq=14360940497606353;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LREC4;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402809;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:28 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 p
geo.yahoo.com/ 43 B
558 B 91ms
71ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:28 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F5B4 17 KB
7 KB 166ms
59ms Script
text/javascript 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 15:31:28 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EC3B 17 KB
6 KB 169ms
65ms Script
text/javascript 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 15:31:28 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7F0D 17 KB
6 KB 103ms
70ms Script
text/javascript 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 15:31:28 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302271541000/ Frame 585C 221 KB
61 KB 182ms
44ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5ae9552d446982cedbbeb56c92ec7461d79f2e7734efa66bd0633e095b12d645

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Mar 2023 17:10:33 GMT
age: 339655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61845
x-xss-protection: 0
server: sffe
etag: "4fba9ccee66ca96a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 12 Mar 2024 17:10:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 585C 15 KB
5 KB 287ms
152ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 04:56:40 GMT
age: 556488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
server: sffe
etag: "cedf9691907d886d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 04:56:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 585C 94 KB
28 KB 292ms
157ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 03:37:38 GMT
age: 561230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28954
x-xss-protection: 0
server: sffe
etag: "eb54a928dd76f593"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 03:37:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 585C 5 KB
2 KB 308ms
175ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 04:47:59 GMT
age: 557009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "aaf5c93962f41d5e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 04:47:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 585C 40 KB
13 KB 311ms
179ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Mar 2023 18:09:06 GMT
age: 595342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "2e1a930b1f14d060"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Mar 2024 18:09:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 585C 8 KB
1 KB 168ms
53ms Stylesheet
text/css 142.250.184.202

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 13:44:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 15:31:28 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 585C 2 KB
3 KB 68ms
68ms Image
image/png 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 19:10:45 GMT
x-content-type-options: nosniff
server: cafe
age: 73243
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Fri, 17 Mar 2023 19:10:45 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 585C 295 B
537 B 66ms
65ms Image
image/png 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 20:24:54 GMT
x-content-type-options: nosniff
server: cafe
age: 68794
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Mar 2023 20:24:54 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 585C 0
0 94ms
94ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQSv5z4cUZPDuPMuBzQbKvKmgC-7e4NNuz6GYkYUR5N7xx4s4EAEgypz3I2Dp5MmF2BqgAaCBs8MDyAEBqQJQ-evbadexPuACAKgDAaoEpAJP0GEP1wCSKZhzqHN4ya1ede9bbVeTaR0XOpfT2glVI8zcy-o47KgJMX1_xf5iX3htmGTTedJIbiDxS9iQLiFU0tsqSjoyxsrVYUl8WSMQnnTq4Fw5itmopZ_57A_RxJiYEiMnGhekKOgu2BoVc6IiMkGez5zFFL5jr4xnvg5iEHcAr_6PB4X7hDu_8Kwxwd9tD0F_ZDg4iKMvomkj9pcW3ZGg1Wf5g6BqhuqCZvQ0ZQacxc7I7qBpF8fHRxMhJ5WQxisvlCSniobEa89Wel1Kqa1vYYLSvFkmaQpRRVtbtA-5pi3bYMaH1cx-jO7bTba3xZ72r5xA4yjAeQQPXp0Fj08F8RDTlXjwljOW9Pfu2fP4uM8EqsDRg7ffvzlC5-6jneemwATThojdpATgBAGSBQQIBBgBkgUECAUYBIAHoPbYPagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELeOA9IIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDYgUAdAVAYAXAbIXHgocCAASFHB1Yi01OTA1OTMyNTkzMDk0MDY5GKrcGA&sigh=bAnMIan-DNo&uach_m=[UACH]&cid=CAQSGwDUE5ymuTinbl-tzZGju-E-yz71MT-DXIR1ZBgB&template_id=5028
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s01-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 585C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 585C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3136f4f25c2c5336704288233b9b741679092d0105f7f0003a45b9756e7f52b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame 324D 63 KB
27 KB 49ms
49ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WD7RRDRJ81T9KQ82
age: 367935
x-amz-server-side-encryption: AES256
x-amz-id-2: 9DuXYeb7yLSXc7zSRTkyODcUAnRWRZmy/VxfQLDxA2q5GgbGXRjHM6TAOFMPvqD68lUD6yR2Bo8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302271541000/ Frame 545F 221 KB
60 KB 160ms
112ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5ae9552d446982cedbbeb56c92ec7461d79f2e7734efa66bd0633e095b12d645

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Mar 2023 17:10:33 GMT
age: 339655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61845
x-xss-protection: 0
server: sffe
etag: "4fba9ccee66ca96a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 12 Mar 2024 17:10:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 545F 15 KB
5 KB 232ms
184ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 04:56:40 GMT
age: 556488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
server: sffe
etag: "cedf9691907d886d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 04:56:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 545F 94 KB
28 KB 238ms
190ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 03:37:38 GMT
age: 561230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28954
x-xss-protection: 0
server: sffe
etag: "eb54a928dd76f593"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 03:37:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 545F 5 KB
2 KB 241ms
194ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 04:47:59 GMT
age: 557009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "aaf5c93962f41d5e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 04:47:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 545F 40 KB
13 KB 242ms
203ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Mar 2023 18:09:06 GMT
age: 595342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "2e1a930b1f14d060"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Mar 2024 18:09:06 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 545F 295 B
353 B 62ms
47ms Image
image/png 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 20:24:54 GMT
x-content-type-options: nosniff
server: cafe
age: 68794
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Mar 2023 20:24:54 GMT

GET
DATA 200
OK truncated
/ Frame 545F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bc398615b208b47acd0004724f73fae5762ca6de7b2ab235f8999594a35dc0a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 17931026061895033262
tpc.googlesyndication.com/simgad/ Frame 545F 55 KB
55 KB 63ms
49ms Image
image/jpeg 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17931026061895033262?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmPTqPRAWftlHSbEehi4r_TNAgcvw

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d6b539f42e7e926907f2e9e779591c8e0dc65cc762c22f7d6264f61f05d2c5ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 10:56:42 GMT
x-content-type-options: nosniff
age: 16486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55821
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:46:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Mar 2024 10:56:42 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 545F 2 KB
3 KB 101ms
88ms Image
image/png 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 07:53:30 GMT
x-content-type-options: nosniff
server: cafe
age: 27478
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 18 Mar 2023 07:53:30 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 545F 0
0 105ms
92ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CV0Ng0IcUZKzbBIK5mLAPvt-gqAbPyIDvbquRueSfEdvZHhABIMqc9yNg6eTJhdgaoAGHg7_3A8gBAuACAKgDAcgDCKoErQJP0IeYCJcflf9_ZZVoxz5nN7LMXoI2qUacgJJdgV0oUao_YNPX64FyS5W8QLfUzSZXGETis_mcZ9S_PYxm6nBrCUNp3ZsHBU63rlqmFn1N4w64N51jSnLIBdwdhECNvRRv6c093Cp7hSbH8GwS4i_oJAFaTyEyxqD88I4I0NdMqBljyXfEcI8CLMTrKrupakAXw-Si3s-XWo62gcJzN1w63bLW5cfd4vFZ1_-F2ccnii2Y4GCdlL8bwlGRmKhu9PdDL_idfydRNBFLc0kb7OO2JbHMo9w4TmO9YM83SbIoDTHcOkgvbegULJ1bw9tsGGgOOeNDfH5Rd7xmp7Zn5ZPerBTu7GNv18ndCUYHtFQ5Q0Vk17o5tdSPYaKM2aQLUuMLD_mOhhWXVzGv5MpJwASkwejAmATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHprv-hQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC3jgPSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItNTkwNTkzMjU5MzA5NDA2ORiq3Bg&sigh=m_CmsoamOJI&uach_m=[UACH]&cid=CAQSGwDUE5ymoRNJk_nnVtbpZ7pntKEGzZCOXDKz_hgB
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s01-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame A425 63 KB
27 KB 60ms
51ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WD7RRDRJ81T9KQ82
age: 367935
x-amz-server-side-encryption: AES256
x-amz-id-2: 9DuXYeb7yLSXc7zSRTkyODcUAnRWRZmy/VxfQLDxA2q5GgbGXRjHM6TAOFMPvqD68lUD6yR2Bo8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame 512A 63 KB
27 KB 72ms
67ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WD7RRDRJ81T9KQ82
age: 367935
x-amz-server-side-encryption: AES256
x-amz-id-2: 9DuXYeb7yLSXc7zSRTkyODcUAnRWRZmy/VxfQLDxA2q5GgbGXRjHM6TAOFMPvqD68lUD6yR2Bo8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302271541000/ Frame C21F 221 KB
60 KB 169ms
168ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5ae9552d446982cedbbeb56c92ec7461d79f2e7734efa66bd0633e095b12d645

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Mar 2023 17:10:33 GMT
age: 339655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61845
x-xss-protection: 0
server: sffe
etag: "4fba9ccee66ca96a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 12 Mar 2024 17:10:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame C21F 15 KB
5 KB 172ms
168ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 04:56:40 GMT
age: 556488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
server: sffe
etag: "cedf9691907d886d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 04:56:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame C21F 94 KB
28 KB 175ms
169ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 03:37:38 GMT
age: 561230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28954
x-xss-protection: 0
server: sffe
etag: "eb54a928dd76f593"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 03:37:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame C21F 5 KB
2 KB 183ms
178ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 04:47:59 GMT
age: 557009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "aaf5c93962f41d5e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 04:47:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame C21F 40 KB
13 KB 183ms
179ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Mar 2023 18:09:06 GMT
age: 595342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "2e1a930b1f14d060"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Mar 2024 18:09:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C21F 8 KB
968 B 79ms
76ms Stylesheet
text/css 142.250.184.202

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 14:05:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 15:31:28 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C21F 2 KB
2 KB 76ms
74ms Image
image/png 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 19:10:45 GMT
x-content-type-options: nosniff
server: cafe
age: 73243
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Fri, 17 Mar 2023 19:10:45 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C21F 295 B
353 B 77ms
75ms Image
image/png 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 20:24:54 GMT
x-content-type-options: nosniff
server: cafe
age: 68794
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Mar 2023 20:24:54 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C21F 0
0 93ms
92ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cwku20IcUZNmFC9CxlgS--724A8j_r8Bvg5_L9tYQ6bKYlY4OEAEgypz3I2Dp5MmF2BqgAaCqyukCyAEBqQJ_T1iDIPuoPuACAKgDAcgDCqoEoQJP0AkPie97xMLNNl3ABJoS8oTUZ7o8KG7xB3GUr_6v6qsrccf-gRDTn5SPvqeqt-IZ4yBJq0IqYGi3QiVFm3_Ar9D-VDTjyD5GTL4CpZ8Z8-aOPXdG56ryMNtgZsSkyYCKqN_ljo2KkFZkBvZUlAOg1H3ulNGMDmYVIBlLVf65oXBEEwJ8Fy7P0BNrOuXW8VqTvXM8hjfVa120ull9isfHNzRv2IE_4EtN6HzHt_YMayb803U7TasurK3G_0OBFv6X4002-KSMNVI1gCNs6_q9-NKPM6aSm-FFjMKrustfrpZ2cKCuJ4O-QlXV0ah4Bzso9cZ-pHNCqQ37T-aPW-elffZsnabknhJyjN_HDzXHPjSmcpKb_SIcENvmxt3ApV4pwASOpvGNiATgBAGSBQQIBBgBkgUECAUYBKAGZoAHyNW1lgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC3jgPSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwuIFAfQFQGAFwGyFx4KHAgAEhRwdWItNTkwNTkzMjU5MzA5NDA2ORiq3Bg&sigh=XQSJmWdbPLQ&uach_m=[UACH]&cid=CAQSGwDUE5ymMTfo-y7cXN7VWfWoBp8a4C52lJdBjxgB
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s01-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C21F 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C21F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cc052c759f667b605acc55b5e91826efc37c5947f68f76cfbda87dc116512dc

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame 324D 4 KB
2 KB 265ms
233ms Script
application/x-javascript 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB2|562354421&brxdSiteId=4451051&yadpos=LDRB2&pos=ipemeafinanceldrb2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 518ae6cb617cc155d3da327e86d5cdb06025b6194c5a11b1e997624f04609ef0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 1708
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame 324D 318 KB
107 KB 65ms
34ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1799
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame 324D 565 B
660 B 63ms
32ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
x-amz-version-id: null
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
age: 39179
x-amz-request-id: KPNXB3V80ADW05F8
etag: "349bad1100a940608cb9109eb2b166a2"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame 324D 1 KB
1 KB 64ms
33ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
x-amz-version-id: null
age: 80697
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 585C 44 KB
44 KB 598ms
94ms Font
font/woff2 142.250.186.35

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s.yimg.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 23:44:24 GMT
x-content-type-options: nosniff
age: 143225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:44:24 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame EC3B 43 B
260 B 53ms
52ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=0&q=0&hp=1&vb=1&kq=1&lo=3&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F17931026061895033262%3Fsqp%3D4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4%26rs%3DAOga4qmPTqPRAWftlHSbEehi4r_TNAgcvw&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067086882&de=241805498985&cu=1679067086882&m=1955&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=564&lg=1&lh=350&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=346&cd=0&ah=346&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1883544166&cs=0
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E5D0 13 KB
5 KB 116ms
44ms Document
text/html 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 9758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:48:51 GMT
expires: Sat, 16 Mar 2024 12:48:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8FD7 783 B
968 B 117ms
53ms Document
text/html 142.250.185.228

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

0b455faaa38265d2ff049ec9470af350dda818baa4a3e8f9b9e03c6350279517

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hl6RvVoHeDVtwBvvur8pYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-hl6RvVoHeDVtwBvvur8pYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:31:29 GMT
expires: Fri, 17 Mar 2023 15:31:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame C21F 28 KB
28 KB 429ms
45ms Font
font/woff2 142.250.186.35

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s.yimg.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:05:31 GMT
x-content-type-options: nosniff
age: 167158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 17:05:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C515 13 KB
5 KB 105ms
46ms Document
text/html 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 9758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:48:51 GMT
expires: Sat, 16 Mar 2024 12:48:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F8BB 783 B
743 B 129ms
68ms Document
text/html 142.250.185.228

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

5dbbce5607a1b59337cf8926e9799aa143ad83ca74795bd8ea4df487a46adc7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MNVXMUf3GtnB3f4sxmNHkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-MNVXMUf3GtnB3f4sxmNHkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:31:29 GMT
expires: Fri, 17 Mar 2023 15:31:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC4C 13 KB
5 KB 133ms
75ms Document
text/html 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 9758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:48:51 GMT
expires: Sat, 16 Mar 2024 12:48:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0F9A 783 B
742 B 129ms
70ms Document
text/html 142.250.185.228

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

3b8e7415842f1029a53ac6c9ba1cd6511c3d22b419a0154eb76311c51b13c9a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1EMdQZ2yReYAOSWxD9cEgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-1EMdQZ2yReYAOSWxD9cEgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:31:29 GMT
expires: Fri, 17 Mar 2023 15:31:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame A425 10 KB
4 KB 298ms
297ms Script
application/x-javascript 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC3|562354430&brxdSiteId=4451051&yadpos=LREC3&pos=ipemeafinancelrec3&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3659aeca6aca76cab7cbf7697533350ee802c2555be7f04455d506649a67b3e1

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:29 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 1
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 4279
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame A425 318 KB
107 KB 47ms
46ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1799
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame A425 565 B
639 B 51ms
50ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
x-amz-version-id: null
nel: {"report_to": "default", "max_age": 43200, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age: 39179
x-amz-request-id: KPNXB3V80ADW05F8
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
etag: "349bad1100a940608cb9109eb2b166a2"
report-to: {"group": "default", "max_age": 43200, "endpoints":[{"url": "https://report.edgecast.com/nel/v0?s=QlcUD0dUXhNXDlABC1NW", "priority": 1}, {"url": "https://nelcollector.sre.ecsvc.net/report", "priority": 2}]}
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame A425 1 KB
1 KB 52ms
52ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:28 GMT
x-amz-version-id: null
age: 80697
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame 512A 10 KB
4 KB 202ms
192ms Script
application/x-javascript 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC4|562354434&brxdSiteId=4451051&yadpos=LREC4&pos=ipemeafinancelrec4&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 07843fc86000451c78df512185f14fd19ee5143bf2cb6d8a4d5c4efb33e5d7de

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:29 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 4277
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame 512A 318 KB
107 KB 41ms
34ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:29 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1800
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame 512A 565 B
662 B 38ms
32ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:29 GMT
x-amz-version-id: null
nel: {"report_to": "default", "max_age": 43200, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age: 39180
x-amz-request-id: KPNXB3V80ADW05F8
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
etag: "349bad1100a940608cb9109eb2b166a2"
report-to: {"group": "default", "max_age": 43200, "endpoints":[{"url": "https://report.edgecast.com/nel/v0?s=QlcUD0dUXhNXDlABC1NW", "priority": 1}, {"url": "https://nelcollector.sre.ecsvc.net/report", "priority": 2}]}
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame 512A 1 KB
1 KB 39ms
33ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:29 GMT
x-amz-version-id: null
age: 80698
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 p
geo.yahoo.com/ 43 B
435 B 74ms
74ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=1183310220&pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-10-1&D_l=137%2C276%2C2763%2C0%2C0%2C0%2C0%2C140%2C43&D_m=0%2C%2C4g%2C1%2C&test=&D_e=&D_p=6%2C11101939%2CLDRB%2C728x90%2C999999%2C999999%2C999999%2C0%2C0%2C2968%2C1%2C-1%2C26888735%2C-1%2C2%2CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%3A-1%3ALDRB%2C2%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C4%2C1%2C4%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C3%2Chttps%253A%2F%2Frinehartfarm.com%2C%2C1%2C2%2C3%2C0%2C0%2C-1%2C0%2C0%2C-1%2C-1%2C3110%2C3110%3B6%2C11101861%2CLREC%2C300x250%2C999999%2C999999%2C999999%2C0%2C0%2C2930%2C1%2C100%2C26888708%2C-1%2C2%2CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%3A-1%3ALREC%2C1%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C4%2C1%2C4%2C2%2C0%2C0%2C0%2C0%2C100%2C0%2C3%2Chttps%253A%2F%2Frinehartfarm.com%2C%2C1%2Ctrue%2C3%2C0%2C0%2C-1%2C0%2C0%2C-1%2C-1%2C3076%2C3076%3B&D_res=%7B%22LDRB%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Ftag%2Fjs%2Fgpt.js%22%2C%22dur%22%3A866%2C%22st%22%3A859%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fservice.idsync.analytics.yahoo.com%2Fsp%2Fv0%2Fpixels%3FpixelIds%3D55940%2C58301%2C58294%2C55953%2C55936%2C58292%2C58160%2C55938%2C55859%2C58222%2C58309%2C47%26referrer%3Dfinance.yahoo.com%26limit%3D12%26us_privacy%3D%26js%3D1%26_origin%3D1%26gdpr%3D0%26euconsent%3D%22%2C%22dur%22%3A787%2C%22st%22%3A859%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fgeo.moatads.com%2Fn.js%3Fe%3D35%26qn%3D%25604%257BZEYwoqI%2524%255BK%252BdLLU)%252CMm~tM!90vv9L%2524%252FoDb%252Fz(lKm3GFlNUU%252Cu%255Bh_GcS%2525%255BHvLU%255B4(K%252B%257BgeFWl_%253DNqUXR%253A%253D%252BAxMn%253Ch%252CyenA8p%252FHm%2524%2560%25233P(ry5*ZRocMp1tq%255BN%257Bq%2560RP%253CG.ceFW%257CoG%2522mxT%253Bwv%2540V374BKm55%253D%25261fp%255BoU5t(K3%252BI%2524%253D!!t%2522lAk.JGfxECSR23_hFAkD%253Dv%253CN%255B.%2522%2524b_o%253FtVD%255D%255BpN%257CQF%2540Sy7%257B%252CNr1U*%2526ujMUU9%253C%2524kBjqI%26th%3D1219999633%26tf%3DnMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-%26vi%3D111111%26rc%3D1%252C1%252C0%252C3%252CChrome%2520PDF%2520Plugin*Chrome%2520PDF%2520Viewer*Native%2520Client%252C1%252C4%252C0%252Cprobably%252Cprobably%26os%3D%26qp%3D10000%26is%3DBBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB%26iv%3D8%26qt%3D0%26gz%3D0%26hh%3D0%26hn%3D0%26tw%3D%26qc%3D0%26qd%3D0%26qf%3D728%26qe%3D90%26qh%3D1600%26qg%3D1200%26qm%3D0%26qa%3D1600%26qb%3D1200%26qi%3D1600%26qj%3D1200%26to%3D000%26po%3D1-0020002000002120%26vy%3Dot%2524b%255Bh%2540%2522oD~T_Gr1%253E%253AB%2540NVt7%253BY%253EhyMmxNXJZPV8t6%253D%253Dh_GW3r4Aj!L%253E%252BbK0pH%2523H%26ql%3D%253B%255BpwxnRd%257Dt%253Aal9EU%2522y%252F.D%255B5%252F%255BGI%253Fi6%255EB61%252F%253DSqcMr1%257B%252CTu9LJJ(a.P%252B)s1(uA%26qo%3D0%26qr%3D0%26i%3DADTECHBRANDS1%26hp%3D1%26vb%3D-1%26cm%3D1%26kq%3D1%26hq%3D0%26hs%3D0%26hu%3D0%26hr%3D0%26ht%3D1%26dnt%3D0%26bq%3D0%26f%3D1%26nh%3D1%26j%3Dhttps%253A%252F%252Frinehartfarm.com%26lp%3Dhttps%253A%252F%252Frinehartfarm.com%26t%3D1679067086692%26de%3D542575223070%26m%3D0%26ar%3Dda8ed23e15-clean%26iw%3D7e8212f%26q%3D2%26cb%3D0%26ym%3D0%26cu%3D1679067086692%26ll%3D2%26lm%3D1%26ln%3D1%26r%3D0%26em%3D0%26en%3D0%26d%3D11100493%253A11101939%253A26888735%253A-%26zMoatBannerInfo%3D498041664%26zGSRC%3D1%26gu%3Dhttps%253A%252F%252Frinehartfarm.com%252F%26id%3D0%26ii%3D3%26zMoatS1%3D5113%26zMoatS2%3D374058%26zMoatS3%3D0%26zMoatS4%3D4830144%26zMoatAlias%3Dy402804%26zMoatMagicNum%3Dundefined%26gw%3Dadtechbrands092348fjlsmdhlwsl239fh3df%26fd%3D1%26ac%3D1%26it%3D500%26ti%3D0%26ih%3D1%26pe%3D0%253A-%253A-%253A0%253A0%26fs%3D182630%26na%3D846140539%26cs%3D0%26callback%3DDOMlessLLDcallback_6885180%22%2C%22dur%22%3A578%2C%22st%22%3A1818%2C%22ssl%22%3A71%2C%22dns%22%3A0%2C%22conn%22%3A165.4%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fapx.moatads.com%2Fpixel.gif%3Fe%3D17%26i%3DADTECHBRANDS1%26hp%3D1%26vb%3D-1%26cm%3D1%26kq%3D1%26hq%3D0%26hs%3D0%26hu%3D0%26hr%3D0%26ht%3D1%26dnt%3D0%26bq%3D0%26f%3D1%26nh%3D1%26j%3Dhttps%253A%252F%252Frinehartfarm.com%26lp%3Dhttps%253A%252F%252Frinehartfarm.com%26t%3D1679067086692%26de%3D542575223070%26m%3D0%26ar%3Dda8ed23e15-clean%26iw%3D7e8212f%26q%3D3%26cb%3D0%26ym%3D0%26cu%3D1679067086692%26ll%3D2%26lm%3D1%26ln%3D1%26r%3D0%26em%3D0%26en%3D0%26d%3D11100493%253A11101939%253A26888735%253A-%26zMoatBannerInfo%3D498041664%26zGSRC%3D1%26gu%3Dhttps%253A%252F%252Frinehartfarm.com%252F%26id%3D0%26ii%3D3%26zMoatS1%3D5113%26zMoatS2%3D374058%26zMoatS3%3D0%26zMoatS4%3D4830144%26zMoatAlias%3Dy402804%26zMoatMagicNum%3Dundefined%26gw%3Dadtechbrands092348fjlsmdhlwsl239fh3df%26fd%3D1%26ac%3D1%26it%3D500%26ti%3D0%26ih%3D1%26pe%3D0%253A-%253A-%253A0%253A0%26fs%3D182630%26na%3D385460084%26cs%3D0%22%2C%22dur%22%3A502%2C%22st%22%3A1852%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fweb-oao.ssp.yahoo.com%2Fadmax%2FadServe.do%3FbrxdSectionId%3D96306051%26brxdPublisherId%3D20459933223%26ypubblob%3Dlmsid%3Aa0V0W00000HOchMUAT%3Brevsp%3Acoindesk_75%3Blpstaid%3A58cd28cb-d225-3f64-a522-31500d475d2c%3Blu%3A0%3Bpct%3Astory%3Bpt%3Acontent%3Bsite%3Afinance%3Bver%3Aarticle%3Bpd%3Anon_modal%7CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%7C1183310220%7CLDRB%7C562354419%26brxdSiteId%3D4451051%26yadpos%3DLDRB%26pos%3Dipemeafinanceldrb%26ybkt%3D_BUCKETID_%26us_privacy%3D%26gdpr%3D0%26euconsent%3D%26gpp%3D%26gpp_sid%3D%26wd%3D728%26ht%3D90%26of%3Djs%26csrtype%3D3%26req(url)%3Dhttps%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%22%2C%22dur%22%3A476%2C%22st%22%3A381%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22first-paint%22%3A3110%2C%22first-contentful-paint%22%3A3110%7D%5D%2C%22LREC%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Ftag%2Fjs%2Fgpt.js%22%2C%22dur%22%3A869%2C%22st%22%3A842%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fservice.idsync.analytics.yahoo.com%2Fsp%2Fv0%2Fpixels%3FpixelIds%3D58292%2C55939%2C55938%2C55859%2C47%2C58309%2C58294%2C55936%2C58683%2C55964%2C55953%2C58301%26referrer%3Dfinance.yahoo.com%26limit%3D12%26us_privacy%3D%26js%3D1%26_origin%3D1%26gdpr%3D0%26euconsent%3D%22%2C%22dur%22%3A776%2C%22st%22%3A843%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fgeo.moatads.com%2Fn.js%3Fe%3D35%26qn%3D%25604%257BZEYwoqI%2524%255BK%252BdLLU)%252CMm~tM!90vv9L%2524%252FoDb%252Fz(lKm3GFlNUU%252Cu%255Bh_GcS%2525%255BHvLU%255B4(K%252B%257BgeFWl_%253DNqUXR%253A%253D%252BAxMn%253Ch%252CyenA8p%252FHm%2524%2560%25233P(ry5*ZRocMp1tq%255BN%257Bq%2560RP%253CG.ceFW%257CoG%2522mxT%253Bwv%2540V374BKm55%253D%25261fp%255BoU5t(K3%252BI%2524%253D!!t%2522lAk.JGfxECSR23_hFAkD%253Dv%253CN%255B.%2522%2524b_o%253FtVD%255D%255BpN%257CQF%2540Sy7%257B%252CNr1U*%2526ujMUU9%253C%2524kBjqI%26th%3D1219999633%26tf%3DnMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-%26vi%3D111111%26rc%3D1%252C1%252C0%252C3%252CChrome%2520PDF%2520Plugin*Chrome%2520PDF%2520Viewer*Native%2520Client%252C1%252C4%252C0%252Cprobably%252Cprobably%26os%3D%26qp%3D10000%26is%3DBBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB%26iv%3D8%26qt%3D0%26gz%3D0%26hh%3D0%26hn%3D0%26tw%3D%26qc%3D0%26qd%3D0%26qf%3D300%26qe%3D250%26qh%3D1600%26qg%3D1200%26qm%3D0%26qa%3D1600%26qb%3D1200%26qi%3D1600%26qj%3D1200%26to%3D000%26po%3D1-0020002000002120%26vy%3Dot%2524b%255Bh%2540%2522oD~T_Gr1%253E%253AB%2540NVt7%253BY%253EhyMmxNXJZPV8t6%253D%253Dh_GW3r4Aj!L%253E%252BbK0pH%2523H%26ql%3D%253B%255BpwxnRd%257Dt%253Aal9EU%2522y%252F.D%255B5%252F%255BGI%253Fi6%255EB61%252F%253DSqcMr1%257B%252CTu9LJJ(a.P%252B)s1(uA%26qo%3D0%26qr%3D0%26i%3DADTECHBRANDS1%26hp%3D1%26vb%3D-1%26cm%3D1%26kq%3D1%26hq%3D0%26hs%3D0%26hu%3D0%26hr%3D0%26ht%3D1%26dnt%3D0%26bq%3D0%26f%3D1%26nh%3D1%26j%3Dhttps%253A%252F%252Frinehartfarm.com%26lp%3Dhttps%253A%252F%252Frinehartfarm.com%26t%3D1679067086882%26de%3D241805498985%26m%3D0%26ar%3Dda8ed23e15-clean%26iw%3D7e8212f%26q%3D2%26cb%3D0%26ym%3D0%26cu%3D1679067086882%26ll%3D2%26lm%3D1%26ln%3D1%26r%3D0%26em%3D0%26en%3D0%26d%3D11100493%253A11101861%253A26888708%253A-%26zMoatBannerInfo%3D498041666%26zGSRC%3D1%26gu%3Dhttps%253A%252F%252Frinehartfarm.com%252F%26id%3D0%26ii%3D3%26zMoatS1%3D5113%26zMoatS2%3D374058%26zMoatS3%3D0%26zMoatS4%3D4830165%26zMoatAlias%3Dy402806%26zMoatMagicNum%3Dundefined%26gw%3Dadtechbrands092348fjlsmdhlwsl239fh3df%26fd%3D1%26ac%3D1%26it%3D500%26ti%3D0%26ih%3D1%26pe%3D0%253A-%253A-%253A0%253A0%26fs%3D182630%26na%3D1236964653%26cs%3D0%26callback%3DDOMlessLLDcallback_29567738%22%2C%22dur%22%3A453%2C%22st%22%3A1909%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fweb-oao.ssp.yahoo.com%2Fadmax%2FadServe.do%3FbrxdSectionId%3D96306051%26brxdPublisherId%3D20459933223%26ypubblob%3Dlmsid%3Aa0V0W00000HOchMUAT%3Brevsp%3Acoindesk_75%3Blpstaid%3A58cd28cb-d225-3f64-a522-31500d475d2c%3Blu%3A0%3Bpct%3Astory%3Bpt%3Acontent%3Bsite%3Afinance%3Bver%3Aarticle%3Bpd%3Anon_modal%7CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%7C1183310220%7CLREC%7C562354423%26brxdSiteId%3D4451051%26yadpos%3DLREC%26pos%3Dipemeafinancelrec%26ybkt%3D_BUCKETID_%26us_privacy%3D%26gdpr%3D0%26euconsent%3D%26gpp%3D%26gpp_sid%3D%26wd%3D300%26ht%3D250%26of%3Djs%26csrtype%3D3%26req(url)%3Dhttps%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%22%2C%22dur%22%3A436%2C%22st%22%3A402%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fapx.moatads.com%2Fpixel.gif%3Fe%3D17%26i%3DADTECHBRANDS1%26hp%3D1%26vb%3D-1%26cm%3D1%26kq%3D1%26hq%3D0%26hs%3D0%26hu%3D0%26hr%3D0%26ht%3D1%26dnt%3D0%26bq%3D0%26f%3D1%26nh%3D1%26j%3Dhttps%253A%252F%252Frinehartfarm.com%26lp%3Dhttps%253A%252F%252Frinehartfarm.com%26t%3D1679067086882%26de%3D241805498985%26m%3D0%26ar%3Dda8ed23e15-clean%26iw%3D7e8212f%26q%3D3%26cb%3D0%26ym%3D0%26cu%3D1679067086882%26ll%3D2%26lm%3D1%26ln%3D1%26r%3D0%26em%3D0%26en%3D0%26d%3D11100493%253A11101861%253A26888708%253A-%26zMoatBannerInfo%3D498041666%26zGSRC%3D1%26gu%3Dhttps%253A%252F%252Frinehartfarm.com%252F%26id%3D0%26ii%3D3%26zMoatS1%3D5113%26zMoatS2%3D374058%26zMoatS3%3D0%26zMoatS4%3D4830165%26zMoatAlias%3Dy402806%26zMoatMagicNum%3Dundefined%26gw%3Dadtechbrands092348fjlsmdhlwsl239fh3df%26fd%3D1%26ac%3D1%26it%3D500%26ti%3D0%26ih%3D1%26pe%3D0%253A-%253A-%253A0%253A0%26fs%3D182630%26na%3D1687334164%26cs%3D0%22%2C%22dur%22%3A397%2C%22st%22%3A1917%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22first-paint%22%3A3076%2C%22first-contentful-paint%22%3A3076%7D%5D%7D&t=1679067089045

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:29 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 pixel.gif
apx.moatads.com/ Frame EC3B 43 B
260 B 51ms
51ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=37&q=0&hp=1&vb=1&kq=1&lo=3&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067086882&de=241805498985&cu=1679067086882&m=2239&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=564&lg=1&lh=350&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=139&cn=0&gk=139&gl=0&ik=139&ic=139&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=372&cd=346&ah=372&am=346&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1788500291&cs=0
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:29 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 585C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

165ms
58ms

Image
text/html

142.250.184.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Server: 142.250.184.194 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Fri, 17 Mar 2023 15:31:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 545F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

99ms
66ms

Image
text/html

142.250.184.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Server: 142.250.184.194 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Fri, 17 Mar 2023 15:31:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 17931026061895033262
tpc.googlesyndication.com/simgad/ Frame 545F 55 KB
55 KB 63ms
61ms Image
image/jpeg 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17931026061895033262?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmPTqPRAWftlHSbEehi4r_TNAgcvw

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d6b539f42e7e926907f2e9e779591c8e0dc65cc762c22f7d6264f61f05d2c5ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 10:56:42 GMT
x-content-type-options: nosniff
age: 16487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55821
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:46:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Mar 2024 10:56:42 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 545F 2 KB
2 KB 48ms
46ms Image
image/png 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 07:53:30 GMT
x-content-type-options: nosniff
server: cafe
age: 27479
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 18 Mar 2023 07:53:30 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 545F 295 B
319 B 51ms
49ms Image
image/png 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 20:24:54 GMT
x-content-type-options: nosniff
server: cafe
age: 68795
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Mar 2023 20:24:54 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C21F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

115ms
73ms

Image
text/html

142.250.184.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Server: 142.250.184.194 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Fri, 17 Mar 2023 15:31:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C21F 295 B
319 B 76ms
74ms Image
image/png 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 20:24:54 GMT
x-content-type-options: nosniff
server: cafe
age: 68795
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Mar 2023 20:24:54 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 324D 79 KB
27 KB 112ms
100ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB2|562354421&brxdSiteId=4451051&yadpos=LDRB2&pos=ipemeafinanceldrb2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

5c91e5a423b545e6cf71afe04e0888d05dbf73753666f25e1af5bc31ba8839ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27475
x-xss-protection: 0
server: sffe
etag: "1513 / 738 of 1000 / last-modified: 1679051457"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 15:31:29 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 324D 19 B
67 B 61ms
49ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58301,58294,55953,55936,58292,58160,55938,55859,58222,58309,57630&referrer=finance.yahoo.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB2|562354421&brxdSiteId=4451051&yadpos=LDRB2&pos=ipemeafinanceldrb2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame 324D 43 B
70 B 85ms
84ms Image
image/gif 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926551&grp=%3F%3F%3F&nl=1679067088973&rts=1679067088810&pix=1&et=1&a=3f07deab7f6341e7a33ae447d8fa9723&m=aXAtMTAtMjItMTIxLTI0NA..&b=MTMxMjM7RU1FQSAtIEFkWCBQYXNzYmFjazs_Pz87Ozs7MTJiZjVkY2VkNWZkNDFmN2E1MGUxZjZhN2RkNjliOTE7Mjk0NjMzMjI7MTY3OTA2MzU1OTs7MDs7MDs7cGFzc2JhY2stMTI3MTU7OzE7MTs.&uid=y-LtbzQPhE2rO.p6MUy71p0eC4YFCt2zxvESQvNO0eN.A.%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&af=7&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=5
Requested by: Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB2|562354421&brxdSiteId=4451051&yadpos=LDRB2&pos=ipemeafinanceldrb2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:29 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 324D 69 KB
16 KB 79ms
78ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB2|562354421&brxdSiteId=4451051&yadpos=LDRB2&pos=ipemeafinanceldrb2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: R93NYTQJHP6Z4902
age: 6829
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: yXnqdLO6DRB/BQlg5BYxYqfN0He3tDNZpowJaNfl3kxZz1E9zkQ3DapYMQ49bnfRQSGcvDjm58Aur0Xk4MN9rg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/ Frame A425 275 KB
93 KB 201ms
59ms Script
text/javascript 108.138.17.95

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.95 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7480b81e8c1e4d927a3bafca51a4c7d2e82281fbcb6c89fd8f926b9375622753

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:11:16 GMT
x-amz-version-id: 2DpTA6KVRaoJspGxxPkGfJrZQkUpgLEX
content-encoding: br
last-modified: Fri, 17 Mar 2023 14:53:28 GMT
server: AmazonS3
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"9ca2d820bae9a0a145916a9e63b20ab2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 1214
x-amz-cf-id: LH7WKUX9DBZb50U6WFH8tu7sBwQwOuVovHYWkkmY0RbTxbd80e6g0w==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/ Frame 512A 275 KB
93 KB 127ms
126ms Script
text/javascript 108.138.17.95

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.95 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7480b81e8c1e4d927a3bafca51a4c7d2e82281fbcb6c89fd8f926b9375622753

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:11:16 GMT
x-amz-version-id: 2DpTA6KVRaoJspGxxPkGfJrZQkUpgLEX
content-encoding: br
last-modified: Fri, 17 Mar 2023 14:53:28 GMT
server: AmazonS3
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"9ca2d820bae9a0a145916a9e63b20ab2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 1214
x-amz-cf-id: Pm0MU18HB4Y9zppQkLypXocyvrCQJpPSBIxf1n1dZYg8PH1lBX0yeQ==

POST
H2 200 init
gw.geoedge.be/api/ Frame A425 0
216 B 318ms
144ms XHR
text/plain 52.222.213.56

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.213.56 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 17 Mar 2023 15:31:30 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
content-length: 0
x-amz-cf-id: K3PmNuoH_1itjnA_Ysmj2ZRc1efsHqyjdMkTotQhEcm9vnnqMOOkvA==
x-cache: Miss from cloudfront

GET
H2 200 adEvent.do Show response
prod-m-node-3111.ssp.advertising.com/admax/ Frame A425 43 B
236 B 213ms
46ms XHR
image/gif 35.157.25.58

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-m-node-3111.ssp.advertising.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926536&grp=%3F%3F%3F&nl=1679067089238&rts=1679067088998&pix=1&et=1&a=965a028e95df45cba7a1efb9b0c0d2ad&m=aXAtMTAtMjItMTAxLTg5&p=MC4wMDAyNTk&b=MTI4MTA7cHVibWF0aWM7Y2xvdWR0ZWNobm9sb2dpZXMucGw7Ozs7MmVkYjNjZWVjZTFmNDI1YWE2YmI4OTFkZjRiNDJlOTI7MTEzNzU3OzE2NzkwNjM1NTk7OzAuMDAwMjU5OzswOzsxMTY5ZXU7NWMzZjc3YWMwNjRkM2Y3YTc4YWMwMTk4ZDQxNjdkNGFjMDhjNzhmZDsxOzE7&uid=y-LtbzQPhE2rO.p6MUy71p0eC4YFCt2zxvESQvNO0eN.A.%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&af=2&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=2
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.25.58 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:29 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: nginx
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://s.yimg.com
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK 28e51844-ef5b-4080-96e4-487cd7745866.html
adserver-eu.dsp.onprospects.com/data/c/html/ Frame 0377 850 B
1020 B 250ms
103ms Document
text/html 141.94.240.141

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-eu.dsp.onprospects.com/data/c/html/28e51844-ef5b-4080-96e4-487cd7745866.html?rg=eu&s=pubmatic-cortb-bidder-eu&b_i=BB594B9A-2F24-4C2E-AF46-A54AFB38BAF8_1&b_p=0.37
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.240.141 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

content-type: text/html
date: Fri, 17 Mar 2023 15:31:29 GMT
server: envoy
transfer-encoding: chunked
x-envoy-upstream-service-time: 0

GET
H2 200 showad.js
ads.pubmatic.com/AdServer/js/ Frame 72CF 38 KB
14 KB 238ms
96ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=139458
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Fri, 17 Mar 2023 15:31:29 GMT
expires: Sun, 19 Mar 2023 06:15:47 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame CAAA 0
91 B 226ms
88ms Document
text/plain 185.64.189.221

General

Check archive.org

Show headers Download Go to

Full URL: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=162347&siteId=991256&adId=4672379&imprId=6E5C8D7F-BB21-42CE-A428-814E3844E39C&cksum=6D76C7B370E3AA39&adType=10&adServerId=243&kefact=0.259000&kaxefact=0.259000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1679067089&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.370000&dcId=3&tldId=0&passback=0&svr=BID23232&adsver=_3167765704&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=0YcUZAqzAADvW7sU9PiHXu4muFDH_VwGClEM5rH-cbqI_3tq&ekaxefact=0YcUZBSzAAC5MFNstCPp-BP2w5_QEwmsx778WWbDEx0hu0kC&ekpbmtpfact=0YcUZByzAACNkCO7atSt8xyKDxdhFrU2eGatxDpZlyflR9eK&enpp=0YcUZCSzAACKCwSoxHCWdjHX1GbydBqJcr-mwm-0Q0bVAVy5&pfi=1&domId=12164250932016601703&dc=lhr19&crID=1169eu&lpu=cloudtechnologies.pl&ucrid=8016777352668248110&campaignId=22966&creativeId=0&pctr=0.000000&wDSPByrId=ct&wDspId=409&wbId=0&wrId=0&wAdvID=400561&isRTB=1&rtbId=BB594B9A-2F24-4C2E-AF46-A54AFB38BAF8&ver=6&dateHr=2023031715&oid=6E5C8D7F-BB21-42CE-A428-814E3844E39C&cntryId=180&sec=1&pAuSt=2&wops=0&sURL=finance.yahoo.com&BrID=5&oiabdvt=2
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 17 Mar 2023 15:31:29 GMT
expires: 0
pragma: no-cache

GET
H2 200 pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame A425 19 B
44 B 56ms
50ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adfeedback-1.0.108.js
s.yimg.com/cb/af/ Frame A425 129 KB
32 KB 108ms
103ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cb/af/adfeedback-1.0.108.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 9HNHV4ZAS096AT5E
age: 1141
x-amz-server-side-encryption: AES256
x-amz-id-2: D1AI2KY59jd7K2KvjmNLd2waeR4Gi9GohGRbHKCfxhEvTAPun502wbVz2QOeRvnJxKQEjFQGJDsK6xwxPhtqMA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 01:19:31 GMT
server: ATS
etag: "dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 talon-1.0.40.js
cdn.js7k.com/ix/ Frame A425 69 KB
16 KB 53ms
48ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: R93NYTQJHP6Z4902
age: 6829
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: yXnqdLO6DRB/BQlg5BYxYqfN0He3tDNZpowJaNfl3kxZz1E9zkQ3DapYMQ49bnfRQSGcvDjm58Aur0Xk4MN9rg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H3 200 pubads_impl_2023031501.js
securepubads.g.doubleclick.net/gpt/ Frame 324D 397 KB
134 KB 57ms
54ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136785
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 08:36:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Mar 2024 11:03:55 GMT

POST
H2 200 init
gw.geoedge.be/api/ Frame 512A 0
215 B 182ms
148ms XHR
text/plain 52.222.213.56

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.213.56 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 17 Mar 2023 15:31:30 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
content-length: 0
x-amz-cf-id: LSs8q26MSuV4b1XrICFivwI0D7v2El3qqz9fBHsN2Q2glpHchb0O6Q==
x-cache: Miss from cloudfront

GET
H2 200 adEvent.do
prod-m-node-3111.ssp.advertising.com/admax/ Frame 512A 43 B
237 B 78ms
45ms XHR
image/gif 35.157.25.58

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-m-node-3111.ssp.advertising.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926539&grp=%3F%3F%3F&nl=1679067089196&rts=1679067089067&pix=1&et=1&a=8723b34a4e344afca2f5926d2d19b695&m=aXAtMTAtMjItMTExLTEwMA..&p=MC4wMDAyNzM&b=MTI4MTA7cHVibWF0aWM7Y2xvdWR0ZWNobm9sb2dpZXMucGw7Ozs7NmZlMDZkM2FmMWViNGJiNmIyNzM3MWUyZTg5NjEzMjU7MTEzNzU3OzE2NzkwNjM1NTk7OzAuMDAwMjczOzswOzsxMTY5ZXU7NWMzZjc3YWMwNjRkM2Y3YTc4YWMwMTk4ZDQxNjdkNGFjMDhjNzhmZDsxOzE7&uid=y-LtbzQPhE2rO.p6MUy71p0eC4YFCt2zxvESQvNO0eN.A.%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&af=2&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=2
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.25.58 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:29 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: nginx
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://s.yimg.com
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK 28e51844-ef5b-4080-96e4-487cd7745866.html
adserver-eu.dsp.onprospects.com/data/c/html/ Frame 19F7 850 B
1020 B 250ms
56ms Document
text/html 141.94.240.141

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-eu.dsp.onprospects.com/data/c/html/28e51844-ef5b-4080-96e4-487cd7745866.html?rg=eu&s=pubmatic-cortb-bidder-eu&b_i=E9592211-4840-48C6-B2EA-0B9611141588_1&b_p=0.39
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.240.141 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

content-type: text/html
date: Fri, 17 Mar 2023 15:31:30 GMT
server: envoy
transfer-encoding: chunked
x-envoy-upstream-service-time: 0

GET
H2 200 showad.js
ads.pubmatic.com/AdServer/js/ Frame 9C2E 38 KB
14 KB 72ms
51ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=139458
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Fri, 17 Mar 2023 15:31:29 GMT
expires: Sun, 19 Mar 2023 06:15:47 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame BEC5 0
49 B 134ms
99ms Document
text/plain 185.64.189.221

General

Check archive.org

Show headers Download Go to

Full URL: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=162347&siteId=991256&adId=4672379&imprId=7F61277A-0BA6-4285-BE79-CFAE0F0A6AFC&cksum=48C222267EA0541B&adType=10&adServerId=243&kefact=0.273000&kaxefact=0.273000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1679067089&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.390000&dcId=3&tldId=0&passback=0&svr=BID22454U&adsver=_3167765704&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=0YcUZPvpAQBU6jw3bzfFy7LSQ9SdMREDOhOgCYghDc3ndWya&ekaxefact=0YcUZAbqAQDEGoFOH6iF1S4roy_VEFElL6u29DdFktWdEfjB&ekpbmtpfact=0YcUZA_qAQDLJUyWoFSso6Dizwv4q1IKmOOaiJ0RTwaHrwrV&enpp=0YcUZBnqAQAxZuw-yX-muxRtVNWEjmv4Tv1y5N1U0lxj2Hjd&pfi=1&domId=12164250932016601703&dc=AMS&crID=1169eu&lpu=cloudtechnologies.pl&ucrid=8016777352668248110&campaignId=22966&creativeId=0&pctr=0.000000&wDSPByrId=ct&wDspId=409&wbId=0&wrId=0&wAdvID=400561&isRTB=1&rtbId=E9592211-4840-48C6-B2EA-0B9611141588&ver=9&dateHr=2023031715&oid=7F61277A-0BA6-4285-BE79-CFAE0F0A6AFC&cntryId=180&sec=1&pAuSt=2&wops=0&sURL=finance.yahoo.com&BrID=5&oiabdvt=2
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 17 Mar 2023 15:31:29 GMT
expires: 0
pragma: no-cache

GET
H2 200 pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 512A 19 B
44 B 71ms
52ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58301,58294,55953,55936,58292,58160,55938,55859,58222,55939,47&referrer=finance.yahoo.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adfeedback-1.0.108.js
s.yimg.com/cb/af/ Frame 512A 129 KB
32 KB 102ms
87ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cb/af/adfeedback-1.0.108.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 9HNHV4ZAS096AT5E
age: 1141
x-amz-server-side-encryption: AES256
x-amz-id-2: D1AI2KY59jd7K2KvjmNLd2waeR4Gi9GohGRbHKCfxhEvTAPun502wbVz2QOeRvnJxKQEjFQGJDsK6xwxPhtqMA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 01:19:31 GMT
server: ATS
etag: "dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 talon-1.0.40.js
cdn.js7k.com/ix/ Frame 512A 69 KB
16 KB 63ms
48ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: R93NYTQJHP6Z4902
age: 6829
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: yXnqdLO6DRB/BQlg5BYxYqfN0He3tDNZpowJaNfl3kxZz1E9zkQ3DapYMQ49bnfRQSGcvDjm58Aur0Xk4MN9rg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 n.js
geo.moatads.com/ Frame 324D 84 B
256 B 72ms
71ms Script
text/html 54.154.227.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067089948&de=889676461577&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067089948&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101985%3A26888736%3A-&zMoatBannerInfo=498041662&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830142&zMoatAlias=y402805&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=460971406&cs=0&callback=DOMlessLLDcallback_77846430
Requested by: Host: aka-cdn.adtechus.com
URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.227.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-227-195.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:30 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "2eb36a1a490bd8a13e8df6c339568c2a62704681"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 324D 43 B
260 B 56ms
55ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067089948&de=889676461577&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067089948&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101985%3A26888736%3A-&zMoatBannerInfo=498041662&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830142&zMoatAlias=y402805&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=770629217&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:30 GMT

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js
pagead2.googlesyndication.com/bg/ Frame E5D0 36 KB
14 KB 143ms
44ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js
pagead2.googlesyndication.com/bg/ Frame C515 36 KB
14 KB 139ms
52ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H/1.1 200
OK 9b1bc66d-279f-4add-93bf-e00ca25cbc65.png
adserver-eu.dsp.onprospects.com/data/b/png/ Frame 0377 14 KB
14 KB 123ms
123ms Image
image/png 141.94.240.141

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adserver-eu.dsp.onprospects.com/data/b/png/9b1bc66d-279f-4add-93bf-e00ca25cbc65.png
Requested by: Host: adserver-eu.dsp.onprospects.com
URL: https://adserver-eu.dsp.onprospects.com/data/c/html/28e51844-ef5b-4080-96e4-487cd7745866.html?rg=eu&s=pubmatic-cortb-bidder-eu&b_i=BB594B9A-2F24-4C2E-AF46-A54AFB38BAF8_1&b_p=0.37
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.240.141 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://adserver-eu.dsp.onprospects.com/data/c/html/28e51844-ef5b-4080-96e4-487cd7745866.html?rg=eu&s=pubmatic-cortb-bidder-eu&b_i=BB594B9A-2F24-4C2E-AF46-A54AFB38BAF8_1&b_p=0.37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:30 GMT
last-modified: Wed, 14 Dec 2022 16:58:20 GMT
server: envoy
etag: "639a00ac-361f"
content-type: image/png
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 13855

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0377
Redirect Chain

https://pixel-eu.onprospects.com/?attribute=137105152&type=STRING&value=1169&b_i=BB594B9A-2F24-4C2E-AF46-A54AFB38BAF8_1&b_a=imp&b_s=pubmatic-cortb-bidder-eu&b_p=0.37
https://pixel-eu.onaudience.com/?attribute=137105152&type=STRING&value=1169&b_i=BB594B9A-2F24-4C2E-AF46-A54AFB38BAF8_1&b_a=imp&b_s=pubmatic-cortb-bidder-eu&b_p=0.37&onp
https://spl.zeotap.com/?zdid=1332&zcluid=32d1cdf238b15153
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0cb42c1f-def1-4f5b-7d74-e43ff9c7886d&reqId=2ba234c5-8293-4336-42a1-232ff74cd4c9&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEI7OWTz-2lb28MWK1VlgF9g&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0cb42c1f-def1-4f5b-7d74-e43ff9c7886d&reqId=2ba234c5-8293-4336-42a1-232...

95 B
163 B

100ms
79ms

Image
image/png

172.67.13.182

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEI7OWTz-2lb28MWK1VlgF9g&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0cb42c1f-def1-4f5b-7d74-e43ff9c7886d&reqId=2ba234c5-8293-4336-42a1-232ff74cd4c9&zcluid=32d1cdf238b15153&zdid=1332
Requested by: Host: adserver-eu.dsp.onprospects.com
URL: https://adserver-eu.dsp.onprospects.com/data/c/html/28e51844-ef5b-4080-96e4-487cd7745866.html?rg=eu&s=pubmatic-cortb-bidder-eu&b_i=BB594B9A-2F24-4C2E-AF46-A54AFB38BAF8_1&b_p=0.37
Protocol: H2
Server: 172.67.13.182 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://adserver-eu.dsp.onprospects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://adserver-eu.dsp.onprospects.com
access-control-allow-credentials: true
cf-ray: 7a96488b19b23566-WAW
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEI7OWTz-2lb28MWK1VlgF9g&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0cb42c1f-def1-4f5b-7d74-e43ff9c7886d&reqId=2ba234c5-8293-4336-42a1-232ff74cd4c9&zcluid=32d1cdf238b15153&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame EC3B 43 B
260 B 69ms
64ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=37&q=1&hp=1&vb=1&kq=1&lo=3&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067086882&de=241805498985&cu=1679067086882&m=3415&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=564&lg=1&lh=350&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=1&ad=1316&cn=139&gn=1&gk=1316&gl=139&ik=1316&ic=1316&ez=1&co=1316&cp=1468&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1468&cd=372&ah=1468&am=372&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1034902164&cs=0
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:30 GMT

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js
pagead2.googlesyndication.com/bg/ Frame FC4C 36 KB
14 KB 49ms
49ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H/1.1 200
OK 9b1bc66d-279f-4add-93bf-e00ca25cbc65.png
adserver-eu.dsp.onprospects.com/data/b/png/ Frame 19F7 14 KB
14 KB 108ms
107ms Image
image/png 141.94.240.141

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adserver-eu.dsp.onprospects.com/data/b/png/9b1bc66d-279f-4add-93bf-e00ca25cbc65.png
Requested by: Host: adserver-eu.dsp.onprospects.com
URL: https://adserver-eu.dsp.onprospects.com/data/c/html/28e51844-ef5b-4080-96e4-487cd7745866.html?rg=eu&s=pubmatic-cortb-bidder-eu&b_i=E9592211-4840-48C6-B2EA-0B9611141588_1&b_p=0.39
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.240.141 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://adserver-eu.dsp.onprospects.com/data/c/html/28e51844-ef5b-4080-96e4-487cd7745866.html?rg=eu&s=pubmatic-cortb-bidder-eu&b_i=E9592211-4840-48C6-B2EA-0B9611141588_1&b_p=0.39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:30 GMT
last-modified: Wed, 14 Dec 2022 16:58:20 GMT
server: envoy
etag: "639a00ac-361f"
content-type: image/png
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 13855

GET
H/1.1

200
OK

pixel
ps.eyeota.net/ Frame 19F7
Redirect Chain

https://pixel-eu.onprospects.com/?attribute=137105152&type=STRING&value=1169&b_i=E9592211-4840-48C6-B2EA-0B9611141588_1&b_a=imp&b_s=pubmatic-cortb-bidder-eu&b_p=0.39
https://pixel-eu.onaudience.com/?attribute=137105152&type=STRING&value=1169&b_i=E9592211-4840-48C6-B2EA-0B9611141588_1&b_a=imp&b_s=pubmatic-cortb-bidder-eu&b_p=0.39&onp
https://pixel-eu.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=10d2bcfb5e87f870

0
344 B

272ms
65ms

Image
text/plain

18.184.216.10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=10d2bcfb5e87f870
Requested by: Host: adserver-eu.dsp.onprospects.com
URL: https://adserver-eu.dsp.onprospects.com/data/c/html/28e51844-ef5b-4080-96e4-487cd7745866.html?rg=eu&s=pubmatic-cortb-bidder-eu&b_i=E9592211-4840-48C6-B2EA-0B9611141588_1&b_p=0.39
Protocol: HTTP/1.1
Server: 18.184.216.10 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://adserver-eu.dsp.onprospects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:31:31 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=10d2bcfb5e87f870
content-length: 0

GET
H2 200 n.js
geo.moatads.com/ Frame A425 84 B
256 B 72ms
71ms Script
text/html 54.154.227.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067090518&de=155525286603&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067090518&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101812%3A26888710%3A-&zMoatBannerInfo=498041670&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830146&zMoatAlias=y402808&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1858560591&cs=0&callback=DOMlessLLDcallback_32020339
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.227.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-227-195.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:30 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "ae9fce85831e7ccd26830765e2004553b755ed2f"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame A425 43 B
260 B 68ms
67ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067090518&de=155525286603&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067090518&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101812%3A26888710%3A-&zMoatBannerInfo=498041670&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830146&zMoatAlias=y402808&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=30414122&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:30 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame EC3B 43 B
260 B 65ms
64ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=5&q=0&hp=1&vb=1&kq=1&lo=3&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067086882&de=241805498985&cu=1679067086882&m=3415&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=564&lg=1&lh=350&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=1&ad=1316&cn=1316&gn=1&gk=1316&gl=1316&ik=1316&ic=1316&ez=1&co=1316&cp=1468&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1468&cd=1468&ah=1468&am=1468&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=768255723&cs=0
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:30 GMT

GET
H2 200 integrator.js
adservice.google.pl/adsid/ Frame 324D 107 B
165 B 54ms
52ms Script
application/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js
adservice.google.com/adsid/ Frame 324D 107 B
122 B 54ms
54ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 324D 20 KB
9 KB 381ms
380ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2476644256891189&correlator=1961938743322751&eid=31072878%2C31073113%2C31073178&output=ldjh&gdfp_req=1&vrg=2023031501&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=121124594%2Cad-exchange-gpt%2Cyahoo-nonmail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=898141993&sfv=1-0-40&prev_scp=ADPOSITION%3DLDRB2%26SITEID%3D222418&eri=4&sc=1&cdm=s.yimg.com&abxe=1&dt=1679067090819&dlt=1679067088333&idt=2111&adxs=0&adys=14&biw=-12245933&bih=-12245933&isw=727&ish=89&scr_x=-12245933&scr_y=-12245933&ucis=kvwkty6lewmp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&top=rinehartfarm.com&frm=24&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=920963022.1679067091&ga_sid=1679067091&ga_hid=1066278432&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8987
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ Frame 324D 15 KB
11 KB 92ms
91ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11377
x-xss-protection: 0

GET
H2 200 container.html
635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DDAA 6 KB
3 KB 71ms
51ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:31:31 GMT
expires: Sat, 16 Mar 2024 15:31:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 n.js
geo.moatads.com/ Frame 512A 84 B
256 B 71ms
70ms Script
text/html 54.154.227.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067090878&de=607163940523&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067090878&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101914%3A26888711%3A-&zMoatBannerInfo=498041672&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830166&zMoatAlias=y402809&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1325296624&cs=0&callback=DOMlessLLDcallback_91977921
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.227.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-227-195.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:31 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "19554eff3f9fbae191c41afe7a94c9f9001fabb2"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 512A 43 B
260 B 51ms
50ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067090878&de=607163940523&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067090878&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101914%3A26888711%3A-&zMoatBannerInfo=498041672&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830166&zMoatAlias=y402809&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1141524203&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:31 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 545F 42 B
64 B 83ms
83ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwnZXfNrcazOWHweztBxfVh4w88znPtEfyoiUh9grCI5y9J0-GWmqDVRvtGFIh-aXgoAhLfklcVdZwDJh-WxR_t9WoXePfEkUBiL2lCf8GLLJjls7qnDCfbbTPLC0CaZLe1to&sai=AMfl-YQo43bn8Gz0TnW2tKmYeQ2Gz-yEzYhPj7XW25evWxLKqdtHF5RmrpvTwXwZ0-TR5XWx1tNOzV_mBgbW&sig=Cg0ArKJSzGlghFho-eplEAE&cid=CAQSGwDUE5ymoRNJk_nnVtbpZ7pntKEGzZCOXDKz_hgB&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1122&mtos=0,0,1122,1122,1122&tos=0,0,1122,0,0&tfs=1138&tls=2260&g=100&h=100&tt=2260&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame A425 43 B
260 B 66ms
66ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=0&q=0&hp=1&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fadserver-eu.dsp.onprospects.com%2Fdata%2Fc%2Fhtml%2F28e51844-ef5b-4080-96e4-487cd7745866.html%3Frg%3Deu%26s%3Dpubmatic-cortb-bidder-eu%26b_i%3DBB594B9A-2F24-4C2E-AF46-A54AFB38BAF8_1%26b_p%3D0.37&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067090518&de=155525286603&cu=1679067090518&m=114&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=93&cd=0&ah=93&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101812%3A26888710%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830146&zMoatAlias=y402808&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041670&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1787164321&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:31 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame EC3B 43 B
260 B 52ms
51ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=37&q=2&hp=1&vb=1&kq=1&lo=3&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067086882&de=241805498985&cu=1679067086882&m=3416&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=564&lg=1&lh=350&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=1&ad=1316&cn=1316&gn=1&gk=1316&gl=1316&ik=1316&ic=1316&ez=1&co=1316&cp=1468&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1468&cd=1468&ah=1468&am=1468&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=620584142&cs=0
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:31 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C21F 42 B
64 B 97ms
82ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcpFkGLqJzV9rHkxNsct6jKFr-dlBGJwgIO8XwI_4xXjoj4k0GCH7_A9uRJa47lm5MBVRJ85euVsHu1lSTJH-qDfa5z0wEaSio7JUYrm6NAklx1Xzs055DwJmZhy1xQT2AEqo&sai=AMfl-YReiEfc8ordWkzzJIMoq5tn4f4fSeemG_XDHKg3wqgxQjFMav1Kuq9CVW3UhAMb3MiUzMqNUJ5THGpS&sig=Cg0ArKJSzO-wupqd_wgaEAE&cid=CAQSGwDUE5ymMTfo-y7cXN7VWfWoBp8a4C52lJdBjxgB&id=ampim&o=0,91&d=728,90&ss=1600,1200&bs=728,90&mcvt=1351&mtos=0,0,1351,1351,1351&tos=0,0,1351,0,0&tfs=1128&tls=2479&g=100&h=100&tt=2479&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 512A 43 B
260 B 57ms
56ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=0&q=0&hp=1&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fadserver-eu.dsp.onprospects.com%2Fdata%2Fc%2Fhtml%2F28e51844-ef5b-4080-96e4-487cd7745866.html%3Frg%3Deu%26s%3Dpubmatic-cortb-bidder-eu%26b_i%3DE9592211-4840-48C6-B2EA-0B9611141588_1%26b_p%3D0.39&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067090878&de=607163940523&cu=1679067090878&m=148&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=127&cd=0&ah=127&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101914%3A26888711%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830166&zMoatAlias=y402809&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041672&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=816649780&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:31 GMT

GET
H2 200 container.html
635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA0E 6 KB
3 KB 52ms
52ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:31:31 GMT
expires: Sat, 16 Mar 2024 15:31:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js
tpc.googlesyndication.com/sodar/ Frame 324D 17 KB
6 KB 68ms
68ms Script
text/javascript 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 15:31:31 GMT

GET
H2 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame F8EF 645 B
321 B 107ms
96ms Document
text/html 142.250.184.194

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLjm3OMBMAE&v=APEucNXAIN7E2SYO_mz0u3XVTAKF8p9S6QBRWtsfjrsLzsWIWTcP8iN87qwRrXVz7olLPn0kFl4te-cUqf2oaCNVp56_Qh_qpt82T-_rLyoefyIG2SKrIOA

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:31:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FA0E 78 KB
27 KB 173ms
168ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 15:31:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA0E 42 B
63 B 101ms
96ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DS_EW2xXMAJDtJxa7Mz6ARbYGuwdxa4qMX-WV36sx5CpLXTfu7RSr5k4ucKgFEL-MZZeWmZBTffyWadnWsVX_NoaymRSWM7jQVMzcxxUJfB3tsAi4

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA0E 0
20 B 127ms
121ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3368932148899150639&x=1&ct=77

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame FA0E 3 KB
1 KB 57ms
52ms Script
text/javascript 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 13:25:55 GMT

GET
H3 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame FA0E 20 KB
8 KB 58ms
53ms Script
text/javascript 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 13:25:54 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FA0E 158 KB
49 KB 246ms
94ms Script
text/javascript 142.250.185.130

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 15:31:31 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F61E 13 KB
5 KB 66ms
62ms Document
text/html 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 9760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:48:51 GMT
expires: Sat, 16 Mar 2024 12:48:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame E733 783 B
762 B 122ms
67ms Document
text/html 142.250.185.228

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nZcGYdtwUlodnQahwk6Muw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-nZcGYdtwUlodnQahwk6Muw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:31:31 GMT
expires: Fri, 17 Mar 2023 15:31:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F8EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBerf7q4nHJEFoT4juBE9Ko&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBerf7q4nHJEFoT4juBE9Ko&google_cver=1&gdpr=0&C=1

43 B
632 B

58ms
58ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBerf7q4nHJEFoT4juBE9Ko&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLjm3OMBMAE&v=APEucNXAIN7E2SYO_mz0u3XVTAKF8p9S6QBRWtsfjrsLzsWIWTcP8iN87qwRrXVz7olLPn0kFl4te-cUqf2oaCNVp56_Qh_qpt82T-_rLyoefyIG2SKrIOA
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEBerf7q4nHJEFoT4juBE9Ko&google_cver=1&gdpr=0&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F8EF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBSH0.Skfvy-K5F6LjIbdQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBerf7q4nHJEFoT4juBE9Ko&google_cver=1&gdpr=0&google_hm=2

43 B
632 B

58ms
57ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBerf7q4nHJEFoT4juBE9Ko&google_cver=1&gdpr=0&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLjm3OMBMAE&v=APEucNXAIN7E2SYO_mz0u3XVTAKF8p9S6QBRWtsfjrsLzsWIWTcP8iN87qwRrXVz7olLPn0kFl4te-cUqf2oaCNVp56_Qh_qpt82T-_rLyoefyIG2SKrIOA
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBerf7q4nHJEFoT4juBE9Ko&google_cver=1&gdpr=0&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F8EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEOg_hLpoQcUML_LDixShgcw&google_cver=1

43 B
1 KB

129ms
51ms

Image
image/gif

185.89.211.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEOg_hLpoQcUML_LDixShgcw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLjm3OMBMAE&v=APEucNXAIN7E2SYO_mz0u3XVTAKF8p9S6QBRWtsfjrsLzsWIWTcP8iN87qwRrXVz7olLPn0kFl4te-cUqf2oaCNVp56_Qh_qpt82T-_rLyoefyIG2SKrIOA

Protocol

HTTP/1.1

Server

185.89.211.12 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:32 GMT
AN-X-Request-Uuid: b598a036-cb71-4b4f-8318-2061db5d55bf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 176.67.86.47; 176.67.86.47; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEOg_hLpoQcUML_LDixShgcw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F8EF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwODY3MzI3Njg2MzYxNzAzNA%3D%3D

170 B
188 B

64ms
63ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwODY3MzI3Njg2MzYxNzAzNA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Mar 2023 15:31:32 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 176.67.86.47; 176.67.86.47; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fd14c452-eb39-47f1-8cb6-062699b11b4f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwODY3MzI3Njg2MzYxNzAzNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 p
geo.yahoo.com/ 43 B
435 B 73ms
72ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA0E 0
20 B 79ms
78ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5826443717651&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA0E 0
20 B 82ms
81ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5826443717651&version=m202301230201&ct=77&x=1&cor=3368932148899151000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame FA0E 28 KB
17 KB 79ms
79ms Script
text/javascript 142.250.184.194

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7attuI-sisCzgBqn7IwxPW98cBBYX4wa9R63bREbGxwbwB-HY7lHwkGgaQ9sVOG7wEzHoWsmTZSWzYmGB1fGhq2JFrPJR-vBm9cLdhf2svZVNz9K-pxDbF7Zn2EddXkYIiL6tS1SGi6BP2dcqItGlHev1549lO1iOKPAGg-gDZUWOQYs&cry=1&dbm_d=AKAmf-DzYQo3IBBqEvWmTc_uD1rL0Fw7QSH-i53Yh9UyF96PbiMbelJfoA3sJOkf-dWyBa2v4PfARTYjYu7wXklf0LM0JdvHjA1fMjz78K9NMU_HgMGGKPIz-uPr0qvPTuVCwpiwFbjX6ap4squxxD6mV1wF3pXttMvbMawyjNSt2UzZBHAC3BBzTDXjNa3kbzTaplbn9VOrunNQIHIgiIAHaQ6Fcx1ERChMETcay58D7HVp5AsJVxMUxNwz6mhvdshrCxw2dOx3_fY3rzSaPE0Ql9dKwwSjG2MhXA6rFCu1F_gdiC2eDVj2cz70YP1ZYDQobresiWq6u-LZKNv7Kx3cEfUIZ3PD-f0L5pePrsd-BvQNSHkO2CEw_IzKEdv8uDba-_32eN1Lj5EU5aok3yPCxk-D60u_JyU-HysviMHeIKq8yQ7ki5cy7qgE51BAQDCvpM5AiZgHzZ_33LdmSdroNR-RS_lheWrTnX3tbIo-vplSVlzINDV6EpONLUSli-z9fHRpB_YAshGiv5TRcr7R93WNUD3lug1-g3edBkSCNubeK0_7lh16mZp43mhUbouFYYs-4PUoeFvR0VIZsZ1QRxe_AH4Cv-T_b739NEvoJguRjktDrHhNzmEeIQAePBsp9S7gE7UXExnZNW0POYhSWTD5NDcMsUNzfAIH3hsdLvXFzXH1o0xXSXEFEBRGDKAITguDb5YAGsmjID7x9SqwHpif9soxL8oG_OhophaK2MHaHK6nIofvoJcfmSc-rvYbiD49paGjJ2CIzvwnVy6BVvl0QxNnOkAYbsIq1gD3JXpvPl0j8k3WxzRuDfJyTjrmN62vp9ZbZRkEBbfTB38IUeGyf0uyJAzNHVeLpbQZIXK9DezL3Wg2DFJIVdC9gFdHqXeD8Spnc6ClmKjUvfmrYX-Y0cokbop1APWMx2Y59RRauzOhTHt7TDu3OGgYOpu1VQ_LZOP_EqSB9J9-kp5FNvDNr_dOwCtUhsRsgNeIxl9LnDavctCEoDXqiRsGqSLuWxIsCS0h0g34hc5aNQicO-cc4w3N-S0yIT801IvrtPIUTPxjK1LeU4lnQ4asNGbkMxNwj_vLcQcnUPSjeU-zjxdvt9tF5KRdrsFU9t2V6YCj1BGqLymb-mFWLWl8r4jLlFp9nTznOL1Q6Dt41lU8a2Y95JAw6HT8BvvnXwCq_SuGsyEhWwHeN_P4Cl1S7pQVeXRua79zwz5lAG4zLBNIvTixG-coky0PNBSzZ-0aVlc6Wg_2bWkGWRFYFMGhkWQCdcEYO67bsvNHV9Z_c38GEfu2WQ7rR3af8Ssu1Ke-uRCpo5TwLDei8hEu5h4OCyRvE0NuUmt4OMMjWDQ6oZ_u6Ymtt0YDWamcc4jfaJoiZGXEe0FKvlLyUZURKVKzzirrAuhGh9d-9Z-uXgyXraFA6Usveb9Kzh_RQewRn5DLy2tpdhU59zysjCzZzzyjH_K17L7ha_Zi_VfccppmKzZv5HRSXrAuaMbFoF7SmEVCxRge6hwP1sHXApMRIy6brTY23dxsG0qY78gza0EcthPosPkgjoMkvHPta6j4UZrVW7fIIUhDNHqq0UZxHyOQboD9RVoDmyvWF6uVcckgEKfRiMRBCOjkwIXhjZBubMT6bVrbHwl7Nmc92xuqU7slYPOvd_jgKieQ3rhwVe0F4ktYXFhU3Yh-3k5VZ0qiC4cd38J0ZlxDV8W9Cu_Hs4Ko2egjkxp3lkLPhln5gTIHbS3FVFjqNAieq0pgaqNm1u9mo-bXdQv5WXBgDdhPdy0M9UPhE7iSBTyqaF3iPxmQ6-t3rLiOD1B1j00S2q-JvkifvsSETOVwLXXrJYTdsVfsfYkGWwuev8vpZY27FOkADJ9VNJ8l5IOiqRa1qlSGM06jYiCucUxGilX3JTlnV6RXCFXgsFYcv5pVjvvcGbF9fxrzKARpK7qn8o667cLYD49F-Zjr64Na-PSURbFC8OiFmasdGXPLfP8r8omC_3htVN8CWKjhcarHYE89RuOIE0MJhqNUcm_ZQCtERfCX5uRr2WObl34YhtJPnSo76B0uqj72Q0HogHEl8NESnmVuZ0wQkouxtASqCI9qsheOTsCApfCu8IDZWIyqydeKMfieUDIBHm3EOcR9x_Hzd51oRXtFHOocuhrPAYz6YEQmaQtkmgTTH-k98axC5GydXg-9s8YyQeoXobeWCk-vDdXuO3rPb8v4rsm83e_EEHfqrzgpiw8s_IJc3ebjs76fAZkw74yMdRtQjgbpHBdKyQd7sZdqeGTGGcLhffugYfllUn_FUUteEOsbCZWFTF4ZkbR3zbjZ92BuDmzJMyBsvc7OCVClq9p1x50SWN2iHcOkCF86dYkWiKQXOzM2tVAjrlyUWdY3oa08Bx7LGgyaiXRYvgztGngWMcv0VMWbpS6ZocQglFdpsXNh4ZwzGFwkcRnHlkxB5zV7GcdVEfHRyYmKf9IxfQYo926dmknXUy0WhvZgVWH6JUp0aaf2xSkt6Y8lEaWOJOwWgzJaYyMv6d8UTzLG0lHx8OWx_J6ZbOI5LDmfTr1O_lenX6aY1X5XOAcsUgxdxIJDeTH5ydsXlxbsk3h0qIEPzA9kpgzkUxRVA_5dBF9Q8eqoWiUhpBT9wkFqhwJ9GuZBmaiJY1bBZUXz9Yfek79KIGwnqysdRr0ZrgQp0JO_X4uyhdOJ6I_9yzDExeXP84P6x9pWucalq2Qrle0arv23U7yxNxAsCjIQTzAg63Pb8-LMDiwl7yF9GnZ5fPupvLFWcYo62SSdU4yjvftAR0fzueuS0RrvpjSaUrbF2YkyB3QjQPGllGNEudYQ6rzqZJ_DzMstXArUW0wvglAKQM8rz-iNpZAY4x1UYXZH39gXtlAxD9Culq_pcxdK5mIYdLrymXDrmEgLlnewBNnMsyv0LTVYUldtGGWsepNMdTq-Fnd_vNIjmy_ZxRvx5_5JTj27TD0wwgxWV4IoFKWlUutBYoByb2MCHIBO3U69-WCOkPs_otZRBjolzNictusSwvxbE9JkTA3cMVwyBg2U0L1C9SwYy-yeMBqQz0Fp8-ViaZdLcrTg70h44JCxLpIf8rAadbZB9Rlj1kTY6yqV2d-HcLXukFC5Noo2MDDWc-wl76ZUPMTqLDTDAsnTy90Ggn6-9TmYf7nEcM200sCP9699Z9CsQH4hN3iPmVCRHno13mVycP6F5ry3zIap3aV4rv340RdH4t1rhWu6h7dtRepfmBi_vW9f9PpS2sC9kVsA9TC1qzZctbbeIY7o2dcscOJwxBDKR4zvvr3ICFxTAf3H2hGfgN3tDccDh63JKQKYM8Oo-P7XmjQej_9u1FEChi41y6Xx76ZIcmrCINXkoiKglAO0Ky6qj831gIRBy3n2Jf2UR2CavT7-4Kwsnw3-3DHRbursNw&cid=CAQSKQDUE5ymS6TGMs733-v8sYpSzP0bZmMen6HR910zxPFzfunTVbqL3NozGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Frinehartfarm.com&ds=l&xdt=1&iif=1&cor=3368932148899151000&adk=2191498966&idt=205&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16914
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 324D 43 B
260 B 54ms
53ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=0&q=0&hp=1&vb=1&kq=1&lo=3&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2F635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRC=1&gu=https%3A%2F%2Frinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=https%3A%2F%2Frinehartfarm.com&lp=https%3A%2F%2Frinehartfarm.com&t=1679067089948&de=889676461577&cu=1679067089948&m=2033&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=98&le=1&lf=516&lg=1&lh=162&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=280&cd=0&ah=280&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101985%3A26888736%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830142&zMoatAlias=y402805&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041662&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1580044755&cs=0
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:31:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FC4C 0
10 B 46ms
46ms Image
text/plain 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?s5fbOQ
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame FA0E 28 KB
11 KB 49ms
49ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7attuI-sisCzgBqn7IwxPW98cBBYX4wa9R63bREbGxwbwB-HY7lHwkGgaQ9sVOG7wEzHoWsmTZSWzYmGB1fGhq2JFrPJR-vBm9cLdhf2svZVNz9K-pxDbF7Zn2EddXkYIiL6tS1SGi6BP2dcqItGlHev1549lO1iOKPAGg-gDZUWOQYs&cry=1&dbm_d=AKAmf-DzYQo3IBBqEvWmTc_uD1rL0Fw7QSH-i53Yh9UyF96PbiMbelJfoA3sJOkf-dWyBa2v4PfARTYjYu7wXklf0LM0JdvHjA1fMjz78K9NMU_HgMGGKPIz-uPr0qvPTuVCwpiwFbjX6ap4squxxD6mV1wF3pXttMvbMawyjNSt2UzZBHAC3BBzTDXjNa3kbzTaplbn9VOrunNQIHIgiIAHaQ6Fcx1ERChMETcay58D7HVp5AsJVxMUxNwz6mhvdshrCxw2dOx3_fY3rzSaPE0Ql9dKwwSjG2MhXA6rFCu1F_gdiC2eDVj2cz70YP1ZYDQobresiWq6u-LZKNv7Kx3cEfUIZ3PD-f0L5pePrsd-BvQNSHkO2CEw_IzKEdv8uDba-_32eN1Lj5EU5aok3yPCxk-D60u_JyU-HysviMHeIKq8yQ7ki5cy7qgE51BAQDCvpM5AiZgHzZ_33LdmSdroNR-RS_lheWrTnX3tbIo-vplSVlzINDV6EpONLUSli-z9fHRpB_YAshGiv5TRcr7R93WNUD3lug1-g3edBkSCNubeK0_7lh16mZp43mhUbouFYYs-4PUoeFvR0VIZsZ1QRxe_AH4Cv-T_b739NEvoJguRjktDrHhNzmEeIQAePBsp9S7gE7UXExnZNW0POYhSWTD5NDcMsUNzfAIH3hsdLvXFzXH1o0xXSXEFEBRGDKAITguDb5YAGsmjID7x9SqwHpif9soxL8oG_OhophaK2MHaHK6nIofvoJcfmSc-rvYbiD49paGjJ2CIzvwnVy6BVvl0QxNnOkAYbsIq1gD3JXpvPl0j8k3WxzRuDfJyTjrmN62vp9ZbZRkEBbfTB38IUeGyf0uyJAzNHVeLpbQZIXK9DezL3Wg2DFJIVdC9gFdHqXeD8Spnc6ClmKjUvfmrYX-Y0cokbop1APWMx2Y59RRauzOhTHt7TDu3OGgYOpu1VQ_LZOP_EqSB9J9-kp5FNvDNr_dOwCtUhsRsgNeIxl9LnDavctCEoDXqiRsGqSLuWxIsCS0h0g34hc5aNQicO-cc4w3N-S0yIT801IvrtPIUTPxjK1LeU4lnQ4asNGbkMxNwj_vLcQcnUPSjeU-zjxdvt9tF5KRdrsFU9t2V6YCj1BGqLymb-mFWLWl8r4jLlFp9nTznOL1Q6Dt41lU8a2Y95JAw6HT8BvvnXwCq_SuGsyEhWwHeN_P4Cl1S7pQVeXRua79zwz5lAG4zLBNIvTixG-coky0PNBSzZ-0aVlc6Wg_2bWkGWRFYFMGhkWQCdcEYO67bsvNHV9Z_c38GEfu2WQ7rR3af8Ssu1Ke-uRCpo5TwLDei8hEu5h4OCyRvE0NuUmt4OMMjWDQ6oZ_u6Ymtt0YDWamcc4jfaJoiZGXEe0FKvlLyUZURKVKzzirrAuhGh9d-9Z-uXgyXraFA6Usveb9Kzh_RQewRn5DLy2tpdhU59zysjCzZzzyjH_K17L7ha_Zi_VfccppmKzZv5HRSXrAuaMbFoF7SmEVCxRge6hwP1sHXApMRIy6brTY23dxsG0qY78gza0EcthPosPkgjoMkvHPta6j4UZrVW7fIIUhDNHqq0UZxHyOQboD9RVoDmyvWF6uVcckgEKfRiMRBCOjkwIXhjZBubMT6bVrbHwl7Nmc92xuqU7slYPOvd_jgKieQ3rhwVe0F4ktYXFhU3Yh-3k5VZ0qiC4cd38J0ZlxDV8W9Cu_Hs4Ko2egjkxp3lkLPhln5gTIHbS3FVFjqNAieq0pgaqNm1u9mo-bXdQv5WXBgDdhPdy0M9UPhE7iSBTyqaF3iPxmQ6-t3rLiOD1B1j00S2q-JvkifvsSETOVwLXXrJYTdsVfsfYkGWwuev8vpZY27FOkADJ9VNJ8l5IOiqRa1qlSGM06jYiCucUxGilX3JTlnV6RXCFXgsFYcv5pVjvvcGbF9fxrzKARpK7qn8o667cLYD49F-Zjr64Na-PSURbFC8OiFmasdGXPLfP8r8omC_3htVN8CWKjhcarHYE89RuOIE0MJhqNUcm_ZQCtERfCX5uRr2WObl34YhtJPnSo76B0uqj72Q0HogHEl8NESnmVuZ0wQkouxtASqCI9qsheOTsCApfCu8IDZWIyqydeKMfieUDIBHm3EOcR9x_Hzd51oRXtFHOocuhrPAYz6YEQmaQtkmgTTH-k98axC5GydXg-9s8YyQeoXobeWCk-vDdXuO3rPb8v4rsm83e_EEHfqrzgpiw8s_IJc3ebjs76fAZkw74yMdRtQjgbpHBdKyQd7sZdqeGTGGcLhffugYfllUn_FUUteEOsbCZWFTF4ZkbR3zbjZ92BuDmzJMyBsvc7OCVClq9p1x50SWN2iHcOkCF86dYkWiKQXOzM2tVAjrlyUWdY3oa08Bx7LGgyaiXRYvgztGngWMcv0VMWbpS6ZocQglFdpsXNh4ZwzGFwkcRnHlkxB5zV7GcdVEfHRyYmKf9IxfQYo926dmknXUy0WhvZgVWH6JUp0aaf2xSkt6Y8lEaWOJOwWgzJaYyMv6d8UTzLG0lHx8OWx_J6ZbOI5LDmfTr1O_lenX6aY1X5XOAcsUgxdxIJDeTH5ydsXlxbsk3h0qIEPzA9kpgzkUxRVA_5dBF9Q8eqoWiUhpBT9wkFqhwJ9GuZBmaiJY1bBZUXz9Yfek79KIGwnqysdRr0ZrgQp0JO_X4uyhdOJ6I_9yzDExeXP84P6x9pWucalq2Qrle0arv23U7yxNxAsCjIQTzAg63Pb8-LMDiwl7yF9GnZ5fPupvLFWcYo62SSdU4yjvftAR0fzueuS0RrvpjSaUrbF2YkyB3QjQPGllGNEudYQ6rzqZJ_DzMstXArUW0wvglAKQM8rz-iNpZAY4x1UYXZH39gXtlAxD9Culq_pcxdK5mIYdLrymXDrmEgLlnewBNnMsyv0LTVYUldtGGWsepNMdTq-Fnd_vNIjmy_ZxRvx5_5JTj27TD0wwgxWV4IoFKWlUutBYoByb2MCHIBO3U69-WCOkPs_otZRBjolzNictusSwvxbE9JkTA3cMVwyBg2U0L1C9SwYy-yeMBqQz0Fp8-ViaZdLcrTg70h44JCxLpIf8rAadbZB9Rlj1kTY6yqV2d-HcLXukFC5Noo2MDDWc-wl76ZUPMTqLDTDAsnTy90Ggn6-9TmYf7nEcM200sCP9699Z9CsQH4hN3iPmVCRHno13mVycP6F5ry3zIap3aV4rv340RdH4t1rhWu6h7dtRepfmBi_vW9f9PpS2sC9kVsA9TC1qzZctbbeIY7o2dcscOJwxBDKR4zvvr3ICFxTAf3H2hGfgN3tDccDh63JKQKYM8Oo-P7XmjQej_9u1FEChi41y6Xx76ZIcmrCINXkoiKglAO0Ky6qj831gIRBy3n2Jf2UR2CavT7-4Kwsnw3-3DHRbursNw&cid=CAQSKQDUE5ymS6TGMs733-v8sYpSzP0bZmMen6HR910zxPFzfunTVbqL3NozGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Frinehartfarm.com&ds=l&xdt=1&iif=1&cor=3368932148899151000&adk=2191498966&idt=205&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10959
x-xss-protection: 0
server: cafe
etag: 15636944064868061930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 05:03:54 GMT

GET
H3 200 UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FA0E 41 KB
15 KB 51ms
51ms Script
text/javascript 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 12:23:19 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C515 0
10 B 44ms
44ms Image
text/plain 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GifZ1Q
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E5D0 0
10 B 43ms
43ms Image
text/plain 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6DTQ5g
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js
pagead2.googlesyndication.com/bg/ Frame F61E 36 KB
14 KB 46ms
46ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H2 200 bg
ads.revjet.com/ Frame FA0E 43 KB
18 KB 163ms
47ms Script
application/javascript 65.109.114.33

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.114.33 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Fri, 17 Mar 2023 15:31:32 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Fri, 17 Mar 2023 18:31:32 GMT

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AD96 1 KB
643 B 58ms
57ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 11291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Sat, 18 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FA0E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A03C 22 KB
8 KB 47ms
46ms Document
text/html 142.250.186.33

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 520550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 14:55:42 GMT
expires: Sun, 10 Mar 2024 14:55:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD96
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECMqfcxmQ0jr4aJ10uPy3x8&google_cver=1&google_push=Aa02lx90fnDnDftD6O-4m684cKJ7XMWaVpxXrSzPYuTg3aVIXM0FjVKCt_uXuKzdibf0jNgi8GVWWsJddMNP02r1NAxAj5GUunw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0E7C658CD9754D2CADFFE73B1BA11C4F&google_push=Aa02lx90fnDnDftD6O-4m684cKJ7XMWaVpxXrSzPYuTg3aVIXM0FjVKCt_uXuKzdibf0jNgi8GVWWsJddMNP02r...

170 B
188 B

56ms
56ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0E7C658CD9754D2CADFFE73B1BA11C4F&google_push=Aa02lx90fnDnDftD6O-4m684cKJ7XMWaVpxXrSzPYuTg3aVIXM0FjVKCt_uXuKzdibf0jNgi8GVWWsJddMNP02r1NAxAj5GUunw

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Mar 2023 15:31:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0E7C658CD9754D2CADFFE73B1BA11C4F&google_push=Aa02lx90fnDnDftD6O-4m684cKJ7XMWaVpxXrSzPYuTg3aVIXM0FjVKCt_uXuKzdibf0jNgi8GVWWsJddMNP02r1NAxAj5GUunw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 16 Mar 2023 15:31:32 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD96
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF_XRULYuBUoPBAwBVl1fvA&google_cver=1&google_push=Aa02lx8NQaMNhaXxWaHT1p0fwD2YzxIitI_47EziXnZDjuY-WReaDNNATiXnO92HrNRjJ5uSciP9zWzuZ1BQ16FyHkDhDJj...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8NQaMNhaXxWaHT1p0fwD2YzxIitI_47EziXnZDjuY-WReaDNNATiXnO92HrNRjJ5uSciP9zWzuZ1BQ16FyHkDhDJjteT8&google_hm=eS1PQm1xMFoxRTJwRmJTbW5...

170 B
188 B

55ms
54ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8NQaMNhaXxWaHT1p0fwD2YzxIitI_47EziXnZDjuY-WReaDNNATiXnO92HrNRjJ5uSciP9zWzuZ1BQ16FyHkDhDJjteT8&google_hm=eS1PQm1xMFoxRTJwRmJTbW5PV09TOGtHQ1hBeGNmVkd4Sn5B

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Mar 2023 15:31:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8NQaMNhaXxWaHT1p0fwD2YzxIitI_47EziXnZDjuY-WReaDNNATiXnO92HrNRjJ5uSciP9zWzuZ1BQ16FyHkDhDJjteT8&google_hm=eS1PQm1xMFoxRTJwRmJTbW5PV09TOGtHQ1hBeGNmVkd4Sn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD96
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBHeWxKHc0E86jWdzygsEO0&google_cver=1&google_push=Aa02lx8WUDtQIAKUPQakjBhLYIq_By8f4X9_kmSRVKNfXQcFxA4ZmZLuKTexmL1cSVJSth5ztXEyVK-E1H4iJlk5...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8WUDtQIAKUPQakjBhLYIq_By8f4X9_kmSRVKNfXQcFxA4ZmZLuKTexmL1cSVJSth5ztXEyVK-E1H4iJlk5s-bQWas0aFk

170 B
188 B

65ms
64ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8WUDtQIAKUPQakjBhLYIq_By8f4X9_kmSRVKNfXQcFxA4ZmZLuKTexmL1cSVJSth5ztXEyVK-E1H4iJlk5s-bQWas0aFk

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Mar 2023 15:31:32 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8WUDtQIAKUPQakjBhLYIq_By8f4X9_kmSRVKNfXQcFxA4ZmZLuKTexmL1cSVJSth5ztXEyVK-E1H4iJlk5s-bQWas0aFk
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: g9NxrvIA-13whLc9mHfMc4Ob56Ntc6X6mVclX3zyRNWlJ_twySAP-g==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD96
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEGH8CdodbtURjg0QamaNoSE&google_cver=1&google_push=Aa02lx8iE6yHMbIiTcNL0liNJSXnzRi4ludrEUvrSQ58v-PYJht36EruFQJ_NLSRJBtKE3fwpoBuZ...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx8iE6yHMbIiTcNL0liNJSXnzRi4ludrEUvrSQ58v-PYJht36EruFQJ_NLSRJBtKE3fwpoBuZwZ0e8Y7cA6jrDHH3RMI-rI&google_hm=WkJTSDFjQ284...

170 B
188 B

56ms
56ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx8iE6yHMbIiTcNL0liNJSXnzRi4ludrEUvrSQ58v-PYJht36EruFQJ_NLSRJBtKE3fwpoBuZwZ0e8Y7cA6jrDHH3RMI-rI&google_hm=WkJTSDFjQ284WVFBQU1oSEppZ0FBQUFB

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Fri, 17 Mar 2023 15:31:33 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEGH8CdodbtURjg0QamaNoSE&google_push=Aa02lx8iE6yHMbIiTcNL0liNJSXnzRi4ludrEUvrSQ58v-PYJht36EruFQJ_NLSRJBtKE3fwpoBuZwZ0e8Y7cA6jrDHH3RMI-rI&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZBSH1cCo8YQAAMhHJigAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40244"}
X-SO-Key: ZBSH1cCo8YQAAMhHJigAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40244
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx8iE6yHMbIiTcNL0liNJSXnzRi4ludrEUvrSQ58v-PYJht36EruFQJ_NLSRJBtKE3fwpoBuZwZ0e8Y7cA6jrDHH3RMI-rI&google_hm=WkJTSDFjQ284WVFBQU1oSEppZ0FBQUFB
Cache-Control: private
X-SO-HostName: a-ad40244.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 11
Content-Length: 0
X-SO-LB-Hostname: m-tgng32.dc4p.scaleout.jp
X-SO-IP: 176.67.86.47

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD96
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJZufvNZoWddeAyTIESLDZ4&google_cver=1&google_push=Aa02lx9XKTgXY0i8jUFXbbg1t8p2qIBGDmEIUh89JE4KQhnIsQ8w_XWgqdaDRxio9OJVAcB7x_...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VN1MzQWpCRTJ1RlIuaGpwZTJMcWdqYm9aVEEwTEd6Zn5B&google_push=Aa02lx9XKTgXY0i8jUFXbbg1t8p2qIBGDmEIUh89JE4KQhnIsQ8w_XWgq...

170 B
188 B

54ms
54ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VN1MzQWpCRTJ1RlIuaGpwZTJMcWdqYm9aVEEwTEd6Zn5B&google_push=Aa02lx9XKTgXY0i8jUFXbbg1t8p2qIBGDmEIUh89JE4KQhnIsQ8w_XWgqdaDRxio9OJVAcB7x_aEgfdO-8opBp0Q3qwiwmw4-B80

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VN1MzQWpCRTJ1RlIuaGpwZTJMcWdqYm9aVEEwTEd6Zn5B&google_push=Aa02lx9XKTgXY0i8jUFXbbg1t8p2qIBGDmEIUh89JE4KQhnIsQ8w_XWgqdaDRxio9OJVAcB7x_aEgfdO-8opBp0Q3qwiwmw4-B80
date: Fri, 17 Mar 2023 15:31:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame AD96 0
35 B 179ms
52ms Image
text/plain 18.193.246.45

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEI57hXSrolqTvVQhEAoJHeM&google_cver=1&google_push=Aa02lx_122Rj_2t4G8eNHduGc33KWfhmLwbqBdUu0m87i0pSZEzWVfzDrlNXu2JgwqZmIZa7hEEk1IXWNqdtvNpY_rko3E6VX2ki
Requested by: Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.246.45 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:32 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD96
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEOUgkm3knW5WuGtGNABxr1Y&google_cver=1&google_push=Aa02lx-GO-cGHBL6to7RKRnCy-e2PwuGtGMYm74xEHrYhwakdX-64io8kxSzbwXWwn7IWwxYb6_KQ...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEOUgkm3knW5WuGtGNABxr1Y&google_push=Aa02lx-GO-cGHBL6to7RKRnCy-e2PwuGtGMYm74xEHrYhwakdX-64io8kxSzbwXWwn7IWwxYb6_KQ...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx-GO-cGHBL6to7RKRnCy-e2PwuGtGMYm74xEHrYhwakdX-64io8kxSzbwXWwn7IWwxYb6_KQ8u1oszmGDi-o9IrmFmAZpWU&google_hm=T01JbFVNOGRudXRE...

170 B
188 B

64ms
63ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx-GO-cGHBL6to7RKRnCy-e2PwuGtGMYm74xEHrYhwakdX-64io8kxSzbwXWwn7IWwxYb6_KQ8u1oszmGDi-o9IrmFmAZpWU&google_hm=T01JbFVNOGRudXREWVdBSTBxQ0s=

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:31:33 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx-GO-cGHBL6to7RKRnCy-e2PwuGtGMYm74xEHrYhwakdX-64io8kxSzbwXWwn7IWwxYb6_KQ8u1oszmGDi-o9IrmFmAZpWU&google_hm=T01JbFVNOGRudXREWVdBSTBxQ0s=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 240
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AD96 0
12 B 55ms
54ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JVL5Q2lb4KG5VNYihAD1KRCVPqcNuyFIWVDURVFdSO14FOD6FrPjk9HJU58GzmO_WfuAIJa9BL

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 p
geo.yahoo.com/ 43 B
435 B 165ms
164ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: rinehartfarm.com
URL: https://rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:32 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js
pagead2.googlesyndication.com/bg/ Frame A03C 36 KB
14 KB 44ms
43ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H2 200 rectangle.js
cdn.revjet.com/~cdn/JS/03/3.5.1/modules/ Frame FA0E 20 KB
7 KB 147ms
32ms Script
application/javascript 192.229.233.6

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.1/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 -, , ASN (),
Reverse DNS
Software: ECS (wmi/FE8D) /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:32 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 07:30:07 GMT
server: ECS (wmi/FE8D)
age: 438
etag: "638857ff-5088+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7398
expires: Fri, 17 Mar 2023 15:41:32 GMT

GET
H2 200 sync.html
cdn.revjet.com/~cdn/JS/03/ Frame E197 2 KB
1 KB 130ms
29ms Document
text/html 192.229.233.6

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 -, , ASN (),
Reverse DNS
Software: ECS (wmi/FE8B) /
Resource Hash

Request headers

Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

access-control-allow-origin: *
age: 11
cache-control: max-age=600
content-encoding: gzip
content-length: 943
content-type: text/html
date: Fri, 17 Mar 2023 15:31:32 GMT
etag: "63e39f32-744+gzip"
expires: Fri, 17 Mar 2023 15:41:32 GMT
last-modified: Wed, 08 Feb 2023 13:10:10 GMT
server: ECS (wmi/FE8B)
vary: Accept-Encoding
x-cache: HIT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F61E 0
10 B 49ms
48ms Image
text/plain 142.250.186.33

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?w9Erjw
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 tag236648
ads.revjet.com/ Frame FA0E 209 KB
32 KB 67ms
67ms Script
text/javascript 65.109.114.33

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236648?_plc_id=111757319&_key=1e6&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvRXP0ocUZOTWNpfkkdUPjKOs0AK0iLy8buq5-JW6EfT1iNbEBhABIMqc9yNg6eTJhdgaoAG5rJCLKcgBCakCUPnr22nXsT6oAwGqBPgBT9A8g8MuNWM3IozuwrYDFHkVRA1Gqzo43OReBTwAFNliZpBq6C70O9mNf9zMkh0-9vMVM_NYujuFBgahxbdouqAlecH5XfJBLl4xXN0z1VEKxsoPL0gxZyw50k6bWvlhQiJV1P2ieZf_uFmIufg-C7f4A2Nw0UjgRick5Q7y0BrguzDrDgjMDE7dvEbhASbp3wXfvJtQUo7SuZo0e9AlwgLPBCnwf-ZndD_LKC3x70MgcRolFxAznYVsj6MhQyEZ_IrnMBMJ2T5VqIBO7jFGVeTirAxWb3pbV5_3L1P3sVl745fcDqt78skHb9jUzJNOIQoJVatvvPHABJ-Z7aaeBOAEA5AGAaAGTYAHueTg6gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBAgAoDmAsByAsBgAwBsBPB5bMS0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQDUE5ymS6TGMs733-v8sYpSzP0bZmMen6HR910zxPFzfunTVbqL3NozGAE%26sig%3DAOD64_1XcASbLwHm35r8TCfJvjcS8iPaRg%26client%3Dca-pub-7382640443023261%26dbm_c%3DAKAmf-B-fW-u7HPLytS_Dz0tLheSPR2XWP_Jo4agd7T1iyfpZKBPJeWIHmphBSUSvzX0TBxa9kpNJz8hRQVtHfnlPRhZ1vGc6S1Z2mqHpXXgsfpwBWa8pjC6xdc9wxbqrAyzxZ1YBVX674ay8o7oA4OAP6wXk9kS28Sd-68GhIsozzbpKNr7yJ8%26cry%3D1%26dbm_d%3DAKAmf-B5p-GaqtBKpxJlvkQF8iOCh7-v0pXM1u23v1qjIuCVem6_VGIcgmNDY3lhDZWkbVKoCHIsksCPt0cybch6dYGel6KRoODO6tVbysFuRw7fNArDQWFZDv_yCB64nOaRFSWEX_Ph30RSbi0wi4_UPbRdZVKkmNywXo__o6R6S_ZqKSvXooqvB-7T4oGGXzzvw8r98FDPX1NH8IaFjokbYD7-g2qlXVgp_kijpkOytrhLli0Du3GCoIQl6iE0czSyo1mDAwh3qvxdTutBbzZcss90uDz6ZjcSwyf-roxrATU229sAWSH8X7KjJ7XuGHbMgMBLFpWkb-1FvbbkZzZfwPDGL3cYLCQy-FVoOs2lji3m3B6RtR_uPxb5XIBprRg3ULg28_fLB31MvwZgxw7jarVNgrdjgKdg4lQXKLjFOdMFDUDXFgP7ezPHrcLyym07ZAGs7uDFe3xkCa4-StXDmiY1QELJun3lMOTtSQubSHyetq3-796ixlXma4WNhR_BIfJgjcbHfbO2fhRDaNUu7W24ekJEm87_yXa3rePqyVV_Ao8OgcC-FrQpmLZuNzOnD35InEBNuybMkwGUZ-Ip2KkQ0H0uPp1jIwmtH8yw4d6nLU8SBQU%26adurl%3D&dv360_cmp_id=19568699176&dv360_li_id=1010458177&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&_js_site_ref=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=f749d8eeaecf6dee2b16_1679067092891&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fs.yimg.com%2Chttps%3A%2F%2Frinehartfarm.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.1&_js_tstamp=1679067092907
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.114.33 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:32 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip40266
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EC3B 0
0 82ms
82ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031301&jk=1516167285328178&bg=!SkmlSR3NAAZEjmHWZI47ADkAdvg8Wscf3yRCJfs3uquqi9Kl_vD6KqbelNxb73osWk2SO0ICnJvGD2hP77EjqAV0aVFA1WdNAQ4CAAAFtlIAAAADaAEHCgCQDrnXhlOuAMRdP_10f_TifB2wmMylCnBm42BTjgK_djzrL6ssfQyloj5oqgRQum_x6prtCSH9UOmVGQsRXKIMgrm9dKhvuDKON0bW8x8M77jt4pVcv58Ek0dIyr8cPrHaPWWFzeoltvcaKHmRpm6G_jwVJilFo9ddCzMbAEHbDLBVWiwTeNcFgTDwgaiY2jLNmQKoh0HmCww5an3BiOLJWp67wkFCDbP1affq2fEDbWsHJrObJnSjfNC1hnTHf87VJEHD35U_cpPEW22bTDUyD1KOXtv9FETa3gYc0iPNJRCAxaLz5VRqWLvO9i_iuxRbtkVtqvZ1HuXSgkpSUXHeXkOG70qKvEItfm4popE0Puk4vPE1sHlG1Wy7oCaPE6kQJX9ToigMV-lB3iMhJAXVcHdPE6hvtqITclXT7wtZm6EnrDxmfBTDUXss_oqkc5nSmpy3thr6XSeGRHuNLt8vyq82yINWnGdleDUMm27IKcAWkH_BQAgg6yqFd4UdCjs_BHrE2FE0sJzhRcX3bQbqVexhDsV2LcxbIZocq7NNGNYhGXA98JDbb6qHlC8U5vnVRTp6ecJHf_FNjkxsVEqrRa9zCe1_ziARYRrVJVT-Jj62fMKSAVd_GV6Ysa-I3U22wU0Kc_r3uR_CWplUIhjJI2uziggv1hI3a8Hd1EGDn9kSha6JBQ0aIYeed3AJwZPJMgzzfXxfc1wBtUaO0JcIrZBonHY0nIWMPvk87fazXBw19vvhXqzOw5F0Z9BDlR6Q03djEGO0wCuoc0s7MY2ubD4mYcgzHCge06JY1w_Nm1nEPjpNaMYFddt_01BMHo4kKHAMIy2ptb8t0ioVpYqQpuV4zR4FhGA80BSuJNnIKg4kYbN0UBaqeHKRwuPxak-INYL-QBvml7DiP0VBgihYYCK-7y-oX-YvgdJhBoFigLgJzpgzJ6zpKSa8neQKhSgfE0OHo9dmXa56WqXuIl3ZT5Gk_P1te1AsE3b2FJ6WYquMVHkTqmTK0wzPn7RQxM3p3sLbrTRSUuN5fNLbmg3UQC5JKbzgb1-q_QACFNZor4a-QHFV0_ua6c7KzxFHHLHl-jF9dylUneCyoj0
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F5B4 0
0 83ms
83ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031301&jk=2660711253983299&bg=!39yl3IjNAAZEjmHWZI47ADkAdvg8Wl_Py6rd--F4l9nKNIqzoEFN04_fNej2J0YfMADua2nT9Eh5r7WYDtZuLBOaQnhDDAygMO8CAAAFFFIAAAADaAEHmQK9MNrFkkXEh65iBOrjIglp3_26mqSC5y2F75C2FWoPzMSE61gVaEhzybpDaBme9H77IrO9KxyKPz9S9UVkZlPxKM3NfnA1oKnNlb8XxzvbwLloKQBKldRpfHQS5s3LF0CkEIISmSBIlgJoTaVkxRjaHi0XWSLI4sOZQNGxnM9wHNHeoEFx3DSmmr6NpgHYXH-V_u4dT1UPNdJDJMphfKPhUHU9LCLVVsNv7f7VMODKB5i4TG5os84w8jIxq7LwkyvH8p3sAZvWG7Qkpuy7zjpyJZ5m_E61ZmW4O-zCtIKZT1U_p9mQekPnp2DCg_-ZbHVOnZhbYuouT_hDHUQB6RDluLxl5jlWMeqiC63X9PEO_5GZ9WmRy_wWG1rFgDFID2NCuwbca4sR8F75R6NM4mjAm6OiqYwszzXgByhsk-fMO6Jsm8xGRWKCavBFWiO_6ile5e234KVhRC6xNha3fQOoRmrXIVgfll9kTAxVYEfatA7rDTrFKhCRIr6OrT43m9fxqlL7Rf2fD86TjGIPHu3hp0a6vFKElRcF5Okrk3Mg0mmVar9T-1gzqBmDV3SUk3_Y6yUQ_01y4pUQcB684wj6TbpH487ogdlywvlb7vj1-VmYrJ93JmEclMVtUkTrdnDX2qKI_rWLt06x1KjA6wcImBuLyGqX5VfMGdrknu50uLEZaUWOsOUwC7efNfudgy_2bWGVt7WBT5qr59gKPNxKSaX9odFVzok_E2zT1-lOSZ6QCSg-7Bq4JmL4mOZ6sWkmACMUdfDQtJ6YnNJrbdnSU0kuK4DWr4B9S_i1S1MVJNyCMzDDpa6GnD1kcQeuBEpkfxQtFpN7JlfLIgp1oTGnEPVNrutZbWX06NOP_AImlKYVk_xTuLzX0G_Vm2svMGRN6VJJBl1GsQhLJiEUyZbS8bJrkYePdZVFkQ2Vcp8
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7F0D 0
0 87ms
87ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031301&jk=3345236712385395&bg=!3d6l3orNAAZEjmHWZI47ADkAdvg8WgAgLMzqgEb-wgcJMMC_5aVq9928h10RPAyHVbwYDTTov_aroV1JV7-MP9oKeCHs2RIMCW4CAAAGTlIAAAADaAEHCgBVgqEilAd0rNz7DZ3pz9ExYcGb0Xe6phjKC9uE7nl7vK4YXENZQDz5JebMr-PHVSuhuCRaJT6f92AJIPiXKnHXC7zHR7cgyCpErWnkzXaSo2MSDU58MZkCxGi_sdo8EIjViwSqTt9Thd_TA79IMxoXxfW5B_i8bdwedgTcsKgTbW5uxwE8lsYG9mTb4oMWSaUkgRJru5IK1Epa_BQD4gTh9hl3d9rWo51RTf1DG46R-sBCPtcanK4mHScUDUd7VFbbbHlaoqcmm5QJS_HSw_ji8PleYn4IgMOJHqhhyLk0ZgKX6GMWuJjbY9rXhQ1FQyX87mVnQEP_jlaXcNPksMk7e0XafutVqBr4OhMdXEUBPo3PYsGrMFCsGYK74RWRroaZF8GHKo1-MDznW4vPFne6E1sD88JCG70yeu1Jh0coR3meOrVFx30ouc50mR8LEIhv5dkgaBf_5Pc77QMslIQh1b1psMsjT_q5H6b8RIeKInzPVbzuhtLbmCNsOFQKs9Wq5ZtflcUqNTHYuHp-9ylp_t2Ui4Hx3WqV8jSaA4ZTibNTHbxSWEbMNqr6xS5aultguZGdJEYRDF0Jbu8HaV3IYLwbt2FBsDvwpiHXTHGujuY0dLTVZXC0KwsBQCx6bt5Xtlf6-XfC-OfEb05AMaTfDN3kzs33pjONndN5sSsFULme58COpqbvtzRBI_n5Lzlg4Py7tVjK-nfH9_u7jHBwfGw_ydTgVwRIyFzU_bXFNE4H4DQOz48457oSt4lgtkV0VtJ_INeTTNrllgsS6jS-lvbtfKODGOEFC8CpF6cWuHCcONYPuSScIqrOQGbaOPdFCre_sFhSIKTxgYZ9a1OHp3U5xyCwgxvUF8vfhdWWhHFtB5DDJZt1kkoMo_Aic97WCDpY5z4ZXmG4AjNG0-w6EA7Cse-t77u6f5f9nlWp295Bi7N1EvLIUaBKGw-9KrB4TUfH33or2cxEceuiedZraZe3p4XMzqXRp7cu08O0FB32tNEzxhPxDn519VjyFL6lmoITSuNi9gf1FDUXsT9TlF1OAeTjqATm-tyq-Q
Requested by: Host: rinehartfarm.com
URL: https://rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 elements-2.10.0.js
cdn.revjet.com/~cdn/JS/03/ Frame 0C6F 165 KB
49 KB 155ms
64ms Script
application/javascript 192.229.233.6

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 -, , ASN (),
Reverse DNS
Software: ECS (wmi/FF12) /
Resource Hash

Request headers

Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
Origin: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:33 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2023 06:20:03 GMT
server: ECS (wmi/FF12)
age: 462
etag: "64097a93-293b5+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 49763
expires: Fri, 17 Mar 2023 15:41:33 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 0C6F 43 B
169 B 184ms
61ms Image
image/gif 162.55.246.95

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=358c9ad5a1f288be8bc81ca03c2cd51d&__adt=8240602432759753856&__ade=1&vid=4965869529859266495
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 15:31:33 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame 0C6F 33 KB
33 KB 36ms
32ms Image
image/jpeg 192.229.233.6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 -, , ASN (),
Reverse DNS
Software: ECS (wmi/FE91) /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:33 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 1658
x-amz-request-id: NJSB90K4SYEN0B33
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: F71kmqtgipnvcj5o4hsj479U6qpqr/L1HoBdgNn6jgbmNV002TSmYjmLmXRWtEVkHShjWQLZCi8=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (wmi/FE91)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Fri, 17 Mar 2023 16:31:33 GMT

GET
H2 200 gallery-2.1.9.js
cdn.revjet.com/~cdn/JS/03/ Frame 0C6F 56 KB
15 KB 34ms
30ms Script
application/javascript 192.229.233.6

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 -, , ASN (),
Reverse DNS
Software: ECS (wmi/FE8B) /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:33 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:32:04 GMT
server: ECS (wmi/FE8B)
age: 318
etag: "6283ce04-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Fri, 17 Mar 2023 15:41:33 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame 0C6F 3 KB
2 KB 34ms
31ms Image
image/svg+xml 192.229.233.6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 -, , ASN (),
Reverse DNS
Software: ECS (wmi/FF12) /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:33 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 1692
x-amz-request-id: E7FZG9VPWXGJQKS6
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: NwXFcGH0RgxFX11PdrazFpgjU//y/AhRoqMcLbtXecubvhMVHIWMvTnPykQdS81F1uk5LetUQmY=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FF12)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:31:33 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 0C6F 632 B
626 B 35ms
33ms Image
image/svg+xml 192.229.233.6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 -, , ASN (),
Reverse DNS
Software: ECS (wmi/FE87) /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:33 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 1088
x-amz-request-id: MTGTBZCQF5JKH89S
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: uBi1RMvLks1y4DKNY0LSD9Q11NRgzuSFVmNR7cCYJgH5e91p/M5cNwDoeLxiQP//PEfJO49fmVs=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FE87)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:31:33 GMT

GET
H2

200

B29251386.357500449;dc_pre=CPaPmq2k4_0CFSD-uwgd2J0Bbw;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067092942
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 0C6F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=16790670...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_pre=CPaPmq2k4_0CFSD-uwgd2J0Bbw;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_chil...

42 B
118 B

68ms
67ms

Image
image/gif

172.217.16.198

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_pre=CPaPmq2k4_0CFSD-uwgd2J0Bbw;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067092942

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

172.217.16.198 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_pre=CPaPmq2k4_0CFSD-uwgd2J0Bbw;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067092942
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 0C6F 43 B
170 B 144ms
58ms Image
image/gif 162.55.246.95

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=358c9ad5a1f288be8bc81ca03c2cd51d&__adt=8240602432759753856&__ade=1&vid=4965869529859266495
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 15:31:33 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 0C6F 34 KB
34 KB 68ms
33ms Font
font/woff2 192.229.233.6

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 -, , ASN (),
Reverse DNS
Software: ECS (wmi/FE88) /
Resource Hash

Request headers

Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
Origin: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:33 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (wmi/FE88)
age: 576
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 17 Mar 2023 15:41:33 GMT

GET
H2 200 TiemposText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/ Frame 0C6F 34 KB
34 KB 30ms
29ms Font
font/woff2 192.229.233.6

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/TiemposText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 -, , ASN (),
Reverse DNS
Software: ECS (wmi/FE8D) /
Resource Hash

Request headers

Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
Origin: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:33 GMT
last-modified: Tue, 31 Jan 2023 19:46:47 GMT
server: ECS (wmi/FE8D)
age: 491
etag: "63d97027-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 17 Mar 2023 15:41:33 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 0C6F 286 B
460 B 38ms
37ms Image
image/svg+xml 192.229.233.6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 -, , ASN (),
Reverse DNS
Software: ECS (wmi/FE8C) /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:33 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 1720
x-amz-request-id: WJMRQCRA68QMCR92
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: xKn3T2XfVL78ytk5irMTeTAS4WRBAmkd+vNREC2AehrXOayBAn4OkLWlZ8lPtzgNDY+S+Yw/Ntc=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (wmi/FE8C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:31:33 GMT

GET
H2 200 HelveticaNowText-Medium.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 0C6F 36 KB
36 KB 38ms
38ms Font
font/woff2 192.229.233.6

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Medium.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 -, , ASN (),
Reverse DNS
Software: ECS (wmi/FE87) /
Resource Hash

Request headers

Referer: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/
Origin: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:31:33 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (wmi/FE87)
age: 566
etag: "631b6705-8e74"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 36468
expires: Fri, 17 Mar 2023 15:41:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A03C 0
20 B 85ms
84ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuD6n04cUZNXlOdizgQePzoK4DAAAAAA4AeAEAg&bg=!xcalxpLNAAZEjmHWZI47ADkAdvg8Wgtbb0nb620gTK-kjvkAei8oJ4pCd55vzR_HieP7fR8EKn4ni6UP3w8rTMGw_MF1bp6Q_GsCAAABr1IAAABYaAEHmQME4FO7lRgqU0OHKapbDSYtPCmKM_z_WlKcKBTAue-cEI_gUQBHnFptBmf8iKsQHFA43dRVYVGlmeV97JgShYojlu7z2KAhhUpnVhgnCrXUouTzqCJMfxsWGzUFQ8qkkGxdKzNMawf0w6WoEzwPtr_yPhzqS_P58MYDcGB4lHtkcf2hqiXnt9gk8EE046xFgeNDFMkkquCmt8W4_FpsdOTIvIDs2DqQ1LVhSDl7DJDEsSOmNA8Hz78gW7HQ5-9WNnrG450PfxtHcWRQiyd_ApJvfTfzr0omBP8d70SzVTZjwyf2Iw0yIcKz1LVAjS72temuJfwtgDuWM6d0IzA5kViKpq75kdxT9j9Zz042WZLCppLcF7q_35lTsHnB8Vkm0gDewUS5EMh-Mp9E9cRHAY1tIEmRAuM2Dj0QcKKmM6aUmhEj5hLxYcHAWSRu61c5BdcxdNXhqolZ9K7YGABV0JcHTu57Frgf-XFAfEtwz94QrG0StEIcq3Mat_poktwTJgMJ3jCrVPZLwcU7QVjcloy8pcEeqFJcqnCmFLXUOzfr6sBSnsT0hGgaLejrJ7A_-H0pwMToq2US1PYDFX3FgewvA5rHL0ElYAABRE-D_yJUlCWMqouM2l69oYWvj4pv_D0v0IgtFqHQ-FfKzvJqeekr4ak7LBmV_hJ5tOUPBQjA1aN9TWgqZO-0SRzMiDtkFVIGjXhvE5s5QKeM6UVadiQ0t8ZuSrorpJUQEh0e2mqIhRG0fNKSOBXUpzDvIEhc6cEJtHlNhOQbFHNHQ5PiQT5xyYDx7kGnGG6M4-ZSzLUSbZbG2HG0iT--6incE-o1TJzeVVrKGahIM5Asp2yrIMbBR_x-EOhk2Mat4OMX387UEgM-m4HrfCe7SVPygwuVJ0g8Y3HCyBOcJZW39WG5Y545B3YIIfNqdG2RXOS4VyjK_WsPDJI7AkaYB7DAmZDHyi-uzAqGzY7Uw3Tui22L_6c_qbIsNzKfUcWD2tV5_7JbsAFmCWH0NxPCHttgwk5RundDyVw_Hg

Requested by

Host: 635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
URL: https://635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 opus-frame.html
opus.analytics.yahoo.com/tag/ Frame 4BA1 10 KB
4 KB 154ms
31ms Document
text/html 152.199.23.180

General

Check archive.org

Show headers Download Go to

Full URL

https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.180 -, , ASN (),

Reverse DNS

Software

ECAcc (wmi/FE97) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

Referer: https://rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 165059
content-encoding: gzip
content-length: 3645
content-security-policy: default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-type: text/html
date: Fri, 17 Mar 2023 15:31:33 GMT
etag: "a26f3818e8e781b7435cd7881cf5a29b+gzip"
last-modified: Wed, 15 Mar 2023 17:39:08 GMT
server: ECAcc (wmi/FE97)
vary: Accept-Encoding
x-amz-id-2: LJscXBdZdoEWiCn4jceqgSg+AaKvJGxt0koE+me19G2fV1UEITPY9ytZKsfT/6Xziay2fnTmfDE=
x-amz-request-id: Q9E880KA8TC6JKKM
x-cache: HIT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 324D 0
0 84ms
83ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031501&jk=2476644256891189&bg=!bW6lbjrNAAZEjmHWZI47ADkAdvg8Wi--kplbRGvfeNzT-id2kmWf3rosuEzL6imkU1sfVgtzOF4ZUYPW6if9RbVqsu5I7IVtlMMCAAABzVIAAAADaAEHmQK7OaKgRaMn9j_tbbX-oZubykga_y1u0kkwRskNKKoGMlDhI_3iHtH1hPUafywFv6mGoiJn7cnYFGxLnymj7TyOmPrtLiYcMzgkTI-a_CRKL0dF1MXXEY23ZcuoQLEzAjA-pZd26BhplbYoQ-oEpcXjGIXCCSySMmJ5LvlSgK8NbHa3VhDUoZ3ChqxgBldioECNcNdCe320SDaX7yaCynzPBlt1Ej9fZq9DV6qe0lpm8kiVyabSB2hvWQwEBN3VVYt3pvqYyB8WpFp-kUzYUy8RcmHDWhkVBLXWyv29jFZpCim2dYec9ezHHmUfmFTMixSkIczxvwBACG6zgA9Zu_h1lW0HiKIXTVE_v2GEiLxI8XwP8LbyGXAQboGRyxya9AS8xhIUNVV7SmzFAlk5LjlIHRAry-vIy3KKyl7ProDngw3kVD1gGicTgArUuScZ8I7uS9-3Ij1Pw7YececvfFPwGHtgvqEjFa5lGQ_2HzmDUK7Kvt9oaj0OKiqLZ2vk78-M_T60Nj-LF1daunSibGGL_pNE_srMsyL_lIsW7tACv3DM34u2K2M2mq1cFCQkJgeeUf8zZGbcUYMFVYdxs8S3V4gpkTIDqVT9P4pSTGnnFIhgS9NlIR_PMkzQlZJvuWNU_ZrXoOfbpG6DoCyDwWgsQ5I8G93Klz9S9GfXjjl9AKJSmvWADN143yCGOj-YTmaE8UHKHC8NeoBWHJ4ZFgkfNRwJy_L-CH48SW5yWAb7tCKls_yFCpW6Htm-PFzZb_940VKAIBvBWojq_W2OJnrjJVK1IQjF7q96qnEDk3qk9R3h3MilyM-yh48xnAVRjMMP5p9uyx2AN8e91VF7GwnXJpRxQ9wMkFNChb0nkG5Xws5OywtpfEuDzdM6GmaaL1jpzs9qOuCm7HVuCsrfyWirxOoiB4KAfknVGe0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: query2.finance.yahoo.com
URL: https://query2.finance.yahoo.com/v1/finance/trending/US?count=5&useQuotes=true&fields=logoUrl%2CregularMarketChangePercent

Domain: guce.yahoo.com
URL: https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v6/finance/markettime?lang=en-US&region=US

Domain: embed.fireplace.yahoo.com
URL: https://embed.fireplace.yahoo.com/_rcv/remote

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=ES%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=YM%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=NQ%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=RTY%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=CL%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=GC%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=SI%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=EURUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ETNX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EVIX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=GBPUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=JPY%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=BTC-USD&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ECMC200&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EFTSE&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EN225&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/quote?symbols=BTC-USD

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rinehartfarm.com/	1970-01-20 20:00:27	Name: 3ab00 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE5ODg4XCI6MTY3OTA2NzA4Mn0sXCJjYW1wYWlnbnNcIjp7XCI2NTQwXCI6MTY3OTA2NzA4Mn0sXCJ0aW1lXCI6MTY3OTA2NzA4Mn0ifQ.XXpon2e8TqBMXGusaGP2m1xQSBgzrco59FiFOjRJ8ys
rinehartfarm.com/	1970-01-20 11:09:05	Name: _subid Value: 1m48sub71j3t
.yahoo.com/	1970-01-20 19:10:24	Name: A3 Value: d=AQABBM2HFGQCECXlE6AAj2XKFrC-KVqqVigFEgEBAQHZFWQeZO-V7L8A_eMAAA&S=AQAAAugiApCyq2_xIhtv73jglzg
.doubleclick.net/	1970-01-20 19:46:03	Name: IDE Value: AHWqTUmhGw35Ma24aRLet3Luymn21_LlXEOVRkQY_opeUqg8KxR1hezdJWmAyjN_gzM
.doubleclick.net/	1970-01-20 10:24:30	Name: DSID Value: NO_DATA

46 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rinehartfarm.com/__rapid-worker-1.2.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://rinehartfarm.com/ Message: Access to fetch at 'https://query2.finance.yahoo.com/v1/finance/trending/US?count=5&useQuotes=true&fields=logoUrl%2CregularMarketChangePercent' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://query2.finance.yahoo.com/v1/finance/trending/US?count=5&useQuotes=true&fields=logoUrl%2CregularMarketChangePercent Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js Message: Unrecognized feature: 'vr'.
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v6/finance/markettime?lang=en-US&region=US' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v6/finance/markettime?lang=en-US&region=US Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=NQ%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=NQ%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=CL%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=CL%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=RTY%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=RTY%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ECMC200&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ECMC200&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=ES%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=ES%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=BTC-USD&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=BTC-USD&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EN225&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EN225&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=GC%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=GC%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=EURUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=EURUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/quote?symbols=BTC-USD' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/quote?symbols=BTC-USD Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=JPY%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=JPY%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ETNX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ETNX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EVIX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EVIX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=YM%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=YM%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=SI%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=SI%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=GBPUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=GBPUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EFTSE&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EFTSE&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rinehartfarm.com/ Message: Access to fetch at 'https://embed.fireplace.yahoo.com/_rcv/remote' from origin 'https://rinehartfarm.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://embed.fireplace.yahoo.com/_rcv/remote Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.yahoo.com/px.gif?ch=1&rn=6.349411862255239 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.yahoo.com/px.gif?ch=2&rn=6.349411862255239 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

39825f9fb93011878253fdb8ed70b896.safeframe.googlesyndication.com
3p-geo.yahoo.com
5.ras.yahoo.com
635a7415510deae701d5fe13d723ef48.safeframe.googlesyndication.com
969d3c5ffe7672690c93caa2f13106b7.safeframe.googlesyndication.com
ad.doubleclick.net
ads.pubmatic.com
ads.revjet.com
adserver-eu.dsp.onprospects.com
adservice.google.com
adservice.google.pl
aka-cdn.adtechus.com
apx.moatads.com
b1sync.zemanta.com
cdn.ampproject.org
cdn.js7k.com
cdn.revjet.com
cm.g.doubleclick.net
d4a014d216dd95ba6d2867676257a334.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
edge-mcdn.secure.yahoo.com
embed.fireplace.yahoo.com
eu-central-1-web-oao.ssp.yahoo.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geo.yahoo.com
googleads.g.doubleclick.net
guce.yahoo.com
gw.geoedge.be
ib.adnxs.com
match.sharethrough.com
mwzeom.zeotap.com
o.aolcdn.com
openweb.jac.yahoosandbox.com
opus.analytics.yahoo.com
pagead2.googlesyndication.com
pix.revjet.com
pixel-eu.onaudience.com
pixel-eu.onprospects.com
pr-bh.ybp.yahoo.com
prod-m-node-3111.ssp.advertising.com
ps.eyeota.net
query1.finance.yahoo.com
query2.finance.yahoo.com
rinehartfarm.com
rumcdn.geoedge.be
s.ad.smaato.net
s.yimg.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
service.idsync.analytics.yahoo.com
spl.zeotap.com
st.pubmatic.com
tg.socdm.com
tpc.googlesyndication.com
udc.yahoo.com
um.simpli.fi
ups.analytics.yahoo.com
web-oao.ssp.yahoo.com
www.google.com
www.googletagservices.com
www.yahoo.com
embed.fireplace.yahoo.com
guce.yahoo.com
query1.finance.yahoo.com
query2.finance.yahoo.com
108.138.17.95
124.146.215.45
13.32.121.72
13.32.27.67
141.94.170.64
141.94.240.141
142.250.184.194
142.250.184.202
142.250.185.130
142.250.185.161
142.250.185.226
142.250.185.228
142.250.185.98
142.250.186.129
142.250.186.33
142.250.186.35
152.199.21.65
152.199.23.180
162.55.246.95
172.217.16.198
172.217.18.2
172.67.13.182
18.156.195.47
18.184.216.10
18.193.246.45
185.64.189.221
185.80.39.216
185.89.211.12
188.125.72.139
192.229.221.24
192.229.233.6
213.226.126.234
216.58.212.162
23.35.236.201
23.35.237.151
3.126.56.137
3.71.149.231
35.157.25.58
35.204.158.49
52.208.110.188
52.222.213.56
54.154.227.195
65.109.114.33
70.42.32.191
87.248.100.208
87.248.100.216
87.248.119.251
87.248.119.252
021d38e4d1439c38ed1165c38065766ca0e73c9623e844c65752fabe1ecb2b11
07843fc86000451c78df512185f14fd19ee5143bf2cb6d8a4d5c4efb33e5d7de
0b455faaa38265d2ff049ec9470af350dda818baa4a3e8f9b9e03c6350279517
1236e3d07c5be99605a2ce51cf62277390130d7e1666e31757c7182173c31f1c
17657f91dc8a7010a869b39af18f5bdee723126a7467f77f929aaef9c53f2e40
18c32790c19d6483d673c06a3d9cf7f6d717fb88bf3698afbae2b04b033ed537
20ab02ab4d58b6fad10d4ec2d856dd2fcc6984f5f43832cc09f490ba69ad9307
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2b3162b9d90ea855e1d140d94062ed56fb3b8d98193f1f37680f864320d481fc
2da8e6f60e9698291e4cfecbaf95ba806282637c28fa1cc7c2d7ef0e32e660e9
3016ee9e02f913a7cac4c4fdc28c5552afea273ee310d94f7520eb47d50669f9
30797f2f9f4f25064a692331c35f0216ef5225c11627cd1393847db1e8cff8ff
314e1fe839edf550dc0b9df5652a95424a597f72fbc78c00f80976f297696a0d
31665c7c01527083a4492b70d9a202462499a041939f3cc381e02ec1939efd39
33de9ebb711226b9d7ebc94f2c9e9eaea6ab6346ea7bfd79828ec1fb819de33f
344c047bd023bf7735dad087f56e67c775aac4cf0b9c20c8de483f244b82caa6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3659aeca6aca76cab7cbf7697533350ee802c2555be7f04455d506649a67b3e1
3b8e7415842f1029a53ac6c9ba1cd6511c3d22b419a0154eb76311c51b13c9a0
3d7ffe1ecb061100760ab496bae435770032c862df220c02160bfd98fdaf07d1
3f1fdef4f502d2db072df997a1b83e977c3e257521551a9e4de98b1c28fa8a39
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb
48ec4260476a44776e57b5fed27a5c04b050e7f782336b851615d4ed5a7dd439
4a66b92fc3985947226e9cba3cdd5687ed4746876da1c1f7e399a1cdd6c62409
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a94f6bee75aa79866b9b5e432a352b6e45c906c10eb348ca31b5b4317294d11
4ae77ccd1af6d34259034b5541fbf516a92e27ee3282fd1b826d65c7a1bb22a6
504e05e34c69c7ecb5293f3fb31be8600db94d8b1076675844bc0b94cabd54f1
506648db425e3801b3b45aca2382efaed10698e5af1dcb90fc8cffb2b090704e
518ae6cb617cc155d3da327e86d5cdb06025b6194c5a11b1e997624f04609ef0
52d9389cd526906e929ccece229fc8122685205a9a2a0aaf667d0907ef933576
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416
5881f3f993faa9cadced7966c9594acbd436f52bcc223f8b603695c1386dfe3a
5ae9552d446982cedbbeb56c92ec7461d79f2e7734efa66bd0633e095b12d645
5b913352ea1a6eac1ab13c11cd8331211143ff19211eb6836b18ff73a64cfaa7
5c91e5a423b545e6cf71afe04e0888d05dbf73753666f25e1af5bc31ba8839ff
5cb2b348029a5c8cad5342d73f5f78ac09ad0cf6ebde80b5a1ed069f08332ddc
5d99370b93b9a2a7c741a232137e613db59791637bb0f6c59503b4fbc2a19c43
5dbbce5607a1b59337cf8926e9799aa143ad83ca74795bd8ea4df487a46adc7c
5f86ec9907f6433f430f9caa406d5244809b9623f8ebac90868ae331775438c5
5fea1a0dbbe96d453e3c8d4b47e1f8f646a7ecc4abcbf7779862f491ac4a09e0
60a7550cfbb885a0a9f7007c8efcc3c0d9c2f968f87d263b5061d5cf8322c80b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
666129f9cc4a9c2b1ae701451477e8456f324e37c2327bd7de2576f6634f32bc
67abefd44cdbe95de18cacac973e61226611e6c1bf7c76ca9cd2f7289afc8332
68b6d95d23388dfe19a9e50f5697c58fa43418da4cf7bc8571e065afc730d767
6bc398615b208b47acd0004724f73fae5762ca6de7b2ab235f8999594a35dc0a
6df75e91352dff7a5d6c9827c27612ff26c7954cf2fea7c6da459773865c6bc9
7480b81e8c1e4d927a3bafca51a4c7d2e82281fbcb6c89fd8f926b9375622753
7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
7e926fbc63ec1370ffa4ca3778637b9b183d6da7a7a1539b78329cafc2f22f0e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81871a231bd7e95f87d000c40a52a9e9670d4895e46824e030ac11ddc93e11ce
856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
879c22d7d11e8394e045a7ab8dfd514a9f9f8ef27adf8070a8372f69e07943b1
87cae86ffab4a825efd06a602c30563b9e29208314ba093a26a3550013358080
88327ccd76fc342e6f49d8ad72db3a3adac91df0b100663fea881cb33a2f79ef
8845be6e7a95e3a872fbe0c447d743096b3adf8ee1b6f0d59bcdbdec18aeea36
8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749
8aeac920ec9dbdec2102d5790c0c97031685bae8f252caed19125ae08cad9a0d
8c6a14a96e308f070f495f999af4e39027527d649157fe1a3ffc116870e14697
8cc052c759f667b605acc55b5e91826efc37c5947f68f76cfbda87dc116512dc
92048fe17ab99379696001bc409ad3456f8bc3d01670f6e2993e9d93b2d55874
93b4d7141f0235efab12760ea30046e4640c1ea82e336561ff918435b04c1673
95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0
983142f7f74bc016f252894067351b2af7d87a59d31a201376e08f374413eaeb
98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd
a0db2bd28c98bd3023a5f63cd4c4fa1e180bfeb8a220f8ed07ed7cc2a7dc2607
a1060b6dd1609d1165ffc70733edcc780fd8192fd74d229cba17f1fd402a43a4
a18f1f61513a044194cece1b38c0e512126976c8e590f800fe4bd406e697dc57
a20c6fca1545a35f9ecd601cc41f9df7b24f55cfced32d55abe50b46b5842a95
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
ad24df8561b589323813953f7fd01e7aac1253b8570e78c9c2d07ac6488ea0e4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a
b168be397ac36dbca02b07547dad2a928427e765df9b49a931f05db057f3a83c
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
baa52e8ac769d702e14fd1fa5a4363a1fc7e6462115ab6bcdbb317ce0e99da8b
bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c
c12cfa76dad0082769ad735fe5a5b69dcffa3336e9e4cb63bfda895e4fef21a9
c21f71fb93604c39def5a250fac08e1c3be61f22270653ea4ee66e02a02d7a53
c25eb9ef13d4c6fc1509e8f478899f196165bdf32f17acb2163cb329820f1c7d
c4785a51adadef034b8274f06cd3ba259f313f67269f1c8f06bb9ce88ae9137a
c67c77e7757e42a7c7a8e394e3a162dc2ea087d2f09afd7a1e39c3660a86c62b
c77ac0aa1aa3c9715cacb1fc76feaf226e30927a9636e5c75c4dfeb75c0f8f98
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c99e18f340da3013a89d08357f05aa510393fdbfc400c364f85439f6f8bcda9f
c9bbc35341f4aeaffb38d9d1a98b84e59eda553ce1faeaba1410006b90df518d
ca0303dc4a18ac8399d388d476e0d7b5a50b6ab027920a74a8cec3277fc10cf2
cb433915db286304dff4f70aff2e32fc4f539f016b7627977fbc62f36d56c86f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6e8632455597e764c74736941b8859a7458b4de5f2294947a4abdf1662751b
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d636b7c6e03c525b4bb0030d0a9d2908fb6e1e51bfbfc0ea0b25fb7b8da50321
d6b539f42e7e926907f2e9e779591c8e0dc65cc762c22f7d6264f61f05d2c5ce
dc85247b4034d72a283958d72065ec4e1b937a3b3572944b948c5cdd12dd6f67
dfdfd45ff45df936750142130afa1fd5781410a300088470c0b54849e96cac44
dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4202fdaa44bd24962e5cc9943e81f3880c07261b70240417755975eff513bcc
e4747850a5b4d1e9920a61fb7f0e247efaae09920c22cc0f0d86ed70fbf2e10f
e4ee215e9c740c7eb984b200253336cbd8c65695492c9d443f4a6e3e256f870d
e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e
eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d
f1c5cc39ece1de53f6288d53ff3847e660425d77debd81a7ac493903d74926be
f204ab420a5067e50cf449c161ca633301e47849248e691863bae78110990e60
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f3136f4f25c2c5336704288233b9b741679092d0105f7f0003a45b9756e7f52b
f443dae9efcdc4c0cfd4960546a25253059320066ec50a7b27bca4c4f96f1040

rinehartfarm.com Open in urlscan Pro 213.226.126.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

340 Requests

89 %HTTPS

0 %IPv6

32 Domains

63 Subdomains

42 IPs

4 Countries

5000 kBTransfer

15193 kBSize

5 Cookies

15 Outgoing links

Page URL History

Redirected requests

340 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rinehartfarm.com Open in urlscan Pro
213.226.126.234 Public Scan

Screenshot
Live screenshot

Full Image

340
Requests

89 %
HTTPS

0 %
IPv6

32
Domains

63
Subdomains

42
IPs

4
Countries

5000 kB
Transfer

15193 kB
Size

5
Cookies

340 HTTP transactions
6 data transactions