www.wpgxfox28.com Open in urlscan Pro
2606:4700:4400::6812:27f7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rgcbv.com/click?redirect=https://www.wpgxfox28.com/&dID=1666618023517&linkName=https://www.wpgxfox28.com/
Effective URL:
https://www.wpgxfox28.com/
Submission: On October 26 via api (October 26th 2022, 1:23:25 am UTC) from SG — Scanned from DE

Summary HTTP 167 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 31 domains to perform 167 HTTP transactions. The main IP is 2606:4700:4400::6812:27f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wpgxfox28.com.
TLS certificate: Issued by Cloudflare Inc RSA CA-2 on March 2nd 2022. Valid for: a year.

This is the only time www.wpgxfox28.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.1.85.239 52.1.85.239	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:4700:440... 2606:4700:4400::6812:27f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:440... 2606:4700:4400::6812:271c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:440... 2606:4700:4400::6812:2862	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	2606:4700:440... 2606:4700:4400::ac40:948a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::ac40:939e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	52.160.40.218 52.160.40.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:16::b856:fbd6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	20.60.81.107 20.60.81.107	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
10	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.249.253.107 34.249.253.107	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1 1	23.205.253.64 23.205.253.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
167	37

1 52.1.85.239 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-85-239.compute-1.amazonaws.com

rgcbv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::6812:27f7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wpgxfox28.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::6812:271c (United States)

ASN13335 (CLOUDFLARENET, US)

ngw-static.franklyinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::6812:2862 (United States)

ASN13335 (CLOUDFLARENET, US)

ftpcontent.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ftpcontent6.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700:4400::ac40:948a (United States)

ASN13335 (CLOUDFLARENET, US)

wpgx.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stacker.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prsubmitpresslifestyle.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cntsyncont.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:939e (United States)

ASN13335 (CLOUDFLARENET, US)

content.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:16::b856:fbd6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

citysparkstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.253.107 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-253-107.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.253.64 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-253-64.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	worldnow.com ftpcontent.worldnow.com — Cisco Umbrella Rank: 144531 ftpcontent6.worldnow.com wpgx.images.worldnow.com content.worldnow.com — Cisco Umbrella Rank: 162670 stacker.images.worldnow.com prsubmitpresslifestyle.images.worldnow.com cntsyncont.images.worldnow.com	2 MB
23	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 ad.doubleclick.net — Cisco Umbrella Rank: 185	159 KB
16	googlesyndication.com bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	360 KB
15	windows.net citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 28840	1 MB
12	franklyinc.com ngw-static.franklyinc.com — Cisco Umbrella Rank: 158251	1 MB
10	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29898 ad4m.at — Cisco Umbrella Rank: 9937 assets.ad4m.at — Cisco Umbrella Rank: 38774	146 KB
8	wpgxfox28.com www.wpgxfox28.com	145 KB
6	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2668 www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 482 tps.doubleverify.com — Cisco Umbrella Rank: 502 tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9427	109 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	120 KB
3	gstatic.com fonts.gstatic.com	75 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	129 KB
3	cityspark.com cdn.cityspark.com — Cisco Umbrella Rank: 32977 p.cityspark.com — Cisco Umbrella Rank: 22523	30 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 373	952 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2893	794 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4553	650 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 111868 static-de.ad4mat.net — Cisco Umbrella Rank: 149616	4 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	128 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	6 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720	31 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 82942	517 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16153	689 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1500	586 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 841	717 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2865	104 B
1	azureedge.net csp.azureedge.net — Cisco Umbrella Rank: 29972	61 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	29 KB
1	rgcbv.com 1 redirects rgcbv.com — Cisco Umbrella Rank: 414528	626 B
167	31

	Domain	Requested by
16	wpgx.images.worldnow.com	www.wpgxfox28.com wpgx.images.worldnow.com
15	citysparkstorage.blob.core.windows.net	www.wpgxfox28.com
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.wpgxfox28.com
12	cntsyncont.images.worldnow.com	www.wpgxfox28.com
12	ngw-static.franklyinc.com	www.wpgxfox28.com ngw-static.franklyinc.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.wpgxfox28.com tpc.googlesyndication.com
8	www.wpgxfox28.com	www.wpgxfox28.com ngw-static.franklyinc.com
7	cm.g.doubleclick.net	bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com www.wpgxfox28.com
6	pagead2.googlesyndication.com	www.wpgxfox28.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	ftpcontent.worldnow.com	www.wpgxfox28.com content.worldnow.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.wpgxfox28.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	www.wpgxfox28.com as.ad4m.at ad4m.at
4	stacker.images.worldnow.com	www.wpgxfox28.com
3	www.google.com	securepubads.g.doubleclick.net www.wpgxfox28.com tpc.googlesyndication.com
3	www.googletagservices.com	content.worldnow.com securepubads.g.doubleclick.net www.wpgxfox28.com
3	fonts.gstatic.com	fonts.googleapis.com
3	content.worldnow.com	wpgx.images.worldnow.com
2	ad.doubleclick.net	2 redirects
2	assets.ad4m.at	as.ad4m.at
2	eb2.3lift.com	2 redirects
2	match.360yield.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	d5p.de17a.com	2 redirects
2	cdn.doubleverify.com	securepubads.g.doubleclick.net www.wpgxfox28.com
2	bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	prsubmitpresslifestyle.images.worldnow.com	www.wpgxfox28.com
2	p.cityspark.com	cdn.cityspark.com
2	fonts.googleapis.com	ftpcontent.worldnow.com client
2	www.googletagmanager.com	www.wpgxfox28.com
2	cdnjs.cloudflare.com	www.wpgxfox28.com cdn.cityspark.com
2	maxcdn.bootstrapcdn.com	www.wpgxfox28.com
1	tpsc-eu3.doubleverify.com	cdn.doubleverify.com
1	banner.congstar.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	dsp.adfarm1.adition.com	1 redirects
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com
1	prod-rtb.ad4mat.net	www.wpgxfox28.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	csp.azureedge.net	cdn.cityspark.com
1	region1.google-analytics.com	www.googletagmanager.com
1	imasdk.googleapis.com	content.worldnow.com
1	cdn.cityspark.com	www.wpgxfox28.com
1	code.jquery.com	www.wpgxfox28.com
1	ftpcontent6.worldnow.com	www.wpgxfox28.com
1	rgcbv.com	1 redirects
167	51

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
wpgxfox28.com
portal.cityspark.com
www.grittv.com
publicfiles.fcc.gov
www.aboutads.info
www.franklymedia.com

Subject Issuer	Validity	Valid
www.wpgxfox28.com Cloudflare Inc RSA CA-2	`2022-03-02` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
images.worldnow.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.cityspark.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-08` - `2023-03-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 01	`2022-08-18` - `2023-08-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.wpgxfox28.com/
Frame ID: 0C0AC7EF1A4652333C955B03976E88F3
Requests: 122 HTTP requests in this frame

Frame: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3F46DDCF96F2D1B3C96E4C384BCF6203
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2XEz3RpdJBsN9C7tuIZgRPKxn_N8lr1Q9F_xfr35TJJNVLO6qn5d1iKC9MMUskBeVu9JS0cJdVkPc4TNiDslk2TIfiG0pp70SYBoFNlFMaKQNLCheVAP3wFJddkTGG15sxFgVbdIcUgxAVszJhW_6aw14XGhJ1nkA_5di7ZuzypB_tfPkgF_AeRAYYxTBDOD0XvE3dkmFCJjX9pQzea2Rq_QsuJeJIzb7iQ61z1NWj1s5HCb-zaUo4qZqd5Hr9Xm5Q5Sfwt_ckW2COF6bMqKZ2DJIear7uxhOw4BK9yzYJTF36q_j9Ipw9LSd_ZaX3VX6HYylVjLxuJd2nwvbgDKlO_tQT8htsiMLc9V2KCXN2VPE&sai=AMfl-YQJCJRK-8nR6JgByWwMSuAfgWawCzBFqIKGDm5V6qKQ6Dxdaofyzz8JftZ2bEeaakIVMCkP7LRLoeIVsY4ZTITbPFmuvPuOi3kYF7XvVFIPAp4ouyaaU0xz8n6tsd9HCI0wNg&sig=Cg0ArKJSzDD3A7Mw3an1EAE&uach_m=[UACH]&adurl=
Frame ID: BFD305554ADC8BA52C0FB0F5EAF598DE
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: DD1940F18596B077BDCACABBA595D80B
Requests: 3 HTTP requests in this frame

Frame: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2160D1B0124290E14C0FC6D718AA93E0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CytRSBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSJAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4wpKAF8VFjap5qV-Vd2G0swjKcR6mThehPe05TslFsXGeE2ouuDVLgBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAzgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTYwNDIzNzM5NTEyMzc1MDIYr_oW&sigh=rcWcQ2AI4W0&uach_m=[UACH]&cid=CAQSPADq26N9J9FS6bt75Xcx1eFby6kXEUHMzIQZUlEDwU57gLIiyAUPjkV6thkz8HKh5ZW7G01zDRjTmtQkrBgBIBM
Frame ID: 26D8A26159ABEA40F8AFE18B237EE74C
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h1m6ezzd0by2sqj4s1aw5f9vg2d2xqgn3b3ykxtnk74kptvkaywcc2ex57wmgmgbg46091g9jfw6c0mm4ctwqtphzs5rf3ky7zdpgptjtdtbfd2054zed8zvs13nz7aabq27gppd7wzyqf950edfbkwmkxfft99cysm2882sf1rz2ghs6y0vers06164xsy13h6ecrebm4x45d4fn6wpm0hf7wdgfe3hqeb3v0571zah1e7sgnf75bstjfgrhxkv1htn2teah6n7hxrk82nq3xqvjve7z3yz2jqx090v6wcaw1tzzxcbwdpc2sh3sh7fg042pdfgdpavp4ydmkdvb70jwf95yngvbgc665ctnk2jfx6myqf3bjkhz0rm6jvx4x2tc9xvvvsbfhtxeyxhzfsm76ef5ya2xzvshcy8xqe3s2m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%26client%3Dca-pub-6042373951237502%26adurl%3D
Frame ID: 5BD3C17FE2E534932EB3F77C089BBFAA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 220AF5A82C4A149BBDA51C9D947D6558
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B04EBEBF6125B6E36C0717664580F983
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=186460&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA&c=300&d=50&e=&g=776dfcdc8435cc70e63ecd1214a33699%2F85122125910442867&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666747399349&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpb2hc5hgysysvamx5bnhpvqr487thn95xenq80r3r5gtvtb8gmn8a7ssw59jbmgfsr456ztx8sedpqp5bmq0bqgazc867bt3fw0s41h294nevy035mgj37q0q7jcsfs3zwj8ebj5ec9p43yrwfv56q0p5ds63ktczcybvj7rkx2khe5d0agpjv96gdtk3tvp9g626vf4w4shdcf9e7kdn6yxhzb42hadjpr8vqw7tp33wmv5vtjrxknz7q5s4mz4azdge4p3bdvwngdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Frame ID: 849026B05127AD1F9631F77D144534E6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E2566E06C9B992EC490A8FCE33C3B235
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F872FFE885A61AB1C6932EC37D875B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - WPGX-Fox28 - WPGX - Fox28Arrow LeftArrow Right

Page URL History Show full URLs

https://rgcbv.com/click?redirect=https://www.wpgxfox28.com/&dID=1666618023517&linkName=https:/... HTTP 301
https://www.wpgxfox28.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

167
Requests

96 %
HTTPS

69 %
IPv6

31
Domains

51
Subdomains

37
IPs

8
Countries

6002 kB
Transfer

14587 kB
Size

26
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/FOX28WPGX/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/explore/locations/140037995/fox28-wpgx/

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/JOSEY-SCOTT-THE-ORIGINAL-VOICE-OF-SALIVA/10988671/2022-11-05T18
Title: Sat, Nov 05 @6:30pm SponsoredJosey Scott - The Original Voice of SalivaClub LA Destin, FL48.7 mi

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/NIGHTRAIN-THE-GUNS-N-ROSES-EXPERIENCE/10829564/2022-11-11T20
Title: Fri, Nov 11 @8:00pm SponsoredNIGHTRAIN - The Guns N' Roses ExperienceClub LA Destin, FL48.7 mi

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/DEPARTURE-A-JOURNEY-TRIBUTE/10862683/2022-11-12T20
Title: Sat, Nov 12 @8:00pm SponsoredDeparture: A Journey TributeClub LA Destin, FL48.7 mi

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/WEEKLY-501-DART-TOURNAMENT/9765993/2022-10-26T19
Title: Wed, Oct 26 @7:00pmWeekly 501 Dart TournamentLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/EARLY-EDUCATION-CARE-PARENTS-SOCIAL-PROGRAM/10653042/2022-10-26T09
Title: Wed, Oct 26 @9:00amEarly Education & Care Parent's Social ProgramOakland Terrace Clubhouse

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/ASYLUM-POSTERS-BY-ERIN-WRIGHT/10914059/2022-10-26T10
Title: Wed, Oct 26 @10:00amAsylum - Posters by Erin WrightGulf Coast State College

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/ST-ANDREW-HISTORIC-WALKING-TOURS/11001987/2022-10-26T14
Title: Wed, Oct 26 @2:30pmST. ANDREW HISTORIC WALKING TOURSPANAMA CITY PUBLISHING MUSEUM

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/TROY-UNIVERSITY-VIRTUAL-WORLDWIDE-OPEN-HOUSE/11002233/2022-10-26T00
Title: Wed, Oct 26 @12:00amTroy University Virtual Worldwide Open HouseTroy University

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SUDDUTH-PARK-RIBBON-CUTTING-CEREMONY/11037893/2022-10-26T09
Title: Wed, Oct 26 @9:00amSudduth Park Ribbon Cutting CeremonySudduth Ball Field

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/PAINT-NIGHT-850-AT-SMASHED-WINE-BAR/11048228/2022-10-26T18
Title: Wed, Oct 26 @6:00pmPaint Night 850 at Smashed Wine BarSmashed Wine Bar

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/FREE-CLASS-LINE-DANCING/10954835/2022-10-27T18
Title: Thu, Oct 27 @6:30pmFree Class: Line DancingDaffin Clubhouse

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SENIOR-SIP-PAINT/11037901/2022-10-27T10
Title: Thu, Oct 27 @10:00amSenior Sip & PaintOakland Terrace Clubhouse

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SEXUAL-ASSAULT-AWARENESS/10794434/2022-10-27T12
Title: Thu, Oct 27 @12:30pmSexual Assault AwarenessGulf Coast State College

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/KARAOKE-WITH-DJ-NATALIE/10373268/2022-10-28T21
Title: Fri, Oct 28 @9:00pmKaraoke with DJ NatalieLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/HOUSE-OF-TERROR-3-HALLOWEEN-HAUNT-NIGHT/10908375/2022-10-28T00
Title: Fri, Oct 28 House of Terror 3 - Halloween Haunt NightPanama City Beach, FL

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/FAMILY-MOVIE-NIGHT/10743106/2022-10-28T19
Title: Fri, Oct 28 @7:00pmFamily Movie NightMcKenzie Park

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/BILLY-DEAN/10456920/2022-10-28T18
Title: Fri, Oct 28 @6:00pmBilly DeanPapa Joes

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/HYATT-PLACE-PCB-MARTIN-LANE/10900833/2022-10-28T18
Title: Fri, Oct 28 @6:00pmHyatt Place - PCB - Martin LaneHyatt Place Panama City Beach / Beachfront

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/TODD-HERENDEEN-TRIBUTE-TO-THE-LEGENDS-SHOW/10214922/2022-10-29T17
Title: Sat, Oct 29 @5:30pmTodd Herendeen Tribute to the Legends ShowTodd Herendeen Theatre

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/STICKY-TEA/10032512/2022-10-29T18
Title: Sat, Oct 29 @6:00pmSticky TeaPapa Joes

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SUNDAY-POOL-TOURNAMENT/10203554/2022-10-30T16
Title: Sun, Oct 30 @4:00pmSunday Pool TournamentLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/THAI-TASTE-FOOD-TRUCK/10528767/2022-10-30T13
Title: Sun, Oct 30 @1:00pmThai taste food truckLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/GUIDED-NATURE-HIKE/10700248/2022-11-03T10
Title: Thu, Nov 03 @10:00amGuided Nature HikeCamp Helen State Park

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/
Title: See All Events

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/wpgx
Title: Add Your Event

Search URL Search Domain Scan URL

URL: https://www.grittv.com/

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/f4b156ea-c928-f9a6-ba22-df643d46b5e0/f87646e8-978d-4c35-86b4-bd31e4ee10ca.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WPGX
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.franklymedia.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rgcbv.com/click?redirect=https://www.wpgxfox28.com/&dID=1666618023517&linkName=https://www.wpgxfox28.com/ HTTP 301
https://www.wpgxfox28.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129

https://um.simpli.fi/gp_match?google_gid=CAESEDycYJB6qiDqjp1sbq25G_s&google_cver=1&google_push=AZmPxg8EXrFopyjOrjKiU2hLzz5rsdZ6amHMdzL8G9o0i3JE0xIrs6yR6es5gnhWFXjZqmJ03ij3ZGYgVUSW_9pRCUlBxUJ3jrPNqw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB0BA8D7FB76403EAC33ADE24B1C808A&google_push=AZmPxg8EXrFopyjOrjKiU2hLzz5rsdZ6amHMdzL8G9o0i3JE0xIrs6yR6es5gnhWFXjZqmJ03ij3ZGYgVUSW_9pRCUlBxUJ3jrPNqw

Request Chain 130

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFG7_FYvOuBO2blP_Thu2cs&google_cver=1&google_push=AZmPxg9mOV3UXuIpnZgJa9u84WQ3w1Je_FKM_pflG_U-V6nD0Pnya1gBUwer3EtoJCV_3_RGzgC015EpbcTvv_7KPSfFr5lNqJNi1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1ODYyNTU2OTQwMjI1NTUwMw%3D%3D&google_push=AZmPxg9mOV3UXuIpnZgJa9u84WQ3w1Je_FKM_pflG_U-V6nD0Pnya1gBUwer3EtoJCV_3_RGzgC015EpbcTvv_7KPSfFr5lNqJNi1g

Request Chain 131

https://d5p.de17a.com/cookies/google?google_gid=CAESEBlGPBnFbPPUkX0oJIlWe_g&google_cver=1&google_push=AZmPxg8DVnD0_DoAoLKAUUUCde9L_OP7gM7gBsDYV63ZRIZWBvsu_mvY9QVocWLzlTi5UtfrXd7Sse0SZ5xwXSoOLe1k355DiERzgQ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBlGPBnFbPPUkX0oJIlWe_g&google_cver=1&google_push=AZmPxg8DVnD0_DoAoLKAUUUCde9L_OP7gM7gBsDYV63ZRIZWBvsu_mvY9QVocWLzlTi5UtfrXd7Sse0SZ5xwXSoOLe1k355DiERzgQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8DVnD0_DoAoLKAUUUCde9L_OP7gM7gBsDYV63ZRIZWBvsu_mvY9QVocWLzlTi5UtfrXd7Sse0SZ5xwXSoOLe1k355DiERzgQ

Request Chain 132

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKcyCmZQ6zoTC488BV7ABVw&google_cver=1&google_push=AZmPxg-AmXZaDb6Cp0R75Gyki1DAgf2Qt8AFBAKtLcMJjrToOBwI57YXaw729o4SQ5SH9FyjlkKc3qduIakkIBn0x_xXSAHDnhXq HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKcyCmZQ6zoTC488BV7ABVw&google_push=AZmPxg-AmXZaDb6Cp0R75Gyki1DAgf2Qt8AFBAKtLcMJjrToOBwI57YXaw729o4SQ5SH9FyjlkKc3qduIakkIBn0x_xXSAHDnhXq&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcyCmZQ6zoTC488BV7ABVw&google_hm=Y1iMByMrMWt_dztc19ePhgAABH8AAAIB&google_nid=index&google_push=AZmPxg-AmXZaDb6Cp0R75Gyki1DAgf2Qt8AFBAKtLcMJjrToOBwI57YXaw729o4SQ5SH9FyjlkKc3qduIakkIBn0x_xXSAHDnhXq

Request Chain 133

https://match.360yield.com/match/ebda?google_gid=CAESEM3KrQRShr9oQ9qnOmDMkmY&google_cver=1&google_push=AZmPxg9m8nENMpfjKnh9NE-zn-9-RfS5BUhLT8YGlJ5_HfZ3R2qRBuB7Z4UAT0yUi3GVhRHuKMmg5X44zveEoz8ouq63sk-AzqQDqA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEM3KrQRShr9oQ9qnOmDMkmY&google_cver=1&google_push=AZmPxg9m8nENMpfjKnh9NE-zn-9-RfS5BUhLT8YGlJ5_HfZ3R2qRBuB7Z4UAT0yUi3GVhRHuKMmg5X44zveEoz8ouq63sk-AzqQDqA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=5ovp9BmzQuacE_M4FqpsUQ&google_push=AZmPxg9m8nENMpfjKnh9NE-zn-9-RfS5BUhLT8YGlJ5_HfZ3R2qRBuB7Z4UAT0yUi3GVhRHuKMmg5X44zveEoz8ouq63sk-AzqQDqA

Request Chain 134

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPjqRt9-mtqMOc5ID3V4BNI&google_cver=1&google_push=AZmPxg98-20ziyFBXBsAavYhl-lBgCSyBc-2I-sHHQe-2Iw071EwfwykdIN7Z8cHmCUYhoNNWH8IA4bXPj3yZgbt-hpQWIBWLfeliw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg98-20ziyFBXBsAavYhl-lBgCSyBc-2I-sHHQe-2Iw071EwfwykdIN7Z8cHmCUYhoNNWH8IA4bXPj3yZgbt-hpQWIBWLfeliw&google_gid=CAESEPjqRt9-mtqMOc5ID3V4BNI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzUyMzA2Njg2Mzk4NTY3OTMyNTc3&google_push=AZmPxg98-20ziyFBXBsAavYhl-lBgCSyBc-2I-sHHQe-2Iw071EwfwykdIN7Z8cHmCUYhoNNWH8IA4bXPj3yZgbt-hpQWIBWLfeliw

Request Chain 144

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CIuAtfXd_PoCFUrBuwgdLA8LLw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1666747399_c661c070-54cc-11ed-9f2f-2266c0ccb091

167 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.wpgxfox28.com/
Redirect Chain

https://rgcbv.com/click?redirect=https://www.wpgxfox28.com/&dID=1666618023517&linkName=https://www.wpgxfox28.com/
https://www.wpgxfox28.com/

1 MB
134 KB

228ms
141ms

Document
text/html

2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d6faad5938d180e05d24318e2556daf0e0dd35273b3e991daaad7265478969a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=120
cf-cache-status: HIT
cf-ray: 75ff62bcfa239bfb-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 01:23:16 GMT
expires: Wed, 26 Oct 2022 01:25:16 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-response-time: 96ms
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, XMLHttpRequest, x-csrf-token
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 26 Oct 2022 01:23:16 GMT
Location: https://www.wpgxfox28.com/
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.3.15
X-XSS-Protection: 1; mode=block
expires: -1
pragma: no-cache

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 68ms
25ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 21034508
cdn-cachedat: 02/17/2022 20:27:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f624089c65f12185e79925bc5a7fc42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 441a5c346e6138207e493340368ec0b9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75ff62be3b319b4b-FRA
cdn-requestpullsuccess: True

GET
H2 200 app-880153a8c78c9ac87b50.css
ngw-static.franklyinc.com/assets/10763/ 306 KB
49 KB 198ms
30ms Stylesheet
text/css 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 572A5GENXQFR4J4N
age: 2509
etag: W/"e58a5be0290fe66e326bf427d75c83fe"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff62befccc68fb-FRA
x-amz-id-2: HrhZdW0xvFnyvhu6q1GyiCPuk15P5ZaNDq8XVFTmM5YyZMvd9hmgt3UAim6/2tkvz8w3xVwI/hw=
expires: Thu, 26 Oct 2023 01:23:16 GMT

GET
H2 200 custom-global-breaking-template.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 6 KB
2 KB 195ms
28ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/custom-global-breaking-template.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 13:40:44 GMT
server: cloudflare
x-amz-request-id: 4PRKD2KRDC45M7R2
age: 59
etag: W/"4b357b45b8d5b6f57aefc58b78723684"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff62bef9ca5c62-FRA
x-amz-id-2: XUxX7mfJIzaym+hW1DIFoiBqQ3n7kWIDW6t7YSN68jbrfYWyVpcTKACPoX2snBUwUkmvfEJD+lk=
expires: Wed, 26 Oct 2022 01:28:16 GMT

GET
H2 200 logo.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 3 KB
1 KB 194ms
27ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 19:27:28 GMT
server: cloudflare
x-amz-request-id: TYKE0GJREMYR9VHS
age: 59
etag: W/"498e7c8c50bbb38d5b281f7ad6edd08c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff62bef9cd5c62-FRA
x-amz-id-2: CDEy7a5l9Z/DXGsunJHvvlYYTeMu6SNm9GMRAbpBPlvpcrJcwMbXmUB6JDa/hSEYJ4lymzdIDvw=
expires: Wed, 26 Oct 2022 01:28:16 GMT

GET
H2 403 Derrick.css
ftpcontent6.worldnow.com/wrde/ 0
0 188ms
21ms Stylesheet
text/html 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 wrde_ngw.css
ftpcontent.worldnow.com/professionalservices/clients/wrde/ 5 KB
2 KB 210ms
43ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/clients/wrde/wrde_ngw.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Jul 2020 14:00:46 GMT
server: cloudflare
x-amz-request-id: JQ60H0VPB4SZ8D12
age: 59
etag: W/"8d5d25c637f71dec04c5a416682b6a1a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff62bef9ce5c62-FRA
x-amz-id-2: dyIrnrtPEedvaM1zfAsG0X1a/6kyM38FRj2qWSGDhcE+i4whg/yVLoZ4Ktead+GZRWmZUozxpl8=
expires: Wed, 26 Oct 2022 01:28:16 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 189ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:16 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e55"
vary: Accept-Encoding
x-hw: 1666747396.dop051.fr8.t,1666747396.cds276.fr8.hn,1666747396.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 72ms
30ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 25258909
cdn-cachedat: 11/05/2021 16:36:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bfa40aed2fbee600eecd4f43bc8c0656
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75ff62be3b349b4b-FRA
cdn-requestpullsuccess: True

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/ 13 KB
5 KB 56ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/iframeResizer.contentWindow.min.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1544895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4430
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-349a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ff62c0ff4f913a-FRA
expires: Mon, 16 Oct 2023 01:23:17 GMT

GET
H2 200 WNVideo.js Show response
wpgx.images.worldnow.com/interface/js/ 2 KB
1 KB 212ms
46ms Script
application/javascript 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 607fb035cd784740222458bcb31a47cdc7a2031cd8029d7c827d34ca92cc45c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Jan 2020 11:52:00 GMT
server: cloudflare
age: 19
x-amz-request-id: 6Z0M743FJBKRVE4F
etag: W/"de080488d59236a814a1bdb6ac4fa03e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ff62befe235caa-FRA
x-amz-id-2: umh2XmKslCChUo0GGB3QGLOHHhzitIyUPSH6jwM/Gxu2bOAKxeYC0VixQpm2dniCJoolJaCsar0=
expires: Wed, 26 Oct 2022 05:23:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 73ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L9W7PFFC9X

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

299cb162a3fb6c1db80bcfff3ccadde34e9e50d2ae13025c1917f62b1ca05e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Oct 2022 01:23:17 GMT

GET
H2 200 19479465_G.png
wpgx.images.worldnow.com/images/ 302 B
487 B 34ms
32ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479465_G.png

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 302
cf-resized: internal=ok/h q=0 n=6 c=1 v=2022.9.7 l=302
last-modified: Tue, 09 Jun 2020 17:04:02 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfudRiID9HZPpqAadNHuqGmA:914cc4da7fcd377c33ea25b5d22256d5"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c239db5caa-FRA

GET
H2 200 19479460_G.jpeg
wpgx.images.worldnow.com/images/ 11 KB
11 KB 32ms
30ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479460_G.jpeg

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e49738dac457f1c0b1b906c96da239b5b2361e4318a31b401487ac1dd89077

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 11269
cf-resized: internal=ok/h q=0 n=6 c=0+19 v=2022.10.3 l=11269
last-modified: Tue, 09 Jun 2020 17:58:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf7tgFhPuSNiUXYpyHvrpWpw:e94adaf046579cda47b24541deb31cbe"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c239dc5caa-FRA

GET
H2 200 19479467_G.png
wpgx.images.worldnow.com/images/ 6 KB
6 KB 33ms
31ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479467_G.png

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7584acdcb0fd7e3be17c0558206be07649635809195eb398eb82d656521deb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5742
cf-resized: internal=ok/h q=0 n=15 c=0+8 v=2022.10.3 l=5742
last-modified: Tue, 09 Jun 2020 17:12:34 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfWVhWyVmVBPe5A455fSQTtQ:ede722c2a1893f8f3917828a7cbcd94a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c239dd5caa-FRA

GET
H2 200 email-decode.min.js Show response
www.wpgxfox28.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 23ms
22ms Script
application/javascript 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Oct 2022 15:26:52 GMT
server: cloudflare
etag: W/"634ec5bc-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 75ff62bf7ce79bfb-FRA
expires: Fri, 28 Oct 2022 01:23:17 GMT

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 129ms
25ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC27) /
Resource Hash: 948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
content-md5: DgH26NwpVpUJ7mY3mCxUbA==
age: 351646
x-cache: HIT
content-length: 919
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 14:25:32 GMT
server: ECAcc (amc/BC27)
etag: "0x8D7F2927FD84964+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 25fcdf5c-701e-00d7-3ea6-e5a938000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14

GET
H2 200 app-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 4 MB
1 MB 35ms
35ms Script
application/javascript 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
x-amz-request-id: NPNVAF57W19CE3VX
age: 2510
etag: W/"44626e575a5558bfc9f91d067b4272e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff62bf9d6a68fb-FRA
x-amz-id-2: GPmy52xBLNc09P/6QbqKKS2mRr6A2rcouTt7G1KG3JA7JA1+8M/8Nc3Y75GNljI3puO9JxKi+i4=
expires: Thu, 26 Oct 2023 01:23:17 GMT

GET
H2 200 ccpa.js Show response
ftpcontent.worldnow.com/professionalservices/globalcss/ 1 KB
784 B 32ms
32ms Script
application/javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/ccpa.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 18:52:15 GMT
server: cloudflare
x-amz-request-id: 198R75XT5JT33DRC
age: 20
etag: W/"0ee412381eea4aba59e8a80ef1b33cb2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 75ff62bfaa515c62-FRA
x-amz-id-2: /iQgidryOrvVtJjI1/Swx+9OVfdjTD6O3nFF+grD/z8uLm9pdQrhvehg2aa3qFFYAJ48MMoBvTQ=
expires: Wed, 26 Oct 2022 01:28:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 75ms
30ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ftpcontent.worldnow.com
URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ftpcontent.worldnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 23:39:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 01:23:17 GMT

GET
H2 200 off-platform.min.css
content.worldnow.com/global/css/_pub/ 89 KB
27 KB 97ms
33ms Stylesheet
text/css 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/css/_pub/off-platform.min.css?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM02
server: cloudflare
age: 44185
etag: "0297a4baad2d81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c01cfc6977-FRA
content-length: 27881
expires: Wed, 26 Oct 2022 05:23:17 GMT

GET
H2 200 wpgx.config.js Show response
content.worldnow.com/global/js/_pub/ 12 KB
4 KB 124ms
61ms Script
application/x-javascript 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/wpgx.config.js?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 16:12:54 GMT
wn: IISCOM01
server: cloudflare
age: 44228
etag: W/"0c7fc894caad71:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ff62c01cfe6977-FRA
expires: Wed, 26 Oct 2022 05:23:17 GMT

GET
H2 200 wnaffiliateconfig.js Show response
wpgx.images.worldnow.com/interface/js/ 39 KB
7 KB 41ms
41ms Script
application/x-javascript 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wpgx.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 784cf734171b1a5c9adb298caeeaf3a4f254e6811a9ee3d52489604e4c8e9222

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 14:36:50 GMT
server: cloudflare
age: 20
x-amz-request-id: MZXXSV9FYZMPSHR5
etag: W/"f9ddd498d435ef391a37dc11d1773590"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ff62bfbfd75caa-FRA
x-amz-id-2: Gt+2DFw2jIEMoT6aLWThPTmejaNVVYjzQoOjJx8SJarJ1FuwYlnefJ5UOBstZG5TdyFxRN+NHtg=
expires: Wed, 26 Oct 2022 05:23:17 GMT

GET
H2 200 off-platform.min.js Show response
content.worldnow.com/global/js/_pub/ 2 MB
474 KB 107ms
44ms Script
application/x-javascript 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM01
server: cloudflare
age: 44120
etag: W/"0297a4baad2d81:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ff62c01d006977-FRA
expires: Wed, 26 Oct 2022 05:23:17 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 380 KB
127 KB 81ms
24ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129663
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:23:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
53 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec25e446c06cec80c5406b4e62ddc1173f1b8496397ee986a254e5e5642b15eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53809
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:11:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 01:23:17 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 2iO5YNY.woff2
ngw-static.franklyinc.com/assets/10763/ 75 KB
76 KB 257ms
222ms Font
font/woff2 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/2iO5YNY.woff2
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
cf-cache-status: HIT
x-amz-request-id: 3GXW8ZQ0HCX2HK2S
content-length: 77160
x-amz-id-2: +jVrh9aSLCHmom4KfWNG34zPkvqUfJO6MQpyNb2jId5yBsKNS98v4gk70EuB0w2IMklCfjwYK+M=
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff62c27d5f9213-FRA
expires: Thu, 26 Oct 2023 01:23:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 56ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 117505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 59ms
21ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:03:58 GMT
x-content-type-options: nosniff
age: 15559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 21:03:58 GMT

GET
H2 200 3A8MZF4.png
ngw-static.franklyinc.com/assets/10763/ 145 B
352 B 28ms
27ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3A8MZF4.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
cf-cache-status: HIT
x-amz-request-id: SMJSVR4RNS8H0Y5Z
age: 4
content-length: 145
x-amz-id-2: nrdiUQKjiI/m6xgi0byjhFERBUFz8hdDNT0b8VQQj7DR3ud5hupF59nW8tOmoAgFOJEpQRd0ppc=
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
etag: "3a5fb08143e931aded1e59fa39c3d8ca"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff62c2581c68fb-FRA
expires: Thu, 26 Oct 2023 01:23:17 GMT

GET
H2 200 3sX1XaI.png
ngw-static.franklyinc.com/assets/10763/ 302 B
473 B 28ms
28ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3sX1XaI.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
cf-cache-status: HIT
x-amz-request-id: WG6XQYE6RSV04GDA
age: 4
content-length: 302
x-amz-id-2: Y+oowV0pZeOgXsyu5xjsQMs/ZIk2RHl6k5hr9APX2ByPGt72xZkBQPGgBNFh/o4WBgUZnDTkGmM=
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
etag: "21eed4c20a1e748a1637cf53696520c2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff62c2581f68fb-FRA
expires: Thu, 26 Oct 2023 01:23:17 GMT

GET
H2 200 4-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 145 B
318 B 27ms
27ms Script
application/javascript 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/4-a708c222c663fd6ca8a3.js
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 2X6WG17SSX6D2GMY
age: 1691
etag: W/"c0729cee8a75fb948963d73ab873a79b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff62c399c668fb-FRA
x-amz-id-2: cv8YcQUVQ4w5EHXKYtIucydRREmd2zr1XZwp9IDhl9kI+WFKiJFdHB/94OVYt6h2yV2SAk1dyb0=
expires: Thu, 26 Oct 2023 01:23:17 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 63ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ff59ff6b3c6226cb21ae31fc508b7e1916f3037f44f485d895b30def5e92b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27324
x-xss-protection: 0
server: sffe
etag: "1374 / 197 of 1000 / last-modified: 1666735775"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Oct 2022 01:23:17 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 61ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L9W7PFFC9X&gtm=2oeao0&_p=1499452031&cid=2143928551.1666747398&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666747397&sct=1&seg=0&dl=https%3A%2F%2Fwww.wpgxfox28.com%2F&dt=WPGX%20-%20Fox28&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L9W7PFFC9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:23:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 47 KB
14 KB 544ms
176ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9921&callback=jsonp1666747971596
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 66a996171ae9eb153040fb9bfaae96ec6f14b16d72d4390d95adbea8c31b4931

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:23:17 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 videojs.ima.1.5.1-3.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 85 KB
17 KB 44ms
43ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/videojs.ima.1.5.1-3.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:17 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: NZRM4483RH69D0GG
age: 59
x-amz-id-2: K1KNONMHA6wmypKnO+cPJlWAei5WVCId/wdzgtGXujgCDWfhJlFMWgjWdRRx/Slmxkj/odg2mrU=
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
etag: W/"8adaa86214cf79d9c87e21aed1384592"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ff62c429885c62-FRA
expires: Wed, 26 Oct 2022 01:28:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
15ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 01:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1279
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 03:01:58 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/routes[0].body[1].cols[1].components[0],/ 56 KB
7 KB 146ms
146ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/routes[0].body[1].cols[1].components[0],/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1858a131216bb91b3cdafb167295cf5b555eb4f2e2cfcffdbdd0ee47f5878b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 6617
x-xss-protection: 1; mode=block
x-response-time: 106ms
server: cloudflare
etag: W/"e178-1bVNaSYw/paFFHzUoYZUsg5Go1E"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff62c5bc7e9bfb-FRA
expires: Wed, 26 Oct 2022 01:26:18 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/ 854 B
567 B 160ms
159ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734c0ba074ffcf4bd3e7d10f27abf07bd4ed00b8c9d2c245cf1420df1dbfbad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 465
x-xss-protection: 1; mode=block
x-response-time: 88ms
server: cloudflare
etag: W/"356-pnfte0XxREDP0KJs1SUXDyg/NFM"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff62c5cca09bfb-FRA
expires: Wed, 26 Oct 2022 01:26:18 GMT

GET
H2 200 19469665_G.jpg
wpgx.images.worldnow.com/images/ 10 KB
10 KB 133ms
131ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19469665_G.jpg?auto=webp&disable=upscale&dpr=2&height=70&fit=bounds

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

180f707c73f1687a2da87466d7497c011fceaec6bca87a884eb9077e1b63465f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 10057
cf-resized: internal=ok/h q=0 n=22 c=2+26 v=2022.10.4 l=10057
last-modified: Fri, 05 Jun 2020 14:05:01 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfQZeLdB42AVWBONlySX7VpQ:ac14a8ca3f744097b2c95d8b4513b4d4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c5df295caa-FRA

GET
H2 200 19479410_G.png
wpgx.images.worldnow.com/images/ 452 KB
453 KB 33ms
31ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479410_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

865d512b0631d33b932cc8a563cb738bcddab918ef1d66057bbbab948e7e33fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 463273
cf-resized: internal=ok/h q=0 n=21 c=161 v=2022.5.3 l=463273
last-modified: Tue, 09 Jun 2020 16:42:17 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf2B3sDozGfvrPwxk9ZvyS0w:7abf5cdf363221b3d278ec7ee87b4195"
vary: Accept, Accept-Encoding
warning: cf-images 299 "Format 'auto' ignored"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c5ef2c5caa-FRA

GET
H2 200 23544118_G.jpg
stacker.images.worldnow.com/images/ 5 KB
5 KB 64ms
43ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23544118_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666638602000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 4757
cf-resized: internal=ok/m q=0 n=89 c=3+15 v=2022.10.4 l=4757
last-modified: Mon, 24 Oct 2022 23:10:03 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf0cukACYdowFpMf7eFJKr2w:cbdc4aa9bf6c123a6f765b53e3b21bf4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c5ff475caa-FRA

GET
H2 200 23535717_G.png
stacker.images.worldnow.com/images/ 16 KB
17 KB 65ms
44ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23535717_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666366693000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16557
cf-resized: internal=ok/h q=0 n=41 c=68+86 v=2022.10.4 l=16557
last-modified: Fri, 21 Oct 2022 19:38:14 GMT
cf-bgj: imgq:93,h2pri
server: cloudflare
etag: "cfSrOfD8OJYofZplFf9qNJog:93fa08b38e1552714c8aceab6fb55489"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c60f485caa-FRA

GET
H2 200 23521831_G.png
prsubmitpresslifestyle.images.worldnow.com/images/ 5 KB
6 KB 49ms
37ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prsubmitpresslifestyle.images.worldnow.com/images/23521831_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666184022000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a975ed5a70fb131883fd1ec66ed577c5e07b8e2cd14bdc540d4abc7ab879019e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5526
cf-resized: internal=ok/h q=0 n=16 c=20+43 v=2022.10.4 l=5526
last-modified: Wed, 19 Oct 2022 16:53:43 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfon1frnZmrn7l6OAn0CT9bA:168ac186cdf747f0126f0f3cb5ab5c5a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c5ff395caa-FRA

GET
H2 200 23544648_G.png
cntsyncont.images.worldnow.com/images/ 17 KB
17 KB 48ms
37ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23544648_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666665299000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 17435
cf-resized: internal=ok/r q=0 n=58 c=9+37 v=2022.10.4 l=17435
last-modified: Tue, 25 Oct 2022 06:35:01 GMT
cf-bgj: imgq:95,h2pri
server: cloudflare
etag: "cfmlSA0QMXQQ-5qNtfkg2BPw:c6d3858b98ebb0ee4ac9425ba2679d78"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c5ff355caa-FRA

GET
H2 200 23536586_G.jpg
cntsyncont.images.worldnow.com/images/ 5 KB
5 KB 48ms
37ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536586_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398869000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5303
cf-resized: internal=ok/h q=0 n=7 c=8+16 v=2022.10.4 l=5303
last-modified: Sat, 22 Oct 2022 04:34:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf2LFFhWyHgJ5snIxwnE3UbA:7ac48e8abecaa038cf18299156ee229f"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c5ff385caa-FRA

GET
H2 200 23523184_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
6 KB 64ms
53ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23523184_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666222385000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5835
cf-resized: internal=ok/h q=0 n=24 c=8+14 v=2022.10.4 l=5835
last-modified: Thu, 20 Oct 2022 03:33:06 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ9BPHPHgNrAsWnWX4LWOng:b2c2c149e547d11af91a460af1bf2d50"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c5ff375caa-FRA

GET
H2 200 19479532_G.jpg
wpgx.images.worldnow.com/images/ 10 KB
10 KB 140ms
139ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479532_G.jpg?auto=webp&disable=upscale&width=300

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 10183
cf-resized: internal=ok/h q=0 n=5 c=21 v=2022.9.7 l=10183
last-modified: Tue, 09 Jun 2020 17:31:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cflewqR2tbqOQFqX-MrlzVdA:e9d429ee90f3d05de4962461e425af56"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c5ef2d5caa-FRA

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 47 KB
14 KB 414ms
173ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9921&callback=jsonp1666747486644
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 87877c3fdbc67431e502b0db54a04d76b5f8de82a4eaa87f55674a3aa6168a45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:23:17 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 can-autoplay.3.0.0-1.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 8 KB
2 KB 28ms
28ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/can-autoplay.3.0.0-1.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: B8AM9CYMRAH9Y9DD
age: 59
x-amz-id-2: eca6aPQw7rl4nGiE2lh2Pmy+6eNnuCoUXMZmOvj3lME9nVr7De4z5SUsNTHJ/45EZ+xoCt2xGD0=
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
etag: W/"cee92fb89ab4f849569bd1354aeb4618"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ff62c5ebd45c62-FRA
expires: Wed, 26 Oct 2022 01:28:18 GMT

GET
H2 200 pubads_impl_2022102401.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79bbd067eff59b0e77f2c105b6a23129e341e4e0ed12a27e2618216fc1e850e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130586
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 08:37:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Oct 2023 09:28:31 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
718 B 64ms
27ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wpgxfox28.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d276300072ba9ba3c91c2af4c51b1035dd957da6f6545a94eaf713b67996b47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:23:18 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 48ms
15ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Oct 2022 02:12:11 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 89ms
29ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-82494642-223&cid=2143928551.1666747398&jid=1934908616&gjid=1889887525&_gid=492169997.1666747398&_u=aChAgUAjAAAAAEACM~&z=873860463

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 01:23:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1499452031&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wpgxfox28.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20-%20WPGX-Fox28%20-%20WPGX%20-%20Fox28&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUAjAAAAAAACM~&jid=1934908616&gjid=1889887525&cid=2143928551.1666747398&tid=UA-82494642-223&_gid=492169997.1666747398&gtm=2wgao0WV2QLD&cg1=Homepage&cg2=null&cg3=null&cg4=wpgx&cd1=Lockwood%20Broadcast%20Group&cd2=GTM-WV2QLD&cd3=59&cd4=&cd5=&cd7=1666747397777&cd8=1666747397777.cqbhqbt&cd9=0&cd10=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&cd11=1417&cd12=wpgx&cd13=150&cd22=Homepage&cd32=ResponsiveWeb&z=1885878764

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 20:30:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17586
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 97ms
24ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 63ms
24ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 753 B
435 B 604ms
572ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2911656432363251&correlator=2055273428364298&eid=31070529%2C31061166%2C31069101&output=ldjh&gdfp_req=1&vrg=2022102401&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Cweather&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=88x30&ifi=1&adks=3685865167&sfv=1-0-38&prev_scp=wnsz%3D124&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747398206&lmt=1666747398&dlt=1666747396770&idt=1401&adxs=1382&adys=44&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=88x0&msz=88x0&fws=512&ohw=0&ga_vid=2143928551.1666747398&ga_sid=1666747398&ga_hid=1499452031&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c75ed3445dc651b309ab4c0956bcd9fcbc3353d685ce76d9e925fc15dc9fd4de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 405
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 640 B
362 B 780ms
749ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2911656432363251&correlator=2055273428364298&eid=31070529%2C31061166%2C31069101&output=ldjh&gdfp_req=1&vrg=2022102401&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90&ifi=2&adks=3379187505&sfv=1-0-38&prev_scp=wnsz%3D41&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747398213&lmt=1666747398&dlt=1666747396770&idt=1401&adxs=84&adys=175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=1432x0&msz=1432x0&fws=0&ohw=0&ga_vid=2143928551.1666747398&ga_sid=1666747398&ga_hid=1499452031&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16e3c51fd94d2e7a8b03ab2f6cef4ceffe738c0020a19648535ee2bd6479c9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
13 KB 273ms
241ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2911656432363251&correlator=2055273428364298&eid=31070529%2C31061166%2C31069101&output=ldjh&gdfp_req=1&vrg=2022102401&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=3&adks=3909097108&sfv=1-0-38&prev_scp=wnsz%3D246&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747398215&lmt=1666747398&dlt=1666747396770&idt=1401&adxs=84&adys=876&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=1072x20&msz=1072x0&fws=0&ohw=0&ga_vid=2143928551.1666747398&ga_sid=1666747398&ga_hid=1499452031&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49fb1b41a55d8a54f546502d1990558fdec7d22f4a551c386c9ce1c059c8f6b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13459
x-xss-protection: 0
google-lineitem-id: 6084843041
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400723574
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 641 B
366 B 1500ms
1469ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2911656432363251&correlator=2055273428364298&eid=31070529%2C31061166%2C31069101&output=ldjh&gdfp_req=1&vrg=2022102401&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=4&adks=1302924173&sfv=1-0-38&prev_scp=wnsz%3D43&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747398218&lmt=1666747398&dlt=1666747396770&idt=1401&adxs=1164&adys=329&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=352x0&msz=352x0&fws=0&ohw=0&ga_vid=2143928551.1666747398&ga_sid=1666747398&ga_hid=1499452031&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50fe076b4a51c3307b7b88dd25fbdb3e4fc1fb0118f353f9edfe2ea73b33257d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 336
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 641 B
366 B 1269ms
1238ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2911656432363251&correlator=2055273428364298&eid=31070529%2C31061166%2C31069101&output=ldjh&gdfp_req=1&vrg=2022102401&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600%7C300x250&ifi=5&adks=578825613&sfv=1-0-38&prev_scp=wnsz%3D52&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747398220&lmt=1666747398&dlt=1666747396770&idt=1401&adxs=1164&adys=669&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=352x0&msz=352x0&fws=0&ohw=0&ga_vid=2143928551.1666747398&ga_sid=1666747398&ga_hid=1499452031&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edaeb4ebf21c6cafb34661054ce8a3603eb51fa0b207305c4ae7592f8f98793d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 336
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 640 B
359 B 431ms
400ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2911656432363251&correlator=2055273428364298&eid=31070529%2C31061166%2C31069101&output=ldjh&gdfp_req=1&vrg=2022102401&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=6&adks=2761786973&sfv=1-0-38&prev_scp=wnsz%3D346&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747398222&lmt=1666747398&dlt=1666747396770&idt=1401&adxs=84&adys=2176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=1072x0&msz=1072x0&fws=0&ohw=0&ga_vid=2143928551.1666747398&ga_sid=1666747398&ga_hid=1499452031&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4433dfc74edabc0149be97a7ae6f3e5d81c4ac424504c64478296e49bc561e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F46 6 KB
4 KB 94ms
23ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:23:18 GMT
expires: Thu, 26 Oct 2023 01:23:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 854 B
533 B 188ms
188ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32401

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734c0ba074ffcf4bd3e7d10f27abf07bd4ed00b8c9d2c245cf1420df1dbfbad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 465
x-xss-protection: 1; mode=block
x-response-time: 31ms
server: cloudflare
etag: W/"356-pnfte0XxREDP0KJs1SUXDyg/NFM"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff62c72fdb9bfb-FRA
expires: Wed, 26 Oct 2022 01:26:18 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 855 B
566 B 136ms
136ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32403

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bc3f3a80e8e41ab016933c5070ef6e94dadc39d0f41abb1e2c0899f3cd93fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 463
x-xss-protection: 1; mode=block
x-response-time: 458ms
server: cloudflare
etag: W/"357-592B3qu4f4LrXER2LWfaA76QP7Q"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff62c72fde9bfb-FRA
expires: Wed, 26 Oct 2022 01:26:18 GMT

GET
H2 200 27_mostlycloudy_night.png
ngw-static.franklyinc.com/assets/static/ 2 KB
3 KB 32ms
30ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/static/27_mostlycloudy_night.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646f822b200d3945414f6d39a6218348f33974446ae17193bfaf2c8e1fd8bb4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
cf-cache-status: HIT
x-amz-request-id: FF888945TZKXGH5X
age: 2167
content-length: 2470
x-amz-id-2: deCDKtnRQjOyHhi62REHNPSTm1XI5b6Zeg/GMJhif5w4lnaYxRVdFZ9eQbq6alcsGGJynhMD06o=
last-modified: Tue, 03 Mar 2020 16:10:12 GMT
server: cloudflare
etag: "c7510f3ec8473a041c7d6030355ac287"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c72d9a68fb-FRA
expires: Wed, 26 Oct 2022 05:23:18 GMT

GET
H2 200 1HxTVSN.png
ngw-static.franklyinc.com/assets/10763/ 262 B
502 B 29ms
29ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/1HxTVSN.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
cf-cache-status: HIT
x-amz-request-id: 5H3C42FJ7B67KJ6S
age: 4
content-length: 262
x-amz-id-2: RAu3cGvazSuqPlERVlGJsvxzzGQXHsGCEyRrSn0nvvqjle0mhNzILekE+LFodM2ETRLVdptTkkw=
last-modified: Tue, 05 Apr 2022 19:24:06 GMT
server: cloudflare
etag: "b3275baf43d3a9e28ba8e1856b5b342e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff62c72d9c68fb-FRA
expires: Thu, 26 Oct 2023 01:23:18 GMT

GET
H2 200 qX7G0Ix.png
ngw-static.franklyinc.com/assets/10763/ 267 B
490 B 33ms
32ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/qX7G0Ix.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
cf-cache-status: HIT
x-amz-request-id: 5H3F5YE4ZMKDFYJX
age: 4
content-length: 267
x-amz-id-2: EizK6kXcnV0q4QzB8LAh2R/VU+zlvtWe2LMX3A/bnJ3jwHMopQJFz6g42NqrGGwDD8zA8VNSpiY=
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
etag: "7c93283255679646ceb48b0a09e528ce"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff62c72d9d68fb-FRA
expires: Thu, 26 Oct 2023 01:23:18 GMT

GET
H2 200 ENmisP2.png
ngw-static.franklyinc.com/assets/10763/ 262 B
430 B 30ms
29ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/ENmisP2.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
cf-cache-status: HIT
x-amz-request-id: 5H37Y6HM7RTNJQ11
age: 4
content-length: 262
x-amz-id-2: 3FJXyJR8yD7pZPTsXLUaQRtkdCC+zDGM0DENzIjne3CcFn2EJDGR1zRF+Eoyht3iSP8UJDuuhY8=
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
etag: "2181a1a027aad6f2c0a77442ffe37662"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff62c72d9e68fb-FRA
expires: Thu, 26 Oct 2023 01:23:18 GMT

GET
H2 200 2LRxrU9.png
ngw-static.franklyinc.com/assets/10763/ 267 B
463 B 30ms
30ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/2LRxrU9.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
cf-cache-status: HIT
x-amz-request-id: S69J9GAPZ0CWZJB8
age: 4
content-length: 267
x-amz-id-2: 8yj2EmKgYGiBTvwJtu97xW54n584Vj/aodw4rxoxPU0IFFS8EAFlkW+uDxHCVT+AxUBOZ9BCgtU=
last-modified: Tue, 05 Apr 2022 19:24:07 GMT
server: cloudflare
etag: "3539134c74c2fa207b851387b14bf8db"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff62c72da068fb-FRA
expires: Thu, 26 Oct 2023 01:23:18 GMT

GET
H2 200 one.js Show response
csp.azureedge.net/cdn/OneCol/ 138 KB
61 KB 132ms
27ms Script
application/javascript 2a02:26f0:1700:16::b856:fbd6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:16::b856:fbd6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 22:43:11 GMT
server: Microsoft-IIS/10.0
etag: "1d8a39c948c0162"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 61870

GET
H2 200 19733943_G.jpg
wpgx.images.worldnow.com/images/ 7 KB
8 KB 46ms
44ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19733943_G.jpg?auto=webp&disable=upscale&width=180

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d99171489f4050fea6a4c2440c9d0337f8ae8b2bedb7116587687621d85d7261

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7429
cf-resized: internal=ok/h q=0 n=8 c=0+7 v=2022.10.4 l=7429
last-modified: Fri, 17 Jul 2020 13:21:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfmYfVqSzcBOhU94WJ1kJq2Q:c686b109d4ccfcc5ff29e506b8c7be00"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c83ad15caa-FRA

GET
H2 200 23538527_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 47ms
46ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23538527_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666492378000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7925
cf-resized: internal=ok/r q=0 n=49 c=4+16 v=2022.10.4 l=7925
last-modified: Sun, 23 Oct 2022 06:32:59 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ_UGDutcYHj9sD2OctrBFQ:3735f9c74f0aa70c7cc6eecd73299060"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c83ad35caa-FRA

GET
H2 200 23536579_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 44ms
42ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536579_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398803000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8261
cf-resized: internal=ok/h q=0 n=57 c=33+29 v=2022.10.4 l=8261
last-modified: Sat, 22 Oct 2022 04:33:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf1ABno7LG6Qr_JeP26kPOFw:7a1752c7bd1d57fe09ae93db6b958529"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c83ad55caa-FRA

GET
H2 200 23522285_G.png
stacker.images.worldnow.com/images/ 16 KB
17 KB 41ms
40ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23522285_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666195627000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16690
cf-resized: internal=ok/h q=0 n=27 c=7+42 v=2022.10.4 l=16690
last-modified: Wed, 19 Oct 2022 20:07:09 GMT
cf-bgj: imgq:92,h2pri
server: cloudflare
etag: "cfqnnKfSXPbaZ3ZNp7zJULGA:10c7a9722e59986b3c276aaf52070a55"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c83ad85caa-FRA

GET
H2 200 23538179_G.png
prsubmitpresslifestyle.images.worldnow.com/images/ 3 KB
3 KB 37ms
36ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prsubmitpresslifestyle.images.worldnow.com/images/23538179_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666483844000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbbfef54b7356d5976be2578760874b170b4fcbed606288da533c60e173e2e2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2982
cf-resized: internal=ok/h q=0 n=21 c=0+7 v=2022.10.4 l=2982
last-modified: Sun, 23 Oct 2022 04:10:45 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf4R9LQ5AS8QKZciMw8KCd5g:debdd5a5a82a34479fa2e0bc61fa293a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c83ad95caa-FRA

GET
H2 200 23542395_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
7 KB 83ms
82ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23542395_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666607710000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6643
cf-resized: internal=ok/h q=0 n=14 c=8+33 v=2022.10.4 l=6643
last-modified: Mon, 24 Oct 2022 14:35:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfEknHVv2yFvHvZ81xMXuaHg:81c46f16217054073f3a98e771975693"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c83ada5caa-FRA

GET
H2 200 23499493_G.jpg
cntsyncont.images.worldnow.com/images/ 9 KB
9 KB 37ms
36ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23499493_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665797531000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9362
cf-resized: internal=ok/r q=0 n=56 c=10+17 v=2022.10.4 l=9362
last-modified: Sat, 15 Oct 2022 05:32:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfprW84uaruG_N6C6EyJ11_A:cdaf8cf9639796b81112c0342c38b503"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c83adb5caa-FRA

GET
H2 200 23498073_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 36ms
35ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23498073_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665747135000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7340
cf-resized: internal=ok/h q=0 n=32 c=17+22 v=2022.10.4 l=7340
last-modified: Fri, 14 Oct 2022 15:32:17 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfSoNXPw48_6-id_E4wAAVAg:1e1f8085f5e6f7827db91f1eaa0453f2"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c83add5caa-FRA

GET
H2 200 23485935_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 42ms
42ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23485935_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665624698000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8024
cf-resized: internal=ok/r q=0 n=17 c=19+22 v=2022.10.3 l=8024
last-modified: Thu, 13 Oct 2022 05:31:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfkJbhmwlGYa8rFfywoAQS3A:d4a1bf597d0d1fc965c42753151f335c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62c83ade5caa-FRA

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 61ms
24ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 23:39:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 01:23:18 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 90ms
29ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-36655742-6&cid=2143928551.1666747398&jid=1850468018&gjid=1779249443&_gid=457417177.1666747398&_u=aCHAgAgBCAAAAEAEIAB~&z=197659679

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 01:23:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
16ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1499452031&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wpgxfox28.com%2F&dp=%2Fwidget%2Fwpgx%2F9921%2FUpcoming%20Events%2F2a3128a5934a6114a6117a%2F&ul=en-us&de=UTF-8&dt=Home%20-%20WPGX-Fox28%20-%20WPGX%20-%20Fox28&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCHAgAgBCAAAAAAEIAB~&jid=1850468018&gjid=1779249443&cid=2143928551.1666747398&tid=UA-36655742-6&sf=5&_gid=457417177.1666747398&z=1356552964

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 20:30:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17586
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 2 KB
938 B 43ms
24ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1721192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ff62c8b8aabbb9-FRA
expires: Mon, 16 Oct 2023 01:23:18 GMT

GET
H/1.1 200
OK 5AZPjXSH6UyWjNutGcgQhg.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 223 KB
223 KB 679ms
166ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/5AZPjXSH6UyWjNutGcgQhg.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9ddf568f70123e07d50cb4bb2fd5f687c105e6cb814a8914cfbdfd736ab73f12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:19 GMT
Last-Modified: Sat, 08 Oct 2022 20:08:41 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: bqZ62cqYakeDMvgOH+fGqA==
ETag: 0x8DAA968E55EA2AD
Content-Type: application/octet-stream
x-ms-request-id: eb4e2bec-101e-007a-0dd9-e820f1000000
x-ms-version: 2009-09-19
Content-Length: 228281

GET
H/1.1 200
OK Hotn_cDH4E22YaA4Rj5Yfw.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 312 KB
312 KB 729ms
207ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/Hotn_cDH4E22YaA4Rj5Yfw.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9269e1d00da11f333cedf8d2a21a22c6475e377ae0bb2f03d99b94a2e1cded2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:18 GMT
Last-Modified: Mon, 05 Sep 2022 22:27:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: uMduQJ8tYHVhkT9z6oo62A==
ETag: 0x8DA8F8DD6BA05C5
Content-Type: application/octet-stream
x-ms-request-id: 703fe132-c01e-0079-55d9-e8c195000000
x-ms-version: 2009-09-19
Content-Length: 319428

GET
H/1.1 200
OK 073a29d5-8362-43ec-99db-4e3f1dbdfcfb.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 35 KB
36 KB 693ms
170ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/073a29d5-8362-43ec-99db-4e3f1dbdfcfb.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5f138d62a5d56b269b25d58da8041bd70b9765cdd99e9c2bbb6f705b2e7790f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:19 GMT
Last-Modified: Tue, 06 Nov 2018 02:30:44 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 84JTfhWHhcsCmgXfxpOFMA==
ETag: 0x8D6438FDAA95A59
Content-Type: application/octet-stream
x-ms-request-id: 6c45786e-a01e-0022-18d9-e8f8ae000000
x-ms-version: 2009-09-19
Content-Length: 36192

GET
H/1.1 200
OK d184b3a3-2a3e-49fd-af9d-6db083e5f410.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 65 KB
65 KB 693ms
170ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/d184b3a3-2a3e-49fd-af9d-6db083e5f410.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4156f57c3080b420ebef3ed8d5919f91359e998ee9a1aeadce9aa5f3f53a5d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:18 GMT
Last-Modified: Sun, 22 Mar 2015 07:11:54 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ymM9dXB/2ls4uWGdleukDw==
ETag: 0x8D232869C670564
Content-Type: image/png
x-ms-request-id: d1a4b3b7-a01e-000d-3fd9-e8f565000000
x-ms-version: 2009-09-19
Content-Length: 66309

GET
H/1.1 200
OK 1efa76c5-14c5-401b-95ee-47289b0c66b6.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 26 KB
27 KB 694ms
170ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1efa76c5-14c5-401b-95ee-47289b0c66b6.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: aa07d80aec8be3bb2ab5e5872b20e5cb3d480c890e05546c57d2d48042977d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:18 GMT
Last-Modified: Tue, 09 Dec 2014 04:15:39 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: atyYYxf/sQyR2QVl65rvUg==
ETag: 0x8D1E17DEC7DC56F
Content-Type: image/png
x-ms-request-id: a20764df-401e-0005-34d9-e8ef6a000000
x-ms-version: 2009-09-19
Content-Length: 27011

GET
H/1.1 200
OK ef6bb37e-4ae8-4cf5-a1c6-0c22f722a472.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 30 KB
31 KB 708ms
174ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ef6bb37e-4ae8-4cf5-a1c6-0c22f722a472.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7c31a7b0990af81a279b26ca80b9c39f73e1ade39f7fd9117950b1d558e52e2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:18 GMT
Last-Modified: Fri, 03 Apr 2015 05:38:58 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: rtZXUYNiaxrCEFeBW1DXWw==
ETag: 0x8D23BE79DFFD983
Content-Type: image/png
x-ms-request-id: fd17f8a2-301e-0042-7ed9-e88431000000
x-ms-version: 2009-09-19
Content-Length: 31188

GET
H/1.1 200
OK 03a52b11-7bc8-4e56-8e11-db9f8b53297a.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 19 KB
19 KB 171ms
171ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/03a52b11-7bc8-4e56-8e11-db9f8b53297a.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c2c16cae7de7a79ac3a5404b76dabb5ba25708562ce7767a6113f08d17c70f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:19 GMT
Last-Modified: Tue, 23 Oct 2018 05:43:35 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: EJR7a59P0jco4ERkSEgdEw==
ETag: 0x8D638AA79B3BF4A
Content-Type: application/octet-stream
x-ms-request-id: 6c457905-a01e-0022-1bd9-e8f8ae000000
x-ms-version: 2009-09-19
Content-Length: 19350

GET
H/1.1 200
OK bY236gUZxkmixor8zhKIug.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 30 KB
31 KB 170ms
170ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/bY236gUZxkmixor8zhKIug.medium.jpg
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0adda642d06c3b2804a96604c9edef761749138422b773baddb31afbe7ce4d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:18 GMT
Last-Modified: Tue, 11 Oct 2022 19:05:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: kpESG9ebQVObO2u0Y7MUmw==
ETag: 0x8DAABBB95B3E256
Content-Type: application/octet-stream
x-ms-request-id: a2076573-401e-0005-42d9-e8ef6a000000
x-ms-version: 2009-09-19
Content-Length: 31089

GET
H/1.1 200
OK 1Yja2ooc4UOhjTq7uHSEJw.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 50 KB
51 KB 173ms
173ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1Yja2ooc4UOhjTq7uHSEJw.medium.jpg
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 48918968dd9a4892fb71a9f6fd0d25826f727dd379406cf755174e30cd13d81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:18 GMT
Last-Modified: Sun, 23 Oct 2022 14:34:55 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 88U7r0K6ACnM72rQGiax3g==
ETag: 0x8DAB503C0E94A08
Content-Type: application/octet-stream
x-ms-request-id: fd17f9b9-301e-0042-62d9-e88431000000
x-ms-version: 2009-09-19
Content-Length: 51568

GET
H/1.1 200
OK NA8dTSpbhEOJ1JkszAKXnw.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 44 KB
45 KB 170ms
170ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/NA8dTSpbhEOJ1JkszAKXnw.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d860e91242b6b2dbc46a04b545ddbcc4a53a01d7343dcb9d011bf8853a441a7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:19 GMT
Last-Modified: Thu, 22 Sep 2022 07:21:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: uJsFjNZRq5/pUE4wNsKSfw==
ETag: 0x8DA9C6B12B39EC1
Content-Type: application/octet-stream
x-ms-request-id: d1a4b480-a01e-000d-75d9-e8f565000000
x-ms-version: 2009-09-19
Content-Length: 45522

GET
H/1.1 200
OK ih1GJz8UgUi0jufwdOZG8g.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 30 KB
31 KB 171ms
171ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ih1GJz8UgUi0jufwdOZG8g.medium.jpg
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 195ed5974f767542dd0cf8aa95bd476000c8a9d93134084f9f36006f5691fde7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:18 GMT
Last-Modified: Sat, 18 Jun 2022 15:19:58 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: mieyrJe51qqCsbXqDLCsDA==
ETag: 0x8DA513E01ABADA1
Content-Type: application/octet-stream
x-ms-request-id: a20765b9-401e-0005-04d9-e8ef6a000000
x-ms-version: 2009-09-19
Content-Length: 31184

GET
H/1.1 200
OK wYd4pZ24ckiuTH1H7sS7_g.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 122 KB
122 KB 172ms
172ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/wYd4pZ24ckiuTH1H7sS7_g.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cdbfc79eb2d21f053b4ddf353cc46aecb68a876785c2cc63326bd204e9f6c982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:19 GMT
Last-Modified: Thu, 22 Sep 2022 07:21:34 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: raOKVWyqJDiNcoJmQg/Hzg==
ETag: 0x8DA9C6B14B4C92C
Content-Type: application/octet-stream
x-ms-request-id: 6c45795b-a01e-0022-6ad9-e8f8ae000000
x-ms-version: 2009-09-19
Content-Length: 124652

GET
H/1.1 200
OK 2pnBOQJvBEe2oB55pRCyRA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 40 KB
41 KB 174ms
174ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/2pnBOQJvBEe2oB55pRCyRA.medium.jpg
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 199e5795b09dda994fd37e7c1c711a4385628fceb25dfbaebc19d0d587e80040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:19 GMT
Last-Modified: Wed, 20 Apr 2022 09:16:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: XhZAjb7ZUf6bKcguKdbK7Q==
ETag: 0x8DA22AE730EED66
Content-Type: application/octet-stream
x-ms-request-id: fd17fa46-301e-0042-57d9-e88431000000
x-ms-version: 2009-09-19
Content-Length: 41447

GET
H/1.1 200
OK 7567e009-f61f-4e1c-8c34-242486fea66f.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 41 KB
41 KB 168ms
167ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/7567e009-f61f-4e1c-8c34-242486fea66f.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 98818d35d4c98fa17afc5b59d080fefa902ea8c8ca10601591eca13b65f6c2d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:19 GMT
Last-Modified: Thu, 06 Sep 2018 10:40:29 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: To0fuhJLweIrSpXMhl/zoQ==
ETag: 0x8D613E52A15A6F8
Content-Type: image/png
x-ms-request-id: eb4e2cd1-101e-007a-66d9-e820f1000000
x-ms-version: 2009-09-19
Content-Length: 41756

GET
H/1.1 200
OK a3723c61-266e-4cf4-9883-4fa777a6455d.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 32 KB
32 KB 172ms
172ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/a3723c61-266e-4cf4-9883-4fa777a6455d.medium.PNG
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6a644bae263fe0b6f0db2237db0dd4341f43b107e3ea4b99d1f0b1f615267cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:23:19 GMT
Last-Modified: Sat, 01 Dec 2018 06:53:40 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ZdupdJtvRt7oZncVZtHUYQ==
ETag: 0x8D65759BA579F00
Content-Type: image/png
x-ms-request-id: d1a4b4cd-a01e-000d-36d9-e8f565000000
x-ms-version: 2009-09-19
Content-Length: 32468

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1499452031&t=pageview&_s=2&dl=https%3A%2F%2Fwww.wpgxfox28.com%2F&dp=%2Fwidget%2Fwpgx%2F9921%2FUpcoming%20Events%2F2a3128a5934a6114a6117a%2F&ul=en-us&de=UTF-8&dt=Home%20-%20WPGX-Fox28%20-%20WPGX%20-%20Fox28&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCHAgAgBCAAAAEAEIAB~&jid=&gjid=&cid=2143928551.1666747398&tid=UA-36655742-6&sf=5&_gid=457417177.1666747398&z=176116661

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 20:30:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17586
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 58ms
24ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 58ms
25ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
12 KB 427ms
427ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2911656432363251&correlator=493897124723490&eid=31070529%2C31061166%2C31069101&output=ldjh&gdfp_req=1&vrg=2022102401&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cnat-external%2Ceviesays%2Cfrankly%2Cwpgx&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=7&adks=589688313&sfv=1-0-38&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666747398551&lmt=1666747398&dlt=1666747396770&idt=1401&adxs=1190&adys=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=2143928551.1666747398&ga_sid=1666747398&ga_hid=1499452031&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a09418608b20fe6cdb6170bcacef77b5f2ad242193ad2a0f88a6294d7a421416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12549
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BFD3 0
0 54ms
53ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2XEz3RpdJBsN9C7tuIZgRPKxn_N8lr1Q9F_xfr35TJJNVLO6qn5d1iKC9MMUskBeVu9JS0cJdVkPc4TNiDslk2TIfiG0pp70SYBoFNlFMaKQNLCheVAP3wFJddkTGG15sxFgVbdIcUgxAVszJhW_6aw14XGhJ1nkA_5di7ZuzypB_tfPkgF_AeRAYYxTBDOD0XvE3dkmFCJjX9pQzea2Rq_QsuJeJIzb7iQ61z1NWj1s5HCb-zaUo4qZqd5Hr9Xm5Q5Sfwt_ckW2COF6bMqKZ2DJIear7uxhOw4BK9yzYJTF36q_j9Ipw9LSd_ZaX3VX6HYylVjLxuJd2nwvbgDKlO_tQT8htsiMLc9V2KCXN2VPE&sai=AMfl-YQJCJRK-8nR6JgByWwMSuAfgWawCzBFqIKGDm5V6qKQ6Dxdaofyzz8JftZ2bEeaakIVMCkP7LRLoeIVsY4ZTITbPFmuvPuOi3kYF7XvVFIPAp4ouyaaU0xz8n6tsd9HCI0wNg&sig=Cg0ArKJSzDD3A7Mw3an1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:23:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame BFD3 3 KB
2 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFD3 152 KB
46 KB 58ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:23:18 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame BFD3 8 KB
4 KB 134ms
33ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138400723574&splc=/43459271/loc-desktop/wpgx/web/homepage&adu=21957163323&unit=728x90&btreg=6084843041138400723574&btadsrv=6084843041138400723574&ctx=19955922&cmp=DV451308
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:23:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 14:24:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80e87b37ebe6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H2 200 9180216086468094454
tpc.googlesyndication.com/simgad/ Frame BFD3 296 KB
297 KB 57ms
17ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9180216086468094454

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f84075094722379c5166b269b0cb0663503923b9433c944d31958a92caa1c48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 08:26:54 GMT
x-content-type-options: nosniff
age: 406584
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 303601
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 13:44:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Oct 2023 08:26:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BFD3 0
0 65ms
25ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwmw1qLbTQFK6cCWeTF4UYkm9lr4dNa3qOHV9kPtEJaIB4RxHnVzzC0yMRPObhIl7M6jTvcmX6f9NmUO69XhaI-7J9SQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 47ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 109974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:50:24 GMT

GET
DATA 200
OK truncated
/ Frame BFD3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e37308e233d2d529d59945342bccbb9b24d55b3120179386933871d25e1867c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BFD3 0
0 86ms
52ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssh0BeHGC_9vhCN0vzguEaRK0HSAHb8ue6rYX7JCrUBcfexVMC9ISbm7ohtdA1rvK0hfwht0o5ABkqDD9EUPi87-R-Ec-fUX9Yur8jEZ1wmYR0mqQ_1psxev62jotwhwFQsUo1cLuwOA31fifB22OEsd43omcb2QLv5-83Bq-Sm36uokOEugz0p7N_pacO5-cVVqLlgiPj0ngoL6IFfZc8KN8CDoW7p8smKMdMWmQ4DHD-gHGFpJmuDyj_U1FeMTL3bNIfLPk3jm2UtGYCIgs_Q37bu1PXvhoDxP1QOpdJ9XijW2k_nzmB7ABzP0kuq4TNPo0BiR8Ni9ciU_iN1zWY55gB9Aov_&sai=AMfl-YTOBKa2eObW7LKrTAstoLECFMGgQnHaSF2hcLLymvzKeK3tQFjXUf0eOs9BPOpKnARD7lF8RtrnVKweJz_wRv-hE-mSxz6EE1WQDELAcNt0vtSyVPc8Z6MgK-DrCzeClulADw&sig=Cg0ArKJSzJgOXMSAH4QPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:23:18 GMT

GET
H/1.1 200
OK dv-measurements3130.js Show response
cdn.doubleverify.com/ Frame DD19 545 KB
105 KB 18ms
17ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3130.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:23:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 11:48:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e9d655d5e6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106973

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame DD19 694 B
698 B 101ms
23ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=61&ttfrms=29&brid=3&brver=106.0.5249.119&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DHA8I7%40Iag%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DHA8I7%40Iag%5D4%40%3ETar9EEADTbpTauTauHHH%5DHA8I7%40Iag%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=10&ddur=136&uid=1666747398810958&jsCallback=dvCallback_1666747398810231&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.wpgxfox28.com%2F&fwc=0&fcl=477&flt=34&fec=1124&fcifrms=2&brh=2&sdf=2&dvp_epl=154&noc=4&nav_pltfrm=Win32&ctx=19955922&cmp=DV451308&btreg=6084843041138400723574&btadsrv=6084843041138400723574&adsrv=104&unit=728x90&seltag=1&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138400723574&splc=/43459271/loc-desktop/wpgx/web/homepage&adu=21957163323&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=13897769.80635996&dvp_tukv=393307474.49558926&dvp_uuid=2632960.314261191&dvp_tuid=578506527899
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 06ee0f24a081353d90d81d02e624429bc370fbfe5a5c94f910dfd41ab9877586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:23:18 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/25/2022 01:23:18

GET
H3 200 container.html Show response
bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2160 6 KB
3 KB 48ms
15ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:23:18 GMT
expires: Thu, 26 Oct 2023 01:23:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 26D8 0
0 60ms
59ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CytRSBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSJAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4wpKAF8VFjap5qV-Vd2G0swjKcR6mThehPe05TslFsXGeE2ouuDVLgBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAzgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTYwNDIzNzM5NTEyMzc1MDIYr_oW&sigh=rcWcQ2AI4W0&uach_m=[UACH]&cid=CAQSPADq26N9J9FS6bt75Xcx1eFby6kXEUHMzIQZUlEDwU57gLIiyAUPjkV6thkz8HKh5ZW7G01zDRjTmtQkrBgBIBM
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 26D8 0
0 70ms
27ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jnqprd653a32nsv3nsztpyxmwght59s2z55wngf5rdcsyj7h8svf8h57m6cxrqar9hjp5myfe1ghbkj21ab5r11egb3can95rxe0qf4n6jyptynsybt1958arrfcrczssnkm68rf9yefqxj8yea6x6zxeb0fevear3jchsf30wxdm8z9vcn2dxemqp0y479kwxxgxb5w42aegxt70rkw7m4967e21n2ne9284rm1c8ncfz946rqg6qgr3v41zg8fgcgyqgf7n1k1ae5wxpxyqvh3zey48fjtnxbrv05x7a2hhfrgtp6h6gggnn1t3fy2e4wjgm3wk1ew0v2768xshjy2vwk26m2etss3f4t88t5r3yf0gxekkb1am8pb0g6bdgtt3r0xedyxtfn8js5ydpg1fdmwks8&b=Y1iMBgAJOUoK5UhxAAQit8tcjP_v2bV5Xb4orA
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Oct 2022 01:23:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 5BD3 2 KB
3 KB 75ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h1m6ezzd0by2sqj4s1aw5f9vg2d2xqgn3b3ykxtnk74kptvkaywcc2ex57wmgmgbg46091g9jfw6c0mm4ctwqtphzs5rf3ky7zdpgptjtdtbfd2054zed8zvs13nz7aabq27gppd7wzyqf950edfbkwmkxfft99cysm2882sf1rz2ghs6y0vers06164xsy13h6ecrebm4x45d4fn6wpm0hf7wdgfe3hqeb3v0571zah1e7sgnf75bstjfgrhxkv1htn2teah6n7hxrk82nq3xqvjve7z3yz2jqx090v6wcaw1tzzxcbwdpc2sh3sh7fg042pdfgdpavp4ydmkdvb70jwf95yngvbgc665ctnk2jfx6myqf3bjkhz0rm6jvx4x2tc9xvvvsbfhtxeyxhzfsm76ef5ya2xzvshcy8xqe3s2m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%26client%3Dca-pub-6042373951237502%26adurl%3D

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30fc82b579909a8fc54d3b9656b5f109e3c75764823980d04781d1e9329befa1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75ff62cc7d269118-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:23:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 26D8 3 KB
1 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 220A 1 KB
1 KB 84ms
15ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 11:22:46 GMT
etag: 48472445140208031
expires: Wed, 26 Oct 2022 11:22:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 26D8 17 KB
7 KB 53ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 26D8 0
0 63ms
26ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBTGF97SPizckBg6lyxzKM-bZkLbw_Eermz4pQySF0h-Dob31AnOsS6WpmGLPFrtJASMlWZzHM4T1xHE8ANQtl2WjEAA
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 26D8 22 KB
7 KB 54ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 03:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Oct 2023 03:07:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26D8 152 KB
46 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:23:19 GMT

GET
DATA 200
OK truncated
/ Frame 26D8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 634230ba15e7926e313af452f7001f9f91680f68a28a16851192ea4888c8bf86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 5BD3 89 KB
11 KB 45ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h1m6ezzd0by2sqj4s1aw5f9vg2d2xqgn3b3ykxtnk74kptvkaywcc2ex57wmgmgbg46091g9jfw6c0mm4ctwqtphzs5rf3ky7zdpgptjtdtbfd2054zed8zvs13nz7aabq27gppd7wzyqf950edfbkwmkxfft99cysm2882sf1rz2ghs6y0vers06164xsy13h6ecrebm4x45d4fn6wpm0hf7wdgfe3hqeb3v0571zah1e7sgnf75bstjfgrhxkv1htn2teah6n7hxrk82nq3xqvjve7z3yz2jqx090v6wcaw1tzzxcbwdpc2sh3sh7fg042pdfgdpavp4ydmkdvb70jwf95yngvbgc665ctnk2jfx6myqf3bjkhz0rm6jvx4x2tc9xvvvsbfhtxeyxhzfsm76ef5ya2xzvshcy8xqe3s2m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%26client%3Dca-pub-6042373951237502%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h1m6ezzd0by2sqj4s1aw5f9vg2d2xqgn3b3ykxtnk74kptvkaywcc2ex57wmgmgbg46091g9jfw6c0mm4ctwqtphzs5rf3ky7zdpgptjtdtbfd2054zed8zvs13nz7aabq27gppd7wzyqf950edfbkwmkxfft99cysm2882sf1rz2ghs6y0vers06164xsy13h6ecrebm4x45d4fn6wpm0hf7wdgfe3hqeb3v0571zah1e7sgnf75bstjfgrhxkv1htn2teah6n7hxrk82nq3xqvjve7z3yz2jqx090v6wcaw1tzzxcbwdpc2sh3sh7fg042pdfgdpavp4ydmkdvb70jwf95yngvbgc665ctnk2jfx6myqf3bjkhz0rm6jvx4x2tc9xvvvsbfhtxeyxhzfsm76ef5ya2xzvshcy8xqe3s2m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%26client%3Dca-pub-6042373951237502%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 569290
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 11:15:09 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75ff62ccfb489018-FRA
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 5BD3 36 KB
12 KB 34ms
24ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h1m6ezzd0by2sqj4s1aw5f9vg2d2xqgn3b3ykxtnk74kptvkaywcc2ex57wmgmgbg46091g9jfw6c0mm4ctwqtphzs5rf3ky7zdpgptjtdtbfd2054zed8zvs13nz7aabq27gppd7wzyqf950edfbkwmkxfft99cysm2882sf1rz2ghs6y0vers06164xsy13h6ecrebm4x45d4fn6wpm0hf7wdgfe3hqeb3v0571zah1e7sgnf75bstjfgrhxkv1htn2teah6n7hxrk82nq3xqvjve7z3yz2jqx090v6wcaw1tzzxcbwdpc2sh3sh7fg042pdfgdpavp4ydmkdvb70jwf95yngvbgc665ctnk2jfx6myqf3bjkhz0rm6jvx4x2tc9xvvvsbfhtxeyxhzfsm76ef5ya2xzvshcy8xqe3s2m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%26client%3Dca-pub-6042373951237502%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52997
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tpbYEsU46BKTsa0p%2FZpOyAAOtR9ecOHm1QY8yMRkwYu80C4qwvxSCSMWz5K8fP89lIy0emXg4ZCuKVD%2BczsrrQBkNsRs10DnPhxfZCkVONQEUs7E9wjf2PtO9BPwQs%2BbwfuUxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 75ff62cced8b9118-FRA
expires: Tue, 18 Oct 2022 10:40:08 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 220A 0
104 B 122ms
40ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECfjxDC87zMzfh7E6PnNe6c&google_cver=1&google_push=AZmPxg9G_tImd0bmgUk22Ly0W8xtijYWxJIg6ZT6KpvPIXOg4FN6XFYRFNmMbTlG4IxjE8Wljv1w5Soi0ooWrjVKHLGZPYxMDM-khA
Requested by: Host: bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com
URL: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:23:19 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 220A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDycYJB6qiDqjp1sbq25G_s&google_cver=1&google_push=AZmPxg8EXrFopyjOrjKiU2hLzz5rsdZ6amHMdzL8G9o0i3JE0xIrs6yR6es5gnhWFXjZqmJ03ij3ZGYgVUSW_9pRCUlBxUJ3jrPNqw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB0BA8D7FB76403EAC33ADE24B1C808A&google_push=AZmPxg8EXrFopyjOrjKiU2hLzz5rsdZ6amHMdzL8G9o0i3JE0xIrs6yR6es5gnhWFXjZqmJ03ij3ZGYgVUSW_9p...

170 B
232 B

30ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB0BA8D7FB76403EAC33ADE24B1C808A&google_push=AZmPxg8EXrFopyjOrjKiU2hLzz5rsdZ6amHMdzL8G9o0i3JE0xIrs6yR6es5gnhWFXjZqmJ03ij3ZGYgVUSW_9pRCUlBxUJ3jrPNqw

Requested by

Host: bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com
URL: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 26 Oct 2022 01:23:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB0BA8D7FB76403EAC33ADE24B1C808A&google_push=AZmPxg8EXrFopyjOrjKiU2hLzz5rsdZ6amHMdzL8G9o0i3JE0xIrs6yR6es5gnhWFXjZqmJ03ij3ZGYgVUSW_9pRCUlBxUJ3jrPNqw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 25 Oct 2022 01:23:19 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 220A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFG7_FYvOuBO2blP_Thu2cs&google_cver=1&google_push=AZmPxg9mOV3UXuIpnZgJa9u84WQ3w1Je_FKM_pflG_U-V6nD0Pnya1gBUwer3EtoJCV_3_RGzgC015EpbcTvv_...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1ODYyNTU2OTQwMjI1NTUwMw%3D%3D&google_push=AZmPxg9mOV3UXuIpnZgJa9u84WQ3w1Je_FKM_pflG_U-V6nD0Pnya1gBUwer3EtoJCV_3_RGzgC015EpbcTvv_7KPS...

170 B
329 B

30ms
30ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1ODYyNTU2OTQwMjI1NTUwMw%3D%3D&google_push=AZmPxg9mOV3UXuIpnZgJa9u84WQ3w1Je_FKM_pflG_U-V6nD0Pnya1gBUwer3EtoJCV_3_RGzgC015EpbcTvv_7KPSfFr5lNqJNi1g

Requested by

Host: bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com
URL: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1ODYyNTU2OTQwMjI1NTUwMw%3D%3D&google_push=AZmPxg9mOV3UXuIpnZgJa9u84WQ3w1Je_FKM_pflG_U-V6nD0Pnya1gBUwer3EtoJCV_3_RGzgC015EpbcTvv_7KPSfFr5lNqJNi1g
Date: Wed, 26 Oct 2022 01:23:19 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 220A
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEBlGPBnFbPPUkX0oJIlWe_g&google_cver=1&google_push=AZmPxg8DVnD0_DoAoLKAUUUCde9L_OP7gM7gBsDYV63ZRIZWBvsu_mvY9QVocWLzlTi5UtfrXd7Sse0SZ5xwXSoOLe1k355...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBlGPBnFbPPUkX0oJIlWe_g&google_cver=1&google_push=AZmPxg8DVnD0_DoAoLKAUUUCde9L_OP7gM7gBsDYV63ZRIZWBvsu_mvY9QVocWLzlTi5UtfrXd7Sse0SZ5xwXSoOLe1k3...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8DVnD0_DoAoLKAUUUCde9L_OP7gM7gBsDYV63ZRIZWBvsu_mvY9QVocWLzlTi5UtfrXd7Sse0SZ5xwXSoOLe1k355DiERzgQ

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8DVnD0_DoAoLKAUUUCde9L_OP7gM7gBsDYV63ZRIZWBvsu_mvY9QVocWLzlTi5UtfrXd7Sse0SZ5xwXSoOLe1k355DiERzgQ

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8DVnD0_DoAoLKAUUUCde9L_OP7gM7gBsDYV63ZRIZWBvsu_mvY9QVocWLzlTi5UtfrXd7Sse0SZ5xwXSoOLe1k355DiERzgQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 220A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKcyCmZQ6zoTC488BV7ABVw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKcyCmZQ6zoTC488BV7ABVw&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcyCmZQ6zoTC488BV7ABVw&google_hm=Y1iMByMrMWt_dztc19ePhgAABH8AAAIB&google_nid=index&google_push=AZmPxg-AmXZaDb6Cp0R75Gyki1DAgf2Qt8AFB...

170 B
188 B

62ms
30ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcyCmZQ6zoTC488BV7ABVw&google_hm=Y1iMByMrMWt_dztc19ePhgAABH8AAAIB&google_nid=index&google_push=AZmPxg-AmXZaDb6Cp0R75Gyki1DAgf2Qt8AFBAKtLcMJjrToOBwI57YXaw729o4SQ5SH9FyjlkKc3qduIakkIBn0x_xXSAHDnhXq

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:23:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKcyCmZQ6zoTC488BV7ABVw&google_hm=Y1iMByMrMWt_dztc19ePhgAABH8AAAIB&google_nid=index&google_push=AZmPxg-AmXZaDb6Cp0R75Gyki1DAgf2Qt8AFBAKtLcMJjrToOBwI57YXaw729o4SQ5SH9FyjlkKc3qduIakkIBn0x_xXSAHDnhXq
cache-control: no-cache
cf-ray: 75ff62cd7d5c6957-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 220A
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEM3KrQRShr9oQ9qnOmDMkmY&google_cver=1&google_push=AZmPxg9m8nENMpfjKnh9NE-zn-9-RfS5BUhLT8YGlJ5_HfZ3R2qRBuB7Z4UAT0yUi3GVhRHuKMmg5X44zveEoz8ouq63sk...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEM3KrQRShr9oQ9qnOmDMkmY&google_cver=1&google_push=AZmPxg9m8nENMpfjKnh9NE-zn-9-RfS5BUhLT8YGlJ5_HfZ3R2qRBuB7Z4UAT0yUi3GVhRHuKMmg5X44zveEoz8o...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=5ovp9BmzQuacE_M4FqpsUQ&google_push=AZmPxg9m8nENMpfjKnh9NE-zn-9-RfS5BUhLT8YGlJ5_HfZ3R2qRBuB7Z4UAT0yUi3GVhRHuKMmg5X44zveEoz8...

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=5ovp9BmzQuacE_M4FqpsUQ&google_push=AZmPxg9m8nENMpfjKnh9NE-zn-9-RfS5BUhLT8YGlJ5_HfZ3R2qRBuB7Z4UAT0yUi3GVhRHuKMmg5X44zveEoz8ouq63sk-AzqQDqA

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=5ovp9BmzQuacE_M4FqpsUQ&google_push=AZmPxg9m8nENMpfjKnh9NE-zn-9-RfS5BUhLT8YGlJ5_HfZ3R2qRBuB7Z4UAT0yUi3GVhRHuKMmg5X44zveEoz8ouq63sk-AzqQDqA
access-control-allow-origin: *
date: Wed, 26 Oct 2022 01:23:19 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 220A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPjqRt9-mtqMOc5ID3V4BNI&google_cver=1&google_push=AZmPxg98-20ziyFBXBsAavYhl-lBgCSyBc-2I-sHHQe-2Iw071EwfwykdIN7Z8cHmCUYhoNNWH8IA4bXPj3yZgbt-hpQWIBWLf...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg98-20ziyFBXBsAavYhl-lBgCSyBc-2I-sHHQe-2Iw071EwfwykdIN7Z8cHmCUYhoNNWH8IA4bXPj3yZgbt-hpQWIBWLfe...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzUyMzA2Njg2Mzk4NTY3OTMyNTc3&google_push=AZmPxg98-20ziyFBXBsAavYhl-lBgCSyBc-2I-sHHQe-2Iw071EwfwykdIN7Z8cH...

170 B
232 B

29ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzUyMzA2Njg2Mzk4NTY3OTMyNTc3&google_push=AZmPxg98-20ziyFBXBsAavYhl-lBgCSyBc-2I-sHHQe-2Iw071EwfwykdIN7Z8cHmCUYhoNNWH8IA4bXPj3yZgbt-hpQWIBWLfeliw

Requested by

Host: bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com
URL: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzUyMzA2Njg2Mzk4NTY3OTMyNTc3&google_push=AZmPxg98-20ziyFBXBsAavYhl-lBgCSyBc-2I-sHHQe-2Iw071EwfwykdIN7Z8cHmCUYhoNNWH8IA4bXPj3yZgbt-hpQWIBWLfeliw
date: Wed, 26 Oct 2022 01:23:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 220A 0
232 B 83ms
26ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J3TmLO_WurBgShWg27ctdOu-aHtMe_ZbTZpY61Vve4EHFgRJI4rzwJNipqMChpIFMG5NpP

Requested by

Host: bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com
URL: https://bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5BD3 3 KB
4 KB 70ms
25ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23651681
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBwacCzoVwbhAjCuKoJeQs7vPxYcA6hGSJfcLGGxnL94tShq4DgH89fwuhtOxOfwNJ8CEGH0GHddwrz7NGbC6TYp7mzjaC3pRSk1L0l1PwuUUXbFEmQzYN04C5E%2FEQkTp0koqjCLxa7y8DWbgw25LDH6"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 75ff62cd7bf09a3b-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame B04E 2 KB
1 KB 27ms
27ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2611087
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 75ff62cd3b7b9018-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 01:23:19 GMT
expires: Sun, 25 Sep 2022 21:03:20 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oca3L9zHgG8DMeT6MuLE9oaYHy1loA5yASOsOZBSuZQ7Xn1fUn1RoYPv5H0GGETt1V9Fd4tMfdYJww2rvr2HwX78RnOyQ3qkOVRQIC0O%2BXmyxCRYRPsQsURqto4iJdSz5suQhSg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 5BD3 1 KB
2 KB 40ms
40ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074f252c7cf4938524a93bf2887302eb642298f65da05b46e8bffc6164fdf1da

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9f%2BK56ttqo433Y7BvBZk%2FWiwf2%2BvW6145G%2BkaLsPg2rCy0rZf0XYbjS1Muojm4hwYtnw4j8XOtlF9CmaKa4atPDCAcXVKLxtVp793CJQmdOw8mA5PbLfqukrRzSwTfD8ZcFERg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 75ff62cdd9489c12-FRA
x-backend-server: aa-reachservice-group-europe-west1-7z45
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 57ms
37ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75ff62cd99149c12-FRA
content-length: 24
content-type: text/plain
date: Wed, 26 Oct 2022 01:23:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vImhumtJRUxUl49Ab8PYP79WaMCRP4YsM2OxuRXGuZ7h2wYUUgPDikuQYwiHNenHGrkHZyukc2gyLl4BBP7HWqT%2FTLij3xsc0X4%2FXKnjA5YBZDq1D6WYrfrmdOGNMCl03BE04xo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-7z45

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 8490 3 KB
3 KB 32ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=186460&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA&c=300&d=50&e=&g=776dfcdc8435cc70e63ecd1214a33699%2F85122125910442867&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666747399349&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpb2hc5hgysysvamx5bnhpvqr487thn95xenq80r3r5gtvtb8gmn8a7ssw59jbmgfsr456ztx8sedpqp5bmq0bqgazc867bt3fw0s41h294nevy035mgj37q0q7jcsfs3zwj8ebj5ec9p43yrwfv56q0p5ds63ktczcybvj7rkx2khe5d0agpjv96gdtk3tvp9g626vf4w4shdcf9e7kdn6yxhzb42hadjpr8vqw7tp33wmv5vtjrxknz7q5s4mz4azdge4p3bdvwngdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbf81886aa7ceb26a9359bd86e795494fbbcbd1312464d1e32d0cd33e8fb11e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h1m6ezzd0by2sqj4s1aw5f9vg2d2xqgn3b3ykxtnk74kptvkaywcc2ex57wmgmgbg46091g9jfw6c0mm4ctwqtphzs5rf3ky7zdpgptjtdtbfd2054zed8zvs13nz7aabq27gppd7wzyqf950edfbkwmkxfft99cysm2882sf1rz2ghs6y0vers06164xsy13h6ecrebm4x45d4fn6wpm0hf7wdgfe3hqeb3v0571zah1e7sgnf75bstjfgrhxkv1htn2teah6n7hxrk82nq3xqvjve7z3yz2jqx090v6wcaw1tzzxcbwdpc2sh3sh7fg042pdfgdpavp4ydmkdvb70jwf95yngvbgc665ctnk2jfx6myqf3bjkhz0rm6jvx4x2tc9xvvvsbfhtxeyxhzfsm76ef5ya2xzvshcy8xqe3s2m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%26client%3Dca-pub-6042373951237502%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75ff62ce1c129018-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:23:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 8490 89 KB
11 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA&c=300&d=50&e=&g=776dfcdc8435cc70e63ecd1214a33699%2F85122125910442867&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666747399349&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpb2hc5hgysysvamx5bnhpvqr487thn95xenq80r3r5gtvtb8gmn8a7ssw59jbmgfsr456ztx8sedpqp5bmq0bqgazc867bt3fw0s41h294nevy035mgj37q0q7jcsfs3zwj8ebj5ec9p43yrwfv56q0p5ds63ktczcybvj7rkx2khe5d0agpjv96gdtk3tvp9g626vf4w4shdcf9e7kdn6yxhzb42hadjpr8vqw7tp33wmv5vtjrxknz7q5s4mz4azdge4p3bdvwngdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=186460&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA&c=300&d=50&e=&g=776dfcdc8435cc70e63ecd1214a33699%2F85122125910442867&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666747399349&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpb2hc5hgysysvamx5bnhpvqr487thn95xenq80r3r5gtvtb8gmn8a7ssw59jbmgfsr456ztx8sedpqp5bmq0bqgazc867bt3fw0s41h294nevy035mgj37q0q7jcsfs3zwj8ebj5ec9p43yrwfv56q0p5ds63ktczcybvj7rkx2khe5d0agpjv96gdtk3tvp9g626vf4w4shdcf9e7kdn6yxhzb42hadjpr8vqw7tp33wmv5vtjrxknz7q5s4mz4azdge4p3bdvwngdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 569290
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 11:15:09 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75ff62ce5c3c9018-FRA
expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 8490 8 KB
9 KB 37ms
26ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA&c=300&d=50&e=&g=776dfcdc8435cc70e63ecd1214a33699%2F85122125910442867&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666747399349&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpb2hc5hgysysvamx5bnhpvqr487thn95xenq80r3r5gtvtb8gmn8a7ssw59jbmgfsr456ztx8sedpqp5bmq0bqgazc867bt3fw0s41h294nevy035mgj37q0q7jcsfs3zwj8ebj5ec9p43yrwfv56q0p5ds63ktczcybvj7rkx2khe5d0agpjv96gdtk3tvp9g626vf4w4shdcf9e7kdn6yxhzb42hadjpr8vqw7tp33wmv5vtjrxknz7q5s4mz4azdge4p3bdvwngdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2484749
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06N8jOzWJY0OEqHLJ79d3wtpzz0IaXqiA8jYWFeJdqzdJ8utGEpYCDvxCsjDwVl8wm8%2FGyPKAKoGyUc%2F8AKxrCKqxwks0Irov%2F7lmOASJQBpqB%2FVh%2FOcgIhpbrT9%2Fq7oLhuzUbKT6NkAM62N"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75ff62ce6ee49118-FRA
expires: Thu, 27 Oct 2022 01:23:19 GMT

GET
H2 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 8490 93 KB
94 KB 34ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA&c=300&d=50&e=&g=776dfcdc8435cc70e63ecd1214a33699%2F85122125910442867&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666747399349&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpb2hc5hgysysvamx5bnhpvqr487thn95xenq80r3r5gtvtb8gmn8a7ssw59jbmgfsr456ztx8sedpqp5bmq0bqgazc867bt3fw0s41h294nevy035mgj37q0q7jcsfs3zwj8ebj5ec9p43yrwfv56q0p5ds63ktczcybvj7rkx2khe5d0agpjv96gdtk3tvp9g626vf4w4shdcf9e7kdn6yxhzb42hadjpr8vqw7tp33wmv5vtjrxknz7q5s4mz4azdge4p3bdvwngdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98545
cf-polished: origFmt=png, origSize=155400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avZ5%2B3boDYkIIiBU6mEErXFjGODiHzsJH3E23FPai%2B99OSpvYsHspM3TUFxTh8Gcy5fglKwAJeP8FqVSGFkGFHTs%2F9dERDw2RoJwFCy6DDKPB6awRC7dzx8b%2BEUdfUmH9MDY3%2FuDcUSed3Tk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75ff62ce6ee39118-FRA
expires: Thu, 27 Oct 2022 01:23:19 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 8490
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CIuAtfXd_PoCFUrBuwgdLA8LLw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1666747399_c661c070-54cc-11ed-9f2f-2266c0ccb091

0
517 B

99ms
29ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1666747399_c661c070-54cc-11ed-9f2f-2266c0ccb091
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA&c=300&d=50&e=&g=776dfcdc8435cc70e63ecd1214a33699%2F85122125910442867&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1666747399349&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpb2hc5hgysysvamx5bnhpvqr487thn95xenq80r3r5gtvtb8gmn8a7ssw59jbmgfsr456ztx8sedpqp5bmq0bqgazc867bt3fw0s41h294nevy035mgj37q0q7jcsfs3zwj8ebj5ec9p43yrwfv56q0p5ds63ktczcybvj7rkx2khe5d0agpjv96gdtk3tvp9g626vf4w4shdcf9e7kdn6yxhzb42hadjpr8vqw7tp33wmv5vtjrxknz7q5s4mz4azdge4p3bdvwngdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCK7YZBoxYY8ryJPGQlQe3xZDgDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDIzNzM5NTEyMzc1MDLIAQmpArXsn5WPt7A-4AIAqAMBqgSMAk_QIp6mga-sl0HNQWpV_Tn6F9-1HKmrXsxotkC1GknFPdRDpFukDuye-t5rtdbFeZg2RSygQBzeyb0XV95eRIEuW6MYwXDlzdxUBNef6E7FXBq4c-4PIQ7C871LXWPt1bQED-rQX3oulhZe4SuNp8Ac3LtJP4J-Np7wSZgOd66ZnxAfe8q8JFY5oaX-g2Dz7vLvzd9Wh2q3WQvRmwNblpbnKXcjtl1reRFLeGaRJHS7-I5SqIqekVt8-jmnNTssiOWRWi7b66RjA_yFHK8RKZTT_qjQqPXhS5AazvXGWwkf2n4w5qIkY4aa7d6i0K3LAiS-MAuITQSZq_CS-4waIKn4QkucD1cxTZo0ek_gBAGABqGxzo2O1OXN5AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_m0TalN9sjAKMwxtk19FrBRGshQ%2526client%253Dca-pub-6042373951237502%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:23:19 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Wed, 26 Oct 2022 01:23:19 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1666747399_c661c070-54cc-11ed-9f2f-2266c0ccb091
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BFD3 42 B
64 B 83ms
50ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscfdntIhYdP8qfettmVqtDcRXvAxpSLoukc_aaJwqaU-Bk1aV4SfXEgC-4rw9Dj7DErb3KfCvrl2zLLhFCB8hDTKaI9PGPbNVB1Hfrpd3ycqDwullk&sig=Cg0ArKJSzPVPG2BAGzAJEAE&id=lidar2&mcvt=1001&p=876,256,966,984&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221024&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3909097108&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666747398568&rpt=133&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 38ms
37ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abc28bd921c5d4927efd519f6fcd35993935fc1d80f05a6100e1e2c6da2d1946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11150
x-xss-protection: 0

GET
H2 200 19479410_G.png
wpgx.images.worldnow.com/images/ 66 KB
66 KB 34ms
32ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479410_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c1ee10292e6328c4e0a9e64c0eefc31456b216fe58e7bf94ce347a3d35e8db6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 67760
cf-resized: internal=ok/h q=0 n=9 c=45 v=2022.9.6 l=67760
last-modified: Tue, 09 Jun 2020 16:42:17 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfcosGtvoE6i9NUW2HILfiRA:7abf5cdf363221b3d278ec7ee87b4195"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62d1a9d05caa-FRA

GET
H2 200 19479412_G.png
wpgx.images.worldnow.com/images/ 144 KB
145 KB 72ms
70ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479412_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bb7ee02a42c7e43c2b4bd98eb5a1f03bee61cc33da050507ee2251724670766

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:20 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 147923
cf-resized: internal=ok/h q=0 n=10 c=27 v=2022.9.7 l=147923
last-modified: Tue, 09 Jun 2020 16:42:21 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfdPuZ5iiPsQcELZibU3OTVQ:0d8c7c54f779e2c0c8f4dfdf98327c4d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62d1a9d25caa-FRA

GET
H2 200 22945412_G.png
wpgx.images.worldnow.com/images/ 91 KB
91 KB 35ms
34ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/22945412_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a34c08596a05648761e7c8ce459c1dfdb8e241d6d29a669e9db29335a8354f9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 93338
cf-resized: internal=ok/h q=0 n=19 c=35 v=2022.9.7 l=93338
last-modified: Tue, 05 Jul 2022 13:20:30 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf2AwkU4yZgVgS6-c5thNXfw:39cc48d078e3bed1c9914ca569d88e23"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62d1a9d35caa-FRA

GET
H2 200 23522128_G.jpg
stacker.images.worldnow.com/images/ 7 KB
7 KB 34ms
33ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23522128_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666191121000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec0cf7c1797e6534470bccea76daf1e0b8d07fb96cec70a1ccafda988ecef29e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6960
cf-resized: internal=ok/h q=0 n=8 c=6+23 v=2022.10.4 l=6960
last-modified: Wed, 19 Oct 2022 18:52:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfHZBJVJHtRILBWyS2zsQZvQ:2745c2b5ef129d7c49fab03d1711b752"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62d1a9d45caa-FRA

GET
H2 200 23538528_G.jpg
cntsyncont.images.worldnow.com/images/ 2 KB
3 KB 36ms
35ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23538528_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666492479000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a2fc60091c50cbed19d697ea916e905d4c9174050ff6af1930b6ba87b65621b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2422
cf-resized: internal=ok/h q=0 n=4 c=3+8 v=2022.10.4 l=2422
last-modified: Sun, 23 Oct 2022 06:34:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfhuu5o20oBRXMGmz2WAkL-Q:0f70a64a63b9f9177817f1ac952ae41e"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62d1a9d55caa-FRA

GET
H2 200 23477333_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 38ms
37ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23477333_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665509457000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6885
cf-resized: internal=ok/h q=0 n=21 c=7+18 v=2022.10.4 l=6885
last-modified: Tue, 11 Oct 2022 21:30:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfsBOyQENXpj7YsNb7nr2T6Q:055cf492e00f3b5a5ef8e21cee83618d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62d1a9d75caa-FRA

GET
H2 200 23477332_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 37ms
37ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23477332_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665509455000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38ddc763f362ec861248b814820095bc3feb499f5f684251b4a85d4ad3cfeee4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8249
cf-resized: internal=ok/r q=0 n=24 c=8+16 v=2022.10.3 l=8249
last-modified: Tue, 11 Oct 2022 21:30:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfPIpaIQpqnJmjV63_Eofmwg:19e5d2e72dcafcfbd104ce5a860dd191"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62d1a9d85caa-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:23:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E256 13 KB
5 KB 24ms
17ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15272
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 21:08:48 GMT
expires: Wed, 25 Oct 2023 21:08:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6F87 783 B
536 B 40ms
37ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd92496bfcdbca95afbbcab02146e7693cfe5abedd7c5e61190ce43c17975a39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h1vkncQwRxA4T44tCUGrzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-h1vkncQwRxA4T44tCUGrzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:23:20 GMT
expires: Wed, 26 Oct 2022 01:23:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js Show response
pagead2.googlesyndication.com/bg/ Frame E256 36 KB
16 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 16:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15944
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 16:28:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F87 0
0 55ms
51ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102401&jk=2911656432363251&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 22966020_G.png
wpgx.images.worldnow.com/images/ 68 KB
68 KB 42ms
41ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/22966020_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32650a9b093f28dc490abf5176328505a04ee788c754f3a1b9a73d66fcfe8a8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:20 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 69455
cf-resized: internal=ok/h q=0 n=14 c=25 v=2022.9.7 l=69455
last-modified: Fri, 08 Jul 2022 15:50:38 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfG0HvZ5ZIqxyXK5uGSL1asg:ece14f95fdd13fa1b7576bd968937f7f"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62d28b945caa-FRA

GET
H2 200 23010093_G.png
wpgx.images.worldnow.com/images/ 136 KB
136 KB 43ms
42ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/23010093_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c17985959910799acd222feb28e36d3a95e0c147fe60f84357fd1858258f5d9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:20 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 138785
cf-resized: internal=ok/h q=0 n=14 c=28 v=2022.8.4 l=138785
last-modified: Mon, 18 Jul 2022 15:01:52 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfpwFQXbVrUGiq_aIskkweFA:77b69c44ed8ff649c29adf498775d93e"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62d28b955caa-FRA

GET
H2 200 23424443_G.png
wpgx.images.worldnow.com/images/ 95 KB
95 KB 30ms
30ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/23424443_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc292134380271405ccac0796b2499577265795b812f138812b66c90d7d843a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:20 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 97198
cf-resized: internal=ok/h q=0 n=21 c=43 v=2022.9.7 l=97198
last-modified: Fri, 30 Sep 2022 13:00:33 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfEssTN45z398XQQlR17EYiQ:1d5df1c886a6690e38d7e5c953ade88c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62d28b975caa-FRA

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E256 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xIawYQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102401&jk=2911656432363251&bg=!enmleT3NAAaaxvStusY7ACkAdvg8Wod-D5D9-YImolFbug2wX5KSpPB4Np6xKCB-4LAlvDjKl3gP1gIAAABXUgAAAAJoAQeZAqyG8fzSTotHUTYw4eSsRD6g3wkpsKDLQRpEy3Q_gvlprTC16vq-FKMm7YwfG0FIWWmQOEFqcAZnsG-9cTI2FWqtwycY7ANgE7lHLU_mx6ZMARJl0RDX-4YOANNaHtP-UC-tz_7QcQqmsCiY104yDJy_0_YZtl4ClCduaaFihYcfhPLH-5M1kjlgtWywnllc1Nl8BuWkyW0gyq8RWzhEFKHZ7e4tVBUnbWdnS7iD6O7gpR4s4FI5zf_O8_dKnlnz9EP3LYbeAdHRB1sQLiH2YhHPJnHvH6YOc6ufx8i1CbYL8ATGz6SROb85bHOs2lAJSrSyRpE76mm0Uic8YDqUEQorGykKOEpZZ0zCr6o4-ozL75VUi0z8Q_dgNN1kN9quCcW1IN7tn7Xer4T2UaV1O80k7u-p8CH-k8tJqfGC2dYUMJMWw_RKyrz5auZxa3uJP_3IsOeukHr2fzU7ujnI1XLP45b3i44AnofcA3xpPrN--Piizmbwh2W-mKBrZLEYefiLiM2Vb8z-NnCCyrC-td_m9urV-KCr06wLkIukxksOTP-6vlwTCy-jKzAcOyxNUBgr6cR2MQbBob1cT_YRgaXgXY8V2lyZ_2of-gqbI1IfDMGxYMO9JEZum5AIRwlg1DSc9VeAeSy004IVwb3NYhLuAVwYY6X9frpLiGIZ4JoTWT5Ou26zNTkW7PpmXiHhQwA1r9k0jU9EGb-Ep4-rw3Epik02nxrIRIIYLtxDcLhnJBy_P9slzIt3ImqssJwSFXpv9y4X9zsqA5hTw8y_RrhCEF1N2f1ZrciaRSEOPcgMbF-1qwOQBZdX9t2N8lOIt0ZOPGedb9x2hJtOpiRPPAHTczifMBUYuTNnvgrUBpLeo-muGLwHQGbhBl8iPpxojK-8j0Dd-ZsshFk_7Pk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 852 B
614 B 149ms
149ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32320

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ef29e5fb3704a23100a152e1f002fe74adc5836a96ede767271684a38aa034e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 462
x-xss-protection: 1; mode=block
x-response-time: 1460ms
server: cloudflare
etag: W/"354-jRKgAuIuHYZPmYKPBKlBgSWqXPU"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff62d9ee939bfb-FRA
expires: Wed, 26 Oct 2022 01:26:21 GMT

GET
H2 200 29_partlycloudy_night.png
ngw-static.franklyinc.com/assets/static/ 2 KB
2 KB 27ms
27ms Image
image/png 2606:4700:4400::6812:271c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/static/29_partlycloudy_night.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:271c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b83e17e6448f888d6fa1c118494b0d85b60e7072f64a340c46a2bb4d9ca8e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:21 GMT
cf-cache-status: HIT
x-amz-request-id: GW8Y71V03S9RBBJZ
age: 4
content-length: 1965
x-amz-id-2: 9VlWhvmj6lmFAqGVXtJnWhN8RqpfsVOrqCsQcJYPlrDA2bNXrmyatBNbZX7CCPW39dORM0L7T7g=
last-modified: Tue, 03 Mar 2020 16:10:24 GMT
server: cloudflare
etag: "60f42bc1d3ce24349624b79db059a7e3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff62d9e8fe68fb-FRA
expires: Wed, 26 Oct 2022 05:23:21 GMT

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame DD19 0
229 B 50ms
18ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=8cce4badcdec4c5781d7fc8f1404d1e0&gdpr=&gdpr_consent=&vdur=102&eoid=11&msrjs=3130&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=136&tetms=9&msltms=35&vltms=102&sei=289&vetms=5&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=8648&msrcannum=4&ismms=37&isumms=36&nvr=6&isgmmims=37&isgmv4mims=37&elmtp=3&isbxdms=3037&b11=3147&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&lftb=3147&sftb=3147&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=938&isuiabvms=938&isgmpims=36&isgmv4dpims=938&ispmxpms=938&engalms=35&dvp_hdnAd=0&dvp_dpr=1&ttfurm=3135&cbust=1666747401920872
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 26 Oct 2022 01:23:21 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 10/25/2022 01:23:21

GET
H2 200 19479412_G.png
wpgx.images.worldnow.com/images/ 321 KB
321 KB 33ms
33ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479412_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4b73c055fd5a37e9ab84a5dd3f0e2384d04d6a299e156eacca96c7724599af2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:23 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 328440
cf-resized: internal=ok/h q=0 n=67 c=6+206 v=2022.10.4 l=328440
last-modified: Tue, 09 Jun 2020 16:42:21 GMT
cf-bgj: imgq:82,h2pri
server: cloudflare
etag: "cfFwhFQ01DS4BM3kxwHNSVQw:0d8c7c54f779e2c0c8f4dfdf98327c4d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff62e4fd595caa-FRA

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 856 B
616 B 154ms
154ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32536

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

155fde42ba9c42a28fa8f094c9f539db9ea6048d70f5a2922061ddd2939cc400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 466
x-xss-protection: 1; mode=block
x-response-time: 1056ms
server: cloudflare
etag: W/"358-RNoaD0BPvnYEu1M7GzlykzDb09k"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff62ecaca79bfb-FRA
expires: Wed, 26 Oct 2022 01:26:24 GMT

Verdicts & Comments Add Verdict or Comment

387 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wpgxfox28.com/	1970-01-20 16:35:07	Name: _ga_L9W7PFFC9X Value: GS1.1.1666747397.1.0.1666747397.0.0.0
.wpgxfox28.com/	1970-01-20 16:35:07	Name: _ga Value: GA1.1.2143928551.1666747398
www.wpgxfox28.com/	1970-01-20 16:35:07	Name: _lang Value: en
.wpgxfox28.com/	1970-01-20 16:35:07	Name: _ga_frankly Value: GA1.2.2143928551.1666747398
.wpgxfox28.com/	1970-01-20 07:00:33	Name: _ga_frankly_gid Value: GA1.2.492169997.1666747398
.wpgxfox28.com/	1970-01-20 06:59:07	Name: _dc_gtm_UA-82494642-223 Value: 1
www.wpgxfox28.com/	1970-01-20 16:35:07	Name: _ga Value: GA1.1.2143928551.1666747398
www.wpgxfox28.com/	1970-01-20 07:00:33	Name: _gid Value: GA1.1.457417177.1666747398
www.wpgxfox28.com/	1970-01-20 06:59:07	Name: _gat_csWidget Value: 1
.doubleclick.net/	1970-01-20 16:20:43	Name: IDE Value: AHWqTUkIWQjn5U5FNQh-twyjKhNb46h727AYgdS_PbLKVigl5tk1gFuTZ_48i8seMBY
.doubleclick.net/	1970-01-20 06:59:08	Name: test_cookie Value: CheckForPermission
.3lift.com/	1970-01-20 09:08:43	Name: tluid Value: 752306686398567932577
.adfarm1.adition.com/	1970-01-20 09:08:43	Name: UserID1 Value: 7158625569402255503
.casalemedia.com/	1970-01-20 15:44:43	Name: CMID Value: Y1iMByMrMWt-dztc19ePhgAA
.casalemedia.com/	1970-01-20 09:08:43	Name: CMPS Value: 1151
.casalemedia.com/	1970-01-20 09:08:43	Name: CMPRO Value: 1151
.simpli.fi/	1970-01-20 15:46:09	Name: suid Value: BB0BA8D7FB76403EAC33ADE24B1C808A
.de17a.com/	1970-01-20 15:37:31	Name: guid Value: 1.400867311139963928
.casalemedia.com/	1970-01-20 09:08:43	Name: CMTS Value: 1125
.360yield.com/	1970-01-20 09:08:43	Name: tuuid Value: e68be9f4-19b3-42e6-9c13-f33816aa6c51
.360yield.com/	1970-01-20 09:08:43	Name: tuuid_lu Value: 1666747399
.awin1.com/	1970-01-20 07:09:12	Name: awpv11938 Value: 412871\|1666747399\|c661c070-54cc-11ed-9f2f-2266c0ccb091
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.wpgxfox28.com/	1970-01-20 16:20:43	Name: __gads Value: ID=18848f41a6c36b32-22a05b2b57ce0093:T=1666747398:S=ALNI_MbsJOP-8oJrMSC2tpq-YKAfhA9PTQ
.wpgxfox28.com/	1970-01-20 16:20:43	Name: __gpi Value: UID=00000b7870ae7b84:T=1666747398:RT=1666747398:S=ALNI_MYNJ7obMCvk_QxTeNOmsxf7ShrFpw
.congstar.de/	1970-01-20 07:09:19	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1666747399_c661c070-54cc-11ed-9f2f-2266c0ccb091%22%2C%22sp%22%3A%22awin%22%7D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wpgx.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wpgx.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 25) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://wpgx.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 26) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
banner.congstar.de
bcf34e1bdc9cc396c7853c3cd6015765.safeframe.googlesyndication.com
cdn.cityspark.com
cdn.doubleverify.com
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
cntsyncont.images.worldnow.com
code.jquery.com
content.worldnow.com
csp.azureedge.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
ftpcontent.worldnow.com
ftpcontent6.worldnow.com
imasdk.googleapis.com
match.360yield.com
maxcdn.bootstrapcdn.com
ngw-static.franklyinc.com
p.cityspark.com
pagead2.googlesyndication.com
prod-rtb.ad4mat.net
prsubmitpresslifestyle.images.worldnow.com
region1.google-analytics.com
rgcbv.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stacker.images.worldnow.com
static-de.ad4mat.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
um.simpli.fi
wpgx.images.worldnow.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.wpgxfox28.com
104.18.18.126
13.248.245.213
142.250.186.34
148.251.139.77
172.217.18.6
20.60.81.107
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2a
213.155.156.183
23.205.253.64
2600:1901:0:76b9::
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:71b
2606:4700:20::ac43:4a81
2606:4700:4400::6812:271c
2606:4700:4400::6812:27f7
2606:4700:4400::6812:2862
2606:4700:4400::ac40:939e
2606:4700:4400::ac40:948a
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c1b::9a
2a02:26f0:1700:16::b856:fbd6
2a02:26f0:6c00::210:ba11
2a02:fa8:8806:20::2040
34.149.12.213
34.249.253.107
35.204.158.49
52.1.85.239
52.160.40.218
85.114.159.118
01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7
065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b
06ee0f24a081353d90d81d02e624429bc370fbfe5a5c94f910dfd41ab9877586
074f252c7cf4938524a93bf2887302eb642298f65da05b46e8bffc6164fdf1da
0adda642d06c3b2804a96604c9edef761749138422b773baddb31afbe7ce4d9d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e37308e233d2d529d59945342bccbb9b24d55b3120179386933871d25e1867c
155fde42ba9c42a28fa8f094c9f539db9ea6048d70f5a2922061ddd2939cc400
16e3c51fd94d2e7a8b03ab2f6cef4ceffe738c0020a19648535ee2bd6479c9da
180f707c73f1687a2da87466d7497c011fceaec6bca87a884eb9077e1b63465f
1858a131216bb91b3cdafb167295cf5b555eb4f2e2cfcffdbdd0ee47f5878b9d
195ed5974f767542dd0cf8aa95bd476000c8a9d93134084f9f36006f5691fde7
199e5795b09dda994fd37e7c1c711a4385628fceb25dfbaebc19d0d587e80040
1dbf81886aa7ceb26a9359bd86e795494fbbcbd1312464d1e32d0cd33e8fb11e
1f7584acdcb0fd7e3be17c0558206be07649635809195eb398eb82d656521deb
2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
299cb162a3fb6c1db80bcfff3ccadde34e9e50d2ae13025c1917f62b1ca05e14
2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bb7ee02a42c7e43c2b4bd98eb5a1f03bee61cc33da050507ee2251724670766
2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71
2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30fc82b579909a8fc54d3b9656b5f109e3c75764823980d04781d1e9329befa1
32650a9b093f28dc490abf5176328505a04ee788c754f3a1b9a73d66fcfe8a8c
340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c
38ddc763f362ec861248b814820095bc3feb499f5f684251b4a85d4ad3cfeee4
3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4
3d6faad5938d180e05d24318e2556daf0e0dd35273b3e991daaad7265478969a
3ef29e5fb3704a23100a152e1f002fe74adc5836a96ede767271684a38aa034e
4156f57c3080b420ebef3ed8d5919f91359e998ee9a1aeadce9aa5f3f53a5d4b
48918968dd9a4892fb71a9f6fd0d25826f727dd379406cf755174e30cd13d81b
49fb1b41a55d8a54f546502d1990558fdec7d22f4a551c386c9ce1c059c8f6b7
4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e
4c1ee10292e6328c4e0a9e64c0eefc31456b216fe58e7bf94ce347a3d35e8db6
4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec
4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785
4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167
50fe076b4a51c3307b7b88dd25fbdb3e4fc1fb0118f353f9edfe2ea73b33257d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f138d62a5d56b269b25d58da8041bd70b9765cdd99e9c2bbb6f705b2e7790f4
607fb035cd784740222458bcb31a47cdc7a2031cd8029d7c827d34ca92cc45c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52
634230ba15e7926e313af452f7001f9f91680f68a28a16851192ea4888c8bf86
646f822b200d3945414f6d39a6218348f33974446ae17193bfaf2c8e1fd8bb4a
66a996171ae9eb153040fb9bfaae96ec6f14b16d72d4390d95adbea8c31b4931
6a644bae263fe0b6f0db2237db0dd4341f43b107e3ea4b99d1f0b1f615267cf9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc3f3a80e8e41ab016933c5070ef6e94dadc39d0f41abb1e2c0899f3cd93fab
70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2
734c0ba074ffcf4bd3e7d10f27abf07bd4ed00b8c9d2c245cf1420df1dbfbad7
784cf734171b1a5c9adb298caeeaf3a4f254e6811a9ee3d52489604e4c8e9222
79bbd067eff59b0e77f2c105b6a23129e341e4e0ed12a27e2618216fc1e850e0
7c31a7b0990af81a279b26ca80b9c39f73e1ade39f7fd9117950b1d558e52e2c
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6
7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4
7ff59ff6b3c6226cb21ae31fc508b7e1916f3037f44f485d895b30def5e92b41
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
865d512b0631d33b932cc8a563cb738bcddab918ef1d66057bbbab948e7e33fc
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87877c3fdbc67431e502b0db54a04d76b5f8de82a4eaa87f55674a3aa6168a45
880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a2fc60091c50cbed19d697ea916e905d4c9174050ff6af1930b6ba87b65621b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9269e1d00da11f333cedf8d2a21a22c6475e377ae0bb2f03d99b94a2e1cded2f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
98818d35d4c98fa17afc5b59d080fefa902ea8c8ca10601591eca13b65f6c2d2
9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed
9ddf568f70123e07d50cb4bb2fd5f687c105e6cb814a8914cfbdfd736ab73f12
9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d
a09418608b20fe6cdb6170bcacef77b5f2ad242193ad2a0f88a6294d7a421416
a34c08596a05648761e7c8ce459c1dfdb8e241d6d29a669e9db29335a8354f9c
a4433dfc74edabc0149be97a7ae6f3e5d81c4ac424504c64478296e49bc561e4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a975ed5a70fb131883fd1ec66ed577c5e07b8e2cd14bdc540d4abc7ab879019e
a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024
aa07d80aec8be3bb2ab5e5872b20e5cb3d480c890e05546c57d2d48042977d8c
aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1
abc28bd921c5d4927efd519f6fcd35993935fc1d80f05a6100e1e2c6da2d1946
ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db
ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf
b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca
bd92496bfcdbca95afbbcab02146e7693cfe5abedd7c5e61190ce43c17975a39
be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222
c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f
c17985959910799acd222feb28e36d3a95e0c147fe60f84357fd1858258f5d9b
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2c16cae7de7a79ac3a5404b76dabb5ba25708562ce7767a6113f08d17c70f74
c75ed3445dc651b309ab4c0956bcd9fcbc3353d685ce76d9e925fc15dc9fd4de
c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26
ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167
ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1
cdbfc79eb2d21f053b4ddf353cc46aecb68a876785c2cc63326bd204e9f6c982
cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9
d276300072ba9ba3c91c2af4c51b1035dd957da6f6545a94eaf713b67996b47f
d860e91242b6b2dbc46a04b545ddbcc4a53a01d7343dcb9d011bf8853a441a7f
d99171489f4050fea6a4c2440c9d0337f8ae8b2bedb7116587687621d85d7261
dc292134380271405ccac0796b2499577265795b812f138812b66c90d7d843a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b73c055fd5a37e9ab84a5dd3f0e2384d04d6a299e156eacca96c7724599af2
e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4
ec0cf7c1797e6534470bccea76daf1e0b8d07fb96cec70a1ccafda988ecef29e
ec25e446c06cec80c5406b4e62ddc1173f1b8496397ee986a254e5e5642b15eb
edaeb4ebf21c6cafb34661054ce8a3603eb51fa0b207305c4ae7592f8f98793d
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e49738dac457f1c0b1b906c96da239b5b2361e4318a31b401487ac1dd89077
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b83e17e6448f888d6fa1c118494b0d85b60e7072f64a340c46a2bb4d9ca8e6
f84075094722379c5166b269b0cb0663503923b9433c944d31958a92caa1c48d
fbbfef54b7356d5976be2578760874b170b4fcbed606288da533c60e173e2e2b

www.wpgxfox28.com Open in urlscan Pro 2606:4700:4400::6812:27f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

167 Requests

96 %HTTPS

69 %IPv6

31 Domains

51 Subdomains

37 IPs

8 Countries

6002 kBTransfer

14587 kBSize

26 Cookies

32 Outgoing links

Page URL History

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wpgxfox28.com Open in urlscan Pro
2606:4700:4400::6812:27f7 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

96 %
HTTPS

69 %
IPv6

31
Domains

51
Subdomains

37
IPs

8
Countries

6002 kB
Transfer

14587 kB
Size

26
Cookies

167 HTTP transactions
3 data transactions