trfnews.i234.me Open in urlscan Pro
184.99.187.226 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Submission: On March 29 via manual (March 29th 2023, 9:20:02 pm UTC) from US — Scanned from DE

Summary HTTP 174 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 35 domains to perform 174 HTTP transactions. The main IP is 184.99.187.226, located in Fargo, United States and belongs to CENTURYLINK-US-LEGACY-QWEST, US. The main domain is trfnews.i234.me.
TLS certificate: Issued by R3 on February 4th 2023. Valid for: 3 months.

This is the only time trfnews.i234.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	184.99.187.226 184.99.187.226	209 (CENTURYLI...) (CENTURYLINK-US-LEGACY-QWEST)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	46.101.145.111 46.101.145.111	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	167.71.54.9 167.71.54.9	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
20	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.28.63.52 52.28.63.52	16509 (AMAZON-02) (AMAZON-02)
1 11	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:eb09:ecfd:dac6:f566	16509 (AMAZON-02) (AMAZON-02)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	2.23.197.36 2.23.197.36	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.40.2.151 23.40.2.151	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.56.129.202 52.56.129.202	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
4	13.41.237.201 13.41.237.201	16509 (AMAZON-02) (AMAZON-02)
174	40

42 184.99.187.226 (Fargo, United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)
PTR: 184-99-187-226.frgo.qwest.net

trfnews.i234.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.101.145.111 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.webpushr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.54.9 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

analytics.webpushr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.63.52 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-63-52.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:eb09:ecfd:dac6:f566 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.197.36 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-36.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.40.2.151 (Paris, France)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-2-151.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.56.129.202 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-129-202.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.41.237.201 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-237-201.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	i234.me trfnews.i234.me	827 KB
24	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 26975 ad4m.at — Cisco Umbrella Rank: 9897 assets.ad4m.at — Cisco Umbrella Rank: 39498	697 KB
24	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 285 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	38 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	222 KB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	911 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	139 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18634 api.webgains.io — Cisco Umbrella Rank: 52635	63 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 90	16 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 jnn-pa.googleapis.com — Cisco Umbrella Rank: 237	32 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 115789 static-de.ad4mat.net — Cisco Umbrella Rank: 149981	7 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2284 www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	156 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 51648	30 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 34696	4 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 17281	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1320	460 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	2 KB
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 1912	573 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	529 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 830	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	98 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7832	696 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	89 KB
2	webpushr.com cdn.webpushr.com — Cisco Umbrella Rank: 28342 bot.webpushr.com Failed analytics.webpushr.com — Cisco Umbrella Rank: 40244	12 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	714 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6349	556 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3163	104 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 828	340 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 340	465 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1512	588 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 712	465 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	600 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	53 KB
174	35

	Domain	Requested by
42	trfnews.i234.me	trfnews.i234.me www.youtube.com
12	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net trfnews.i234.me
11	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
11	www.youtube.com	trfnews.i234.me www.youtube.com
8	assets.ad4m.at	as.ad4m.at
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
8	pagead2.googlesyndication.com	trfnews.i234.me pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	api.webgains.io	analytics.webgains.io
4	jnn-pa.googleapis.com	www.youtube.com
3	www.google.com	www.youtube.com tpc.googlesyndication.com googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com trfnews.i234.me
3	www.googletagmanager.com	trfnews.i234.me www.googletagmanager.com
2	cdn.track.production.webgains.team	as.ad4m.at track.webgains.com
2	analytics.webgains.io	track.webgains.com
2	track.webgains.com	as.ad4m.at
2	www.awin1.com	as.ad4m.at
2	static-de.ad4mat.net	as.ad4m.at
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	prod-rtb.ad4mat.net	googleads.g.doubleclick.net trfnews.i234.me
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	connect.facebook.net	trfnews.i234.me connect.facebook.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	trfnews.i234.me
1	analytics.webpushr.com	cdn.webpushr.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.webpushr.com	trfnews.i234.me
1	fonts.googleapis.com	trfnews.i234.me
0	bot.webpushr.com Failed	cdn.webpushr.com
174	48

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
pinterest.com

Subject Issuer	Validity	Valid
trfnews.i234.me R3	`2023-02-04` - `2023-05-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.webpushr.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-13` - `2023-05-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-06` - `2023-04-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-02-11` - `2023-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 21 frames:

Primary Page: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Frame ID: EA3ED6E76688EE70C389ACFFDC7E5A0B
Requests: 77 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
Frame ID: CDCF16A30FB88443BF978371811CD10D
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230327/r20190131/zrt_lookup.html
Frame ID: 9018D63F88D3592BEC6F91CD699B417C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=208453893&adf=1183505835&pi=t.ma~as.6622280029&w=728&lmt=1680124796&format=728x90&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796400&bpp=5&bdt=1682&idt=203&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&correlator=5948567071963&frm=20&pv=2&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gdVFo1WLCM&p=https%3A//trfnews.i234.me&dtd=223
Frame ID: CA02FBB55904BDE9E9A580BDEBE818B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&adk=1812271804&adf=3025194257&lmt=1680124796&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_r&format=0x0&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796405&bpp=3&bdt=1686&idt=226&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=255
Frame ID: 91EFB47BA131B1986D5C11ED4F3A57CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=1523374986&adf=1357195756&pi=t.ma~as.6622280029&w=468&lmt=1680124796&format=468x60&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796408&bpp=1&bdt=1690&idt=257&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=1136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8R9B56dRW&p=https%3A//trfnews.i234.me&dtd=263
Frame ID: 520BF07478E30576E8777B43B704D429
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=1523374986&adf=2384712805&pi=t.ma~as.6622280029&w=468&lmt=1680124796&format=468x60&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796409&bpp=1&bdt=1690&idt=274&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bnzGLwxMoy&p=https%3A//trfnews.i234.me&dtd=279
Frame ID: 007B34D648DDA5652AF81B2CDD27AC76
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=250&slotname=6622280029&adk=2208689566&adf=3262530445&pi=t.ma~as.6622280029&w=300&lmt=1680124796&format=300x250&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796411&bpp=1&bdt=1692&idt=283&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=udQiDyza03&p=https%3A//trfnews.i234.me&dtd=287
Frame ID: 62E3AD2D26A30B6478C5341D9DB4BD2B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=899296659&adf=2614346290&pi=t.ma~as.6622280029&w=728&lmt=1680124796&format=728x90&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796412&bpp=1&bdt=1693&idt=292&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=jaLPJlTQZ6&p=https%3A//trfnews.i234.me&dtd=296
Frame ID: 8FB8B7476CF42F5A15A64352CFDBC776
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F6BB14394D38A0B6161B5C462464C3FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2CC1EBD3E1254B69F6BCE0EEE891D67
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=280&adk=825265365&adf=272046723&pi=t.aa~a.1304393016~rp.1&w=696&fwrn=4&fwrnh=100&lmt=1680124796&rafmt=1&to=qs&pwprc=5217193664&format=696x280&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796959&bpp=2&bdt=2241&idt=2&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90&nras=2&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5FK9okKdbk&p=https%3A//trfnews.i234.me&dtd=11
Frame ID: 8D7EBCDE24246038DDA30EF46E1F0080
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kxhcb8t2n2pwb691hqm8ybdtp0bs9m5e8e4v33y7jfg8wztkq8yh3fhhcc9tf45yehspfmsw9my1c8xdjgnzdyvzn6pexx9wvm64gdwjfj8ch7m4gdpkzstnk6a1295sqmzzgn6k731w6syzrqnhb13k8s9b6w57s9a82jf0rgryza31x1aabtxxa40bg7r9bnfw4vqs1nysk2hy44n2av79en9gm2av30k9s4yv37af94hh2zr388s21f7516pwy9w8e98g9vze6axqfsd1d6cav4wn5tf7ht1wrezhjsnqke96x8f3aq2n31svf2gaaezc2ze683r93hvsxyer0enp2qe5vdjsahwazcbbzrreszwsyx2q3qxvrkaj77ccac6y8atvq6n50bd9gyqh6sapx8nzcp1q21z5yzbb02cxgp84dkdnn0f4k0xbcbtra34jyv3bg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%26client%3Dca-pub-3868038712334580%26adurl%3D
Frame ID: B38A2D0C486D62D1E3BE6F15E225CCF4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F32CBAE9619C4BDFE49264F57A451741
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CEYQUfKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSkAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFOp6vOwzENlcpKn4JO53dhsUmWgMDKfYk7yECLtfX6D4nJzPLPLEyABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM4NjgwMzg3MTIzMzQ1ODAYAA&sigh=YIQW2nTCRxk&uach_m=[UACH]&cid=CAQSKQDUE5ym3WYwLs7jAihXzz2HqDUabR2wfy4W2j3944smV991xny8DI43GAE
Frame ID: EDDDA7664EB3BF40B921DC9277C1D172
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jw5g02w411ymphx3rvxvrm3p9g5898e698z432qt6n8k4hp55ap8pn89zeg0sn50drtnt7z2twjh6p6mcwjzxj72hgsjvvwx262npdts6zvfyf6dwdjr0nmwz4grnrqtvk0vekrgc86tt6zjnv9nd76dvk9bcawkc8sq9w8b7m47c1s6ye3nz0gyxfe52gxna3vfdq9srzamnj6wqm4y05e3x2nndxy9yd9rpbtp7atjyktgksnej3an09aw33t4r4nnkd7x82sxgmpwywyzvbfwakkhvz9t9kgdpmt8z68p4y1tvta1c6nz7a3reh6wym713ar37kbc6t4ect42tbnygrcdfgw7rfzwxrfed1mmbsyx5x4mrrzx12513377yn1g7jjvnvx68h8x6cc2r5hb78bhk52hdhyr060vc6b3rjdc2ynjvncnxm1qvkkaag4wyzb7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%26client%3Dca-pub-3868038712334580%26adurl%3D
Frame ID: DCECD5D4D95A077AA3648F77071C18B2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6FD9773C3A4B1D51B3D617035C7B9D54
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 972554636D9A852B48568B48413E041C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 851EE56CA2D26360989010B947F02571
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Frame ID: CE2F7A5CB8C393E8FA3C979A608EC755
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=4cac2ab6d8f9ae5b0f26b49e0575210b%2F5371679775668650549&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7gn4hggnc77y6mkahpdjgyep43v9e3rw6zmbegcv3dgjpcmrb6f1mxv9bvrsjhpfbddb7sf7cnj7n232qv1cfakxqr96sgp63jfstg2znyksxxwp7cbykmk3wyte9krxa78ha2hkbcdrce8sa8fqskscmw3064fd0q10rj3b536ckzxwn4hr6jwhz2magb0qbq5h3v4v719mss5njxqhcpw7gtw8s2yq6gpm3ncwwfqbv96e3bd49vqyx118s335qxekv6rggcqty4bf3kdf9hqw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Frame ID: 904DB0E3C5941AFADAA41A38D5CAC843
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News Healthy relationships for high schoolers A new social media challenge - TRF News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

174
Requests

94 %
HTTPS

60 %
IPv6

35
Domains

48
Subdomains

40
IPs

7
Countries

3421 kB
Transfer

9321 kB
Size

22
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TRFNEWSs

Search URL Search Domain Scan URL

URL: https://twitter.com/thiefriverfallz

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCmzdqAKg-O4C4Ghh7fLTaDw

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=News+++Healthy+relationships+for+high+schoolers+A+new+social+media+challenge&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&via=TRF+News
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/&media=https://trfnews.i234.me/wordpress/wp-content/uploads/2023/03/News-Healthy-relationships-for-high-schoolers-A-new-social-media.jpg?v=1678108954&description=News+++Healthy+relationships+for+high+schoolers+A+new+social+media+challenge
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/ThiefRiverFallz
Title: Follow

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 130

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKG9lEfI7q_Dsjzs1T9Hw8I&google_cver=1&google_push=Aer7DvJWtXGyV3G0wdNhvFQQLt-_M8lVPdLpj37U3XD6VipxvBmt1tcEhrAlvxYTJJYUa4iIR2-DhtfUDr9X_j8kOwKCVz7I_tCEtQA6 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKG9lEfI7q_Dsjzs1T9Hw8I&google_cver=1&google_push=Aer7DvJWtXGyV3G0wdNhvFQQLt-_M8lVPdLpj37U3XD6VipxvBmt1tcEhrAlvxYTJJYUa4iIR2-DhtfUDr9X_j8kOwKCVz7I_tCEtQA6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UkRDZmx1YU0xUEhEZDM1&google_gid=CAESEKG9lEfI7q_Dsjzs1T9Hw8I&google_cver=1&google_push=Aer7DvJWtXGyV3G0wdNhvFQQLt-_M8lVPdLpj37U3XD6VipxvBmt1tcEhrAlvxYTJJYUa4iIR2-DhtfUDr9X_j8kOwKCVz7I_tCEtQA6

Request Chain 133

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDYzvoPGig_JZBM1vc36DWU&google_cver=1&google_push=Aer7DvJL0i4wwgde0A7yL9FyUiJGjGvGCj-KZs_OdS8BJEmtfv6ZNV35G85VK408lPZDZ0fR_L88_EJFrtDVhr3LomPYDOjHBGHmx6wD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxNjA4MTA1NjMyMzUzMjk0NQ%3D%3D&google_push=Aer7DvJL0i4wwgde0A7yL9FyUiJGjGvGCj-KZs_OdS8BJEmtfv6ZNV35G85VK408lPZDZ0fR_L88_EJFrtDVhr3LomPYDOjHBGHmx6wD

Request Chain 134

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFmo6Vxr9bvWgSes_R09K9E&google_cver=1&google_push=Aer7DvLW-ruqxTC6I-tJvNcHRqE5JtgzgOKWLicUhJp3vf0yqGRUQmYGQQLT_EDkHwhOjUYMRAUaB8kehao_CGiMcksWqmHQ6dPIJo9a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZVNlhBSVktMU0tSFdJRg==&google_push=Aer7DvLW-ruqxTC6I-tJvNcHRqE5JtgzgOKWLicUhJp3vf0yqGRUQmYGQQLT_EDkHwhOjUYMRAUaB8kehao_CGiMcksWqmHQ6dPIJo9a

Request Chain 135

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHqs7ByMURnUsLxjz7K0OvY&google_cver=1&google_push=Aer7DvLNalq1czjdVHt9HpUYmkU__31JJzDfDwab5uGuCoK4TrV3p2icn3WkUsR4Ko6tuiPR15H1SM6rL6o_5F9ale5K742O0sV5kU-J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLNalq1czjdVHt9HpUYmkU__31JJzDfDwab5uGuCoK4TrV3p2icn3WkUsR4Ko6tuiPR15H1SM6rL6o_5F9ale5K742O0sV5kU-J

Request Chain 141

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPKLmEDS-z_eVyCxfu6X7Rw&google_cver=1&google_push=Aer7DvKQ0ZFWCqaf3-Kjf__u5qWEgMDELX_EOmwmPGn7RJqXLd1qF8zFkhXCknnkLVFpHca_I5TX41bcOMrkd_dM-qbI3-m1PG7HQA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aer7DvKQ0ZFWCqaf3-Kjf__u5qWEgMDELX_EOmwmPGn7RJqXLd1qF8zFkhXCknnkLVFpHca_I5TX41bcOMrkd_dM-qbI3-m1PG7HQA&google_hm=hmQkq30GaUun5Db0Rg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6424AB7D06694BA7E436F446BLIS

Request Chain 142

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMyb55GgMz0Y-oy4AiJe8yc&google_cver=1&google_push=Aer7DvL-EytGFhyrJY-3gXnT19gGsOzWbygtqxzciuJ3UUYmD9HxpEK_v4Ju500WFh7MY3ZGnb5QvQhibw0GRqDB_rqv47oYZyBny6M HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ysoOFr55T3-GVZIE4cxALg2&google_push=Aer7DvL-EytGFhyrJY-3gXnT19gGsOzWbygtqxzciuJ3UUYmD9HxpEK_v4Ju500WFh7MY3ZGnb5QvQhibw0GRqDB_rqv47oYZyBny6M

Request Chain 143

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEITVbyREdbLVpGnjGkJKDPc&google_cver=1&google_push=Aer7DvKo7HmZUCgBwyEmuz-GRPADS01RmGtNaQWu49VZTW3AjkcUiA3Npch65yL-v38fc_KILd6RwWwBcC1ITcPAsONHF5IFOFZ2Eik HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKo7HmZUCgBwyEmuz-GRPADS01RmGtNaQWu49VZTW3AjkcUiA3Npch65yL-v38fc_KILd6RwWwBcC1ITcPAsONHF5IFOFZ2Eik&google_hm=eS00WnNraWxsRTJwRjZPZmo5UjJULmkuaTVsb1liZV9wdn5B

Request Chain 144

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIBJJOS_P3Lm73PkaB_rbKg&google_cver=1&google_push=Aer7DvIb-lUOT0SPoaNOSiPpKSV0YyuWVaXgc8UThhP8P0PBMoLxuk03P5LRIAtqNAG770vSX1oOuFJAExl1HtEJbALszwUB5iM0KA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIBJJOS_P3Lm73PkaB_rbKg&google_push=Aer7DvIb-lUOT0SPoaNOSiPpKSV0YyuWVaXgc8UThhP8P0PBMoLxuk03P5LRIAtqNAG770vSX1oOuFJAExl1HtEJbALszwUB5iM0KA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIBJJOS_P3Lm73PkaB_rbKg&google_hm=ZCSrfQsMA996bdiNGk29pQAACK8AAAIB&google_nid=index&google_push=Aer7DvIb-lUOT0SPoaNOSiPpKSV0YyuWVaXgc8UThhP8P0PBMoLxuk03P5LRIAtqNAG770vSX1oOuFJAExl1HtEJbALszwUB5iM0KA

Request Chain 145

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOp-YLeIBkp2G8UuKQj6mEE&google_cver=1&google_push=Aer7DvLTzkPhuEdeUcQR7gpx7VXFmQ31d-ZQcZ-406jDvc7GYumVQMyXv52vGM_iEEiid0_oyy8m9x0gVdCSDWaPAoQBVyY6N_JpOW0q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLTzkPhuEdeUcQR7gpx7VXFmQ31d-ZQcZ-406jDvc7GYumVQMyXv52vGM_iEEiid0_oyy8m9x0gVdCSDWaPAoQBVyY6N_JpOW0q HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

174 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/ 214 KB
36 KB 4150ms
3769ms Document
text/html 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 0e457e2007cb6ce944119c43898dd894d210bcf2fbd3afe7e13092da7af51ce5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 35949
content-type: text/html; charset=UTF-8
date: Wed, 29 Mar 2023 21:19:59 GMT
link: <https://trfnews.i234.me/wordpress/wp-json/>; rel="https://api.w.org/", <https://trfnews.i234.me/wordpress/wp-json/wp/v2/posts/40839>; rel="alternate"; type="application/json", <https://trfnews.i234.me/wordpress/?p=40839>; rel=shortlink
server: nginx
vary: Accept-Encoding,User-Agent
x-pingback: https://trfnews.i234.me/wordpress/xmlrpc.php

GET
H2 200 style.min.css
trfnews.i234.me/wordpress/wp-includes/css/dist/block-library/ 79 KB
13 KB 281ms
269ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:53:37 GMT
server: nginx
etag: "13abe-5df37fb5e2640-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 13104

GET
H2 200 styles.css
trfnews.i234.me/wordpress/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 286ms
273ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 09:28:39 GMT
server: nginx
etag: "aab-5df59ffb9bfc0-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 1034

GET
H2 200 dashicons.min.css
trfnews.i234.me/wordpress/wp-includes/css/ 58 KB
36 KB 295ms
283ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-includes/css/dashicons.min.css?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:53:37 GMT
server: nginx
etag: "e688-5df37fb5e2640-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes

GET
H2 200 frontend.min.css
trfnews.i234.me/wordpress/wp-content/plugins/post-views-counter/css/ 215 B
348 B 286ms
274ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.3.12
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Sun, 05 Feb 2023 23:30:23 GMT
server: nginx
etag: "d7-5f3fc4c6faf1c-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 160

GET
H2 200 wp-automatic.css
trfnews.i234.me/wordpress/wp-content/plugins/wp-automatic/css/ 3 KB
901 B 287ms
276ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Sun, 26 Mar 2023 12:34:12 GMT
server: nginx
etag: "a99-5f7ccd7ff555b-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 712

GET
H2 200 screen.min.css
trfnews.i234.me/wordpress/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 289ms
278ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.46
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 10a2439001d53cac93726a7b6f5b1fbc3dc1af341589c3a1759703c66bf21fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Sat, 18 Mar 2023 00:02:08 GMT
server: nginx
etag: "15f8-5f72167a3c3df-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 1641

GET
H2 200 style.css
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
6 KB 290ms
280ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 20:13:14 GMT
server: nginx
etag: "92ec-5f4c2b5cd5c44-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 5958

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 52ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.3

Requested by

Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

092804d065eee9d096bea623a228ce7fe27d7791cd9f50f2d3faa63b1c54668a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Mar 2023 21:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 20:53:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Mar 2023 21:19:54 GMT

GET
H2 200 style.css
trfnews.i234.me/wordpress/wp-content/themes/Newspaper/ 149 KB
31 KB 303ms
295ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/themes/Newspaper/style.css?ver=12.3
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 20:12:56 GMT
server: nginx
etag: "2557c-5f4c2b4b55b15-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 31475

GET
H2 200 td_legacy_main.css
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 161 KB
30 KB 304ms
297ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 20:13:10 GMT
server: nginx
etag: "2828e-5f4c2b5910391-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 30473

GET
H2 200 td_standard_pack_main.css
trfnews.i234.me/wordpress/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 715 KB
85 KB 305ms
298ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9ce2c1ff12ade0672995751ed7cb59b1
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 20:14:22 GMT
server: nginx
etag: "b2d2a-5f4c2b9d9c378-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes

GET
H2 200 demo_style.css
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/magazine/ 4 KB
1 KB 457ms
451ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/magazine/demo_style.css?ver=12.3
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: ffe72da830df829bce216164b9feb9f2a6b2f5273dbcbe64f27d00cab07e598c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 20:13:12 GMT
server: nginx
etag: "ec6-5f4c2b5a89e55-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 1118

GET
H2 200 tdb_main.css
trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/css/ 34 KB
7 KB 458ms
452ms Stylesheet
text/css 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 20:13:37 GMT
server: nginx
etag: "882f-5f4c2b72e7b92-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 6977

GET
H2 200 jquery.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/jquery/ 87 KB
34 KB 460ms
455ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:53:37 GMT
server: nginx
etag: "15db1-5df37fb5e2640-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 34792

GET
H2 200 jquery-migrate.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/jquery/ 11 KB
5 KB 457ms
452ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:53:37 GMT
server: nginx
etag: "2bd8-5df37fb5e2640-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 4453

GET
H2 200 main-front.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/wp-automatic/js/ 1017 B
592 B 455ms
451ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/wp-automatic/js/main-front.js?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Sun, 26 Mar 2023 12:34:12 GMT
server: nginx
etag: "3f9-5f7ccd8005341-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 393

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
68 KB 52ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NW06L14YXV

Requested by

Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b70798fde2cc3f682d906eb5fa690b150888bfb4eb7257cd1f61faf558f0b1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69033
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Mar 2023 21:19:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/ 18 KB
6 KB 152ms
151ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:53:37 GMT
server: nginx
etag: "4705-5df37fb5e2640-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 5516

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 46ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129116107-3

Requested by

Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfd52c0202d3aa458abd7018d0da13971b9b27eccbdfd79d1a13ec33176634b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44832
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Mar 2023 21:19:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 112ms
69ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

952ced9b3c00cf94d0426377dc8cd434bdb3784dee2695958bd985983a5dcf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48733
x-xss-protection: 0
server: cafe
etag: 281141137336498514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 21:19:55 GMT

GET
H2 200 regenerator-runtime.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/dist/vendor/ 6 KB
3 KB 320ms
312ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:53:37 GMT
server: nginx
etag: "1906-5df37fb5e2640-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 2551

GET
H2 200 wp-polyfill.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/dist/vendor/ 16 KB
7 KB 321ms
312ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:53:37 GMT
server: nginx
etag: "4056-5df37fb5e2640-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 6559

GET
H2 200 index.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/contact-form-7/includes/js/ 9 KB
4 KB 319ms
312ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 09:28:39 GMT
server: nginx
etag: "25f8-5df59ffb9bfc0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 3532

GET
H2 200 underscore.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/ 19 KB
8 KB 320ms
313ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:53:37 GMT
server: nginx
etag: "4a84-5df37fb5e2640-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 7922

GET
H2 200 js_posts_autoload.min.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 319ms
313ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 20:13:37 GMT
server: nginx
etag: "14e2-5f4c2b72ecd99-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 2148

GET
H2 200 tagdiv_theme.min.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/js/ 301 KB
83 KB 321ms
315ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.3
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 20:13:13 GMT
server: nginx
etag: "4b207-5f4c2b5c52aae-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 comment-reply.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/ 3 KB
2 KB 318ms
313ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-includes/js/comment-reply.min.js?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:53:37 GMT
server: nginx
etag: "ba8-5df37fb5e2640-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 1383

GET
H2 200 smush-lazy-load.min.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 318ms
314ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.6
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Fri, 10 Mar 2023 01:27:18 GMT
server: nginx
etag: "1ef2-5f681a97c9aab-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 3834

GET
H2 200 js_files_for_front.min.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/js/ 185 KB
52 KB 319ms
315ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 20:13:37 GMT
server: nginx
etag: "2e345-5f4c2b72ec1e1-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 52533

GET
H2 200 wp-embed.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/ 1 KB
977 B 318ms
315ms Script
application/javascript 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:53:37 GMT
server: nginx
etag: "592-5df37fb5e2640-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 778

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame CDCF 0
0 Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: image/gif

GET
H2 404 1.jpg
trfnews.i234.me/wordpress/wp-content/uploads/2022/12/ 119 KB
119 KB 730ms
730ms Image
text/html 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2022/12/1.jpg?v=1670241682
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: e9c251d0f2216133d2268e3dad5ccac1339740d4460044c0a2fc5ec8f0681829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 29 Mar 2023 21:20:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
server: nginx
link: <https://trfnews.i234.me/wordpress/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 390 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13b67107cd25011fb7544b2c9735c199569411e92273a52cd380f39c19bb7259

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 newspaper.woff
trfnews.i234.me/wordpress/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 154ms
152ms Font
font/x-woff 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/wp-content/themes/Newspaper/style.css?ver=12.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer: https://trfnews.i234.me/wordpress/wp-content/themes/Newspaper/style.css?ver=12.3
Origin: https://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
last-modified: Wed, 15 Feb 2023 20:12:55 GMT
server: nginx
etag: "82d0-5f4c2b4b1c525"
vary: User-Agent
content-type: font/x-woff
accept-ranges: bytes
content-length: 33488

GET
H2 200 newspaper-icons.woff
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 6 KB
6 KB 151ms
150ms Font
font/x-woff 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

Referer: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Origin: https://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
last-modified: Wed, 15 Feb 2023 20:13:10 GMT
server: nginx
etag: "1744-5f4c2b59126b9"
vary: User-Agent
content-type: font/x-woff
accept-ranges: bytes
content-length: 5956

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 29ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 132136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 35ms
13ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 132135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 38ms
16ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 132137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 132136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:39 GMT

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 elements.png
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
4 KB 150ms
150ms Image
image/png 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
last-modified: Wed, 15 Feb 2023 20:13:10 GMT
server: nginx
etag: "10fc-5f4c2b593266c"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 4348

GET
H2 404 13.jpg
trfnews.i234.me/wordpress/wp-content/uploads/2022/12/ 119 KB
119 KB 726ms
725ms Image
text/html 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2022/12/13.jpg?v=1670241907
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 987eb3b6bcddc8840293b70321b1cff9d39476c0180cccfb20f41692d7d85283

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 29 Mar 2023 21:20:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
server: nginx
link: <https://trfnews.i234.me/wordpress/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
trfnews.i234.me/wordpress/wp-admin/ 39 B
417 B 571ms
571ms XHR
text/html 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

https://trfnews.i234.me/wordpress/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=12.3

Requested by

Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

184-99-187-226.frgo.qwest.net

Software

nginx /

Resource Hash

b7a793103cc02f4757648f3abe5499ee69acc5cabe284adab055da40ff9e3fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 29 Mar 2023 21:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://trfnews.i234.me
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 57
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Q19IGkI2WEs Show response
www.youtube.com/embed/ Frame CDCF 72 KB
31 KB 101ms
67ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Requested by

Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea47b34c50423f562f48cc0de9b50054362a8d431a81a075f5fa2d333a5e1100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 34120428_1717002915020068_6653868136460189696_n.png
trfnews.i234.me/wordpress/wp-content/uploads/2022/12/ 42 KB
42 KB 150ms
150ms Image
image/png 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2022/12/34120428_1717002915020068_6653868136460189696_n.png
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 07eedabca3ad6616a40e1253b51c2b398db458c0d088217e663880cfdc4c96c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:00 GMT
last-modified: Sat, 03 Dec 2022 23:24:58 GMT
server: nginx
etag: "a6f5-5eef4c3407a17"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 42741

GET
H2 200 app.min.js Show response
cdn.webpushr.com/ 41 KB
12 KB 50ms
6ms Script
application/javascript 46.101.145.111
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webpushr.com/app.min.js
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.101.145.111 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 192381ee07acebed60bd6c0829a3b941004e2f46f10b2000a937668cdd3009ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:55 GMT
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 18:35:13 GMT
server: nginx/1.16.1
etag: W/"642484e1-a221"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
x-gg-cache-status: HIT
cache-control: max-age=86400
expires: Thu, 30 Mar 2023 21:19:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230327/r20190131/ Frame 9018 10 KB
5 KB 48ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230327/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 20:35:58 GMT
etag: 2378337311435320485
expires: Wed, 12 Apr 2023 20:35:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 51ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NW06L14YXV&gtm=45je33r0&_p=1781056626&cid=983628095.1680124796&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680124795&sct=1&seg=0&dl=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&dt=News%20Healthy%20relationships%20for%20high%20schoolers%20A%20new%20social%20media%20challenge%20-%20TRF%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NW06L14YXV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trfnews.i234.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129116107-3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NW06L14YXV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf3f1b48fb05fd6d2361da077bbb1937c0393a44937431c359524bf6baed326a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44822
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Mar 2023 21:19:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129116107-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 20:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4484
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 29 Mar 2023 22:05:11 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
775 B 25ms
25ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99fb208feb8147fd4338def0edbbfd590d7508680ccef92ef4f7ec3419009616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 29 Mar 2023 21:19:55 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/931a8913/ Frame CDCF 400 KB
51 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35cf24d2125ee634ad18070ecc44ec9d73e736b7d3b24f83d0fd274d780b448a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 20:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52114
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Mar 2024 20:03:05 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/931a8913/www-embed-player.vflset/ Frame CDCF 348 KB
108 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3adeef26fad2c537c7506bf1f293c1d3125c059dd57a660a6c5f5625ad9d69c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:07:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110483
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Mar 2024 21:07:52 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/ Frame CDCF 2 MB
613 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe7a6fa7b5793197731b7aef42cc21bd18c19491c2479a164b45d8eb288d399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:56:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 627086
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 26 Mar 2024 14:56:12 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/931a8913/fetch-polyfill.vflset/ Frame CDCF 9 KB
3 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 20:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Mar 2024 20:36:51 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CDCF 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 132137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:38 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CDCF 15 KB
15 KB 12ms
9ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 132137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:38 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/931a8913/www-widgetapi.vflset/ 184 KB
62 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d675e4f59769f8bee80ab6fdf0d108324d1d577d6e195c6e121db8a7bb6784f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63091
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Mar 2024 21:12:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
144 B 15ms
14ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1781056626&t=pageview&_s=1&dl=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&ul=en-us&de=UTF-8&dt=News%20Healthy%20relationships%20for%20high%20schoolers%20A%20new%20social%20media%20challenge%20-%20TRF%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=955654780&gjid=464223052&cid=983628095.1680124796&tid=UA-129116107-3&_gid=70446630.1680124796&_r=1&gtm=457e33r0&jsscut=1&z=482037369

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trfnews.i234.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trfnews.i234.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
6ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1781056626&t=pageview&_s=2&dl=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&ul=en-us&de=UTF-8&dt=News%20Healthy%20relationships%20for%20high%20schoolers%20A%20new%20social%20media%20challenge%20-%20TRF%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=983628095.1680124796&tid=UA-129116107-3&_gid=70446630.1680124796&gtm=457e33r0&jsscut=1&z=962388155

Requested by

Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11684
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CDCF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

22ms
22ms

XHR
application/json

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a962e78b49ce53432989233f836159d3342453863692b895db9b17ac4c7f725c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Mar 2023 21:19:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CDCF 29 B
495 B 50ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:05:11 GMT
x-content-type-options: nosniff
age: 884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Mar 2023 21:20:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 71ms
15ms Preflight
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 29 Mar 2023 21:19:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CDCF 67 KB
31 KB 24ms
23ms XHR
application/json+protobuf 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c7f811b4f9d721c111efd871b6cc731ab934b090d0fda2ed3cbc04b3e5476c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31275
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/ Frame CDCF 116 KB
36 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9e96ee41cc291ec92aa96991e655bbe3d13e59c027288d38ad550106c9e1f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:56:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36522
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 26 Mar 2024 14:56:12 GMT

GET
H2 200 23K_wv65UPCiABIo6r4TLz_7ITKDRTsdN0481kHWjEo.js Show response
www.google.com/js/th/ Frame CDCF 36 KB
15 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/23K_wv65UPCiABIo6r4TLz_7ITKDRTsdN0481kHWjEo.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db72bfc2feb950f0a2001228eabe132f3ffb213283453b1d374e3cd641d68c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 12:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14353
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Mar 2024 12:39:02 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/Q19IGkI2WEs/ Frame CDCF 52 KB
53 KB 114ms
76ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Q19IGkI2WEs/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cac34e6b4b21c0ed6aaf4387b17a83f59bf94217b4da540d23d185a61aa124f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53362
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Mar 2023 23:19:56 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/ Frame CDCF 28 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ad83a0bad9cbb33f232d8a1d822c5b74509822daed5de3cb00ea4ee70a81f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8729
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 00:16:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 26 Mar 2024 14:56:23 GMT

GET
DATA 200
OK truncated
/ Frame CDCF 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJUXpSLTpOMg_s55BHel_OF_yaRb1xTXK6Zwp-chRcs=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CDCF 2 KB
2 KB 60ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJUXpSLTpOMg_s55BHel_OF_yaRb1xTXK6Zwp-chRcs=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad34d5a84b01aa645c3fc829ba4ecc5c51ea357daabf4972c68bdeaa12f25109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 17:59:06 GMT
x-content-type-options: nosniff
age: 12050
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1722
x-xss-protection: 0
server: fife
etag: "vc7d0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 23 Mar 2023 18:08:48 GMT

POST
H2 404 error_204 Show response
trfnews.i234.me/ 3 KB
3 KB 174ms
174ms XHR
text/html 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: https://trfnews.i234.me/error_204?a=logerror&t=jserror&type=SyntaxError&msg=Failed%20to%20execute%20%27postMessage%27%20on%20%27Window%27%3A%20Invalid%20target%20origin%20%27data%3A%27%20in%20a%20call%20to%20%27postMessage%27.&line=Not%20available&level=WARNING&client.name=1
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/www-widgetapi.vflset/www-widgetapi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: df08ecea3c17448cf735e62672f7a8dc5e66cc411e620dbd2e609e730d485b48

Request headers

X-YouTube-Ad-Signals: dt=1680124795829&flash=0&frm&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=1200&biw=1600&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&wgl=true&ca_type=image
X-YouTube-Utc-Offset: 0
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
X-YouTube-Time-Zone: Etc/Unknown
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Mar 2023 21:20:01 GMT
server: nginx
etag: "6245516d-c8c"
content-length: 3212
content-type: text/html

GET
H3 204 generate_204
www.youtube.com/ Frame CDCF 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?V4cqdg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CDCF 90 B
134 B 20ms
19ms XHR
application/json+protobuf 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6085a6eaf2e13f9041dc7aa8e609f8cad8d29ef52a8f660ec24ae2a02cab744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 29 Mar 2023 21:19:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST get_info
bot.webpushr.com/prompt/ 0
0

POST
H/1.1 200
OK session Show response
analytics.webpushr.com/impression/ 0
538 B 37ms
7ms Fetch
text/html 167.71.54.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webpushr.com/impression/session
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.54.9 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trfnews.i234.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 29 Mar 2023 21:19:56 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://trfnews.i234.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 31ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ff97354aa9f99ef20d45aaf9caaa30b3508103c6fac49e94ab605726df5d5f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 21:19:56 GMT
content-md5: hsxJJrXsmf/O82WLG33/GA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: HHvyX7tL0fx8vM6KTlA2u0mtsvTr9UTvHaYGu9KvauPqzJH3gK+KTqp45j61pYnTPW9uycX8vSu59OTb8GP/kw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: b67dd68272f34a0e1a5ad17a52904e90
cross-origin-opener-policy: same-origin-allow-popups
etag: "23d9c5dba87affc5553685d2579e7d60"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 29 Mar 2023 21:22:26 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CDCF 4 KB
2 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Mar 2023 21:19:56 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e26e3854ba2b0836d97cdc5b0cbbcdeb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86ff56fcfc94d3522945ccf75e4968bc7bdd894b3ccefd173e988c5d4cc9a640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://trfnews.i234.me/
Origin: https://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 21:19:56 GMT
content-md5: SxnDSAjsPRgpoJkYWOVYng==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88586
x-fb-rlafr: 0
x-fb-debug: sd51Or2e9AYZ/S6GG/erWEdJCzY2T4yoV+jUIkDhyrpGC4PWO7C7fDfa4jueRVjnmreCdrrKKLKdYzpozLsPjw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a837f1b17673e9f31a9f2ec22d83f9ab
cross-origin-opener-policy: same-origin-allow-popups
etag: "ce1ad8b3d7bd099d4b961104e571ceda"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Mar 2024 20:13:50 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/111/ Frame CDCF 50 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/111/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 11:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:05:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 30 Mar 2023 11:59:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 39ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=659573088993556&ev=fb_page_view&dl=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&rl=&if=false&ts=1680124796358&sw=1600&sh=1200&at=

Requested by

Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 29 Mar 2023 21:19:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303230101/ 350 KB
117 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3868038712334580&plah=trfnews.i234.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a086a0da01149c9ca15c0dede6316d8ae43172e254a7b59c21c2d797a069899e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119864
x-xss-protection: 0
server: cafe
etag: 16713450859778104343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 21:19:56 GMT

GET
H2 200 Obituary-Tim-Oster-Amundson-Funeral-Home-100x70.jpg
trfnews.i234.me/wordpress/wp-content/uploads/2023/03/ 3 KB
3 KB 151ms
151ms Image
image/jpeg 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2023/03/Obituary-Tim-Oster-Amundson-Funeral-Home-100x70.jpg?v=1680123994
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: b6d6559b3c8a75be3f76734923cc195cc200176ba1414447baba0759b99558fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:01 GMT
last-modified: Wed, 29 Mar 2023 21:06:38 GMT
server: nginx
etag: "a32-5f8105a20e392"
vary: User-Agent
content-type: image/jpeg
accept-ranges: bytes
content-length: 2610

GET
H2 200 Obituary-Tim-Oster-Amundson-Funeral-Home-150x150.jpg
trfnews.i234.me/wordpress/wp-content/uploads/2023/03/ 5 KB
6 KB 155ms
155ms Image
image/jpeg 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2023/03/Obituary-Tim-Oster-Amundson-Funeral-Home-150x150.jpg?v=1680123994
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 3b2e89ba5d426b751c21197a54fb614d94adec06cc928df77fcf569e7e35eab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:01 GMT
last-modified: Wed, 29 Mar 2023 21:06:38 GMT
server: nginx
etag: "1565-5f8105a201c5a"
vary: User-Agent
content-type: image/jpeg
accept-ranges: bytes
content-length: 5477

GET
H2 200 TRF-Man-Charged-With-Vehicle-Theft-100x70.png
trfnews.i234.me/wordpress/wp-content/uploads/2023/03/ 5 KB
6 KB 152ms
151ms Image
image/png 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2023/03/TRF-Man-Charged-With-Vehicle-Theft-100x70.png?v=1680086706
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 622699736b107317a1cbca2d8650218e3b33fc60a898bfc768557007b8356919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:01 GMT
last-modified: Wed, 29 Mar 2023 10:51:04 GMT
server: nginx
etag: "1583-5f807c0ac3615"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 5507

GET
H2 200 TRF-Man-Charged-With-Vehicle-Theft-150x150.png
trfnews.i234.me/wordpress/wp-content/uploads/2023/03/ 13 KB
13 KB 150ms
149ms Image
image/png 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2023/03/TRF-Man-Charged-With-Vehicle-Theft-150x150.png?v=1680086706
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 81e837b79ec971399b093e7df815dec85038b0d46554ad2853c50019db2af294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:01 GMT
last-modified: Wed, 29 Mar 2023 10:50:42 GMT
server: nginx
etag: "3480-5f807bf5b405d"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 13440

GET
H2 200 U7GXQ5VI4BCONPRDSTGDMBRPWQ-100x70.png
trfnews.i234.me/wordpress/wp-content/uploads/2023/01/ 3 KB
3 KB 150ms
150ms Image
image/png 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2023/01/U7GXQ5VI4BCONPRDSTGDMBRPWQ-100x70.png?v=1673882204
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 01308519f7b9686fda15269fc7389840325bd6359340b7230c2bb90619a5e053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:01 GMT
last-modified: Mon, 16 Jan 2023 15:23:35 GMT
server: nginx
etag: "b86-5f2632aaf4fae"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 2950

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
600 B 68ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=trfnews.i234.me&callback=_gfp_s_&client=ca-pub-3868038712334580

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3868038712334580&plah=trfnews.i234.me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4ebdbcc24b6bf528415788a061b94d0a0044660d11c920ad1f6cca1cc57cc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 61ms
18ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=trfnews.i234.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 47ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=trfnews.i234.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA02 436 B
235 B 106ms
105ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=208453893&adf=1183505835&pi=t.ma~as.6622280029&w=728&lmt=1680124796&format=728x90&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796400&bpp=5&bdt=1682&idt=203&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&correlator=5948567071963&frm=20&pv=2&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gdVFo1WLCM&p=https%3A//trfnews.i234.me&dtd=223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf0a0274f789119888af5ff2a533d73d7874c099865871e98c451ddf6e98dc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:56 GMT
expires: Wed, 29 Mar 2023 21:19:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 72ms
57ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230327&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

742a90c707a6e4b6bd421fd3cf6160a5fc00fc05c570b020efd3838c3349c996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11154
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 91EF 25 KB
6 KB 221ms
218ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&adk=1812271804&adf=3025194257&lmt=1680124796&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_r&format=0x0&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796405&bpp=3&bdt=1686&idt=226&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=255

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b619a6de7b8f3016ceab2b752a09df4b900933c96ade22d1a68e5ab1f54687f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5743
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:56 GMT
expires: Wed, 29 Mar 2023 21:19:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 520B 436 B
236 B 192ms
188ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=1523374986&adf=1357195756&pi=t.ma~as.6622280029&w=468&lmt=1680124796&format=468x60&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796408&bpp=1&bdt=1690&idt=257&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=1136&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8R9B56dRW&p=https%3A//trfnews.i234.me&dtd=263

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fe3130790919ad9e518ef3d6e4c6c6cfaefaad10c3c05491ce4a72da37218b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:56 GMT
expires: Wed, 29 Mar 2023 21:19:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 007B 32 KB
12 KB 213ms
207ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=1523374986&adf=2384712805&pi=t.ma~as.6622280029&w=468&lmt=1680124796&format=468x60&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796409&bpp=1&bdt=1690&idt=274&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bnzGLwxMoy&p=https%3A//trfnews.i234.me&dtd=279

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17b9e8288f08457d2ffd3740aab715ceb3730046c9deebd448be7f0e5f351684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12692
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:57 GMT
expires: Wed, 29 Mar 2023 21:19:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 62E3 436 B
236 B 113ms
108ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=250&slotname=6622280029&adk=2208689566&adf=3262530445&pi=t.ma~as.6622280029&w=300&lmt=1680124796&format=300x250&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796411&bpp=1&bdt=1692&idt=283&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=udQiDyza03&p=https%3A//trfnews.i234.me&dtd=287

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b86fec316e4c220888e3fc932cce153104123d0ac9b5d3d8041ad7ba991ac34d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:56 GMT
expires: Wed, 29 Mar 2023 21:19:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 181ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Mar 2023 21:19:56 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FB8 27 KB
12 KB 153ms
148ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=899296659&adf=2614346290&pi=t.ma~as.6622280029&w=728&lmt=1680124796&format=728x90&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796412&bpp=1&bdt=1693&idt=292&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=jaLPJlTQZ6&p=https%3A//trfnews.i234.me&dtd=296

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1ff59ab6613ee94e9abba3ba1e294ef7009685861b0eefc073b048b95c58d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12093
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:56 GMT
expires: Wed, 29 Mar 2023 21:19:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 U7GXQ5VI4BCONPRDSTGDMBRPWQ-100x70.png
trfnews.i234.me/wordpress/wp-content/uploads/2023/01/ 3 KB
3 KB 150ms
150ms Image
image/png 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2023/01/U7GXQ5VI4BCONPRDSTGDMBRPWQ-100x70.png?v=1673882204
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: 01308519f7b9686fda15269fc7389840325bd6359340b7230c2bb90619a5e053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:02 GMT
last-modified: Mon, 16 Jan 2023 15:23:35 GMT
server: nginx
etag: "b86-5f2632aaf4fae"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 2950

GET
H2 200 U7GXQ5VI4BCONPRDSTGDMBRPWQ-150x150.png
trfnews.i234.me/wordpress/wp-content/uploads/2023/01/ 7 KB
7 KB 150ms
149ms Image
image/png 184.99.187.226
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2023/01/U7GXQ5VI4BCONPRDSTGDMBRPWQ-150x150.png?v=1673882204
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.187.226 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-187-226.frgo.qwest.net
Software: nginx /
Resource Hash: db82c768d75f71150536cf33ae28fb009845de7f34099c7de67d5eee900ec1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:20:02 GMT
last-modified: Mon, 16 Jan 2023 15:23:07 GMT
server: nginx
etag: "1c23-5f2632904107c"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 7203

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F6BB 13 KB
5 KB 10ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:42:22 GMT
expires: Thu, 28 Mar 2024 19:42:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F2CC 783 B
966 B 18ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4133f474e29ae1b76adfdaad248df44f5b408ed637c06cedf4ab14b0739e6625

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p7UCH3lC4QZFHgH36Rq8Jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-p7UCH3lC4QZFHgH36Rq8Jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:56 GMT
expires: Wed, 29 Mar 2023 21:19:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=trfnews.i234.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=trfnews.i234.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D7E 436 B
232 B 130ms
125ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=280&adk=825265365&adf=272046723&pi=t.aa~a.1304393016~rp.1&w=696&fwrn=4&fwrnh=100&lmt=1680124796&rafmt=1&to=qs&pwprc=5217193664&format=696x280&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796959&bpp=2&bdt=2241&idt=2&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90&nras=2&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5FK9okKdbk&p=https%3A//trfnews.i234.me&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0687d844382901430c6b38c810c183b1e38159ad846305c76b2bf9f9612ad26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F2CC 0
0 41ms
41ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230327&jk=2817241397508754&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js Show response
pagead2.googlesyndication.com/bg/ Frame F6BB 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:30:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14115
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Mar 2024 09:30:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/ Frame 8FB8 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=899296659&adf=2614346290&pi=t.ma~as.6622280029&w=728&lmt=1680124796&format=728x90&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796412&bpp=1&bdt=1693&idt=292&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=jaLPJlTQZ6&p=https%3A//trfnews.i234.me&dtd=296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 19:42:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:42:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/ Frame 8FB8 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c65c175488a9e52e5ba6a5a510a368d307adb704f74cf8694450e882de26aec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 3460810559063626959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 10:56:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8FB8 0
0 15ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrXupLLyzh7IFFiDjCGHhDNJKIX-DY473zzH22G547YMfA4W8qlXef8c2dodxrjrHOAOJcytGNJW_BVnfnfYkbTZLOzQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=899296659&adf=2614346290&pi=t.ma~as.6622280029&w=728&lmt=1680124796&format=728x90&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796412&bpp=1&bdt=1693&idt=292&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=jaLPJlTQZ6&p=https%3A//trfnews.i234.me&dtd=296
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FB8 158 KB
49 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b508f51e67897ed88fa49901e1ccbe5e1ddacdc43a391f699f757ce1c0a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49596
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679917726319514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 21:19:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8FB8 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsFLSfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSwAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlfnMqoXrXW8T50CRSIspEbUEQKrgzu5sN0juBiAU4kpeTeoUeQk7iABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM4NjgwMzg3MTIzMzQ1ODAYAA&sigh=e323G3ORfao&uach_m=[UACH]&cid=CAQSKQDUE5ymGUbJfJHRyOSMySnN44Dub4iGuDGy4pptfTCTwUAxbOD37WCmGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=899296659&adf=2614346290&pi=t.ma~as.6622280029&w=728&lmt=1680124796&format=728x90&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796412&bpp=1&bdt=1693&idt=292&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=jaLPJlTQZ6&p=https%3A//trfnews.i234.me&dtd=296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Mar 2023 21:19:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 8FB8 0
0 53ms
12ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g5tn48yqz6hk45s1mhjr7gf4wn521nyz7vb0g2yrpepbkrgkxng7r571pf76gs3gyp8yz82461sbjb2zbsag9hkqk44xknybzr3p1v7wrgvjzt1gnehzzv1wymeh3qyvetjbv31dkjmag2ac408mfgtnrrgrv7hd1ayg8r8qmt940dmrb2bqvyyygpxn6q7eg7kqyhwa0g04xksg8jb2mbqxmeyeg63b29839m8ww94rjk7171qvc0jk60gpzfa2a1b5vvj10rxjbdqrqg3kfyj5jwaebk5yfp8j33a8zgj8rwygp4s7n02099jjv54s93fmfn8mn65s7fzgc6tv7bx31g4f4hchqcj12ryw741cfhv6wxe3xq0p7e616rp2jcd0emnpphftbvf&b=ZCSrfAANZMwIEd1VAAn2sSq7qc7Gne2b3W6ycQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=899296659&adf=2614346290&pi=t.ma~as.6622280029&w=728&lmt=1680124796&format=728x90&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796412&bpp=1&bdt=1693&idt=292&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=jaLPJlTQZ6&p=https%3A//trfnews.i234.me&dtd=296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 29 Mar 2023 21:19:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame B38A 2 KB
3 KB 73ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kxhcb8t2n2pwb691hqm8ybdtp0bs9m5e8e4v33y7jfg8wztkq8yh3fhhcc9tf45yehspfmsw9my1c8xdjgnzdyvzn6pexx9wvm64gdwjfj8ch7m4gdpkzstnk6a1295sqmzzgn6k731w6syzrqnhb13k8s9b6w57s9a82jf0rgryza31x1aabtxxa40bg7r9bnfw4vqs1nysk2hy44n2av79en9gm2av30k9s4yv37af94hh2zr388s21f7516pwy9w8e98g9vze6axqfsd1d6cav4wn5tf7ht1wrezhjsnqke96x8f3aq2n31svf2gaaezc2ze683r93hvsxyer0enp2qe5vdjsahwazcbbzrreszwsyx2q3qxvrkaj77ccac6y8atvq6n50bd9gyqh6sapx8nzcp1q21z5yzbb02cxgp84dkdnn0f4k0xbcbtra34jyv3bg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%26client%3Dca-pub-3868038712334580%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

463c631830be269a928313ad7294be59ed443ab215adca4f47472f09768c0926

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7afb276e4b1c91de-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:57 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F32C 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 17:46:38 GMT
etag: 48472445140208031
expires: Thu, 30 Mar 2023 17:46:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EDDD 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEYQUfKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSkAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFOp6vOwzENlcpKn4JO53dhsUmWgMDKfYk7yECLtfX6D4nJzPLPLEyABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM4NjgwMzg3MTIzMzQ1ODAYAA&sigh=YIQW2nTCRxk&uach_m=[UACH]&cid=CAQSKQDUE5ym3WYwLs7jAihXzz2HqDUabR2wfy4W2j3944smV991xny8DI43GAE

Requested by

Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=1523374986&adf=2384712805&pi=t.ma~as.6622280029&w=468&lmt=1680124796&format=468x60&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796409&bpp=1&bdt=1690&idt=274&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bnzGLwxMoy&p=https%3A//trfnews.i234.me&dtd=279
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Mar 2023 21:19:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame EDDD 0
0 37ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jeabhafx9r574eaw8gg1yyg5td3zfd43xdyej6bd6978yqgb7sxr7hvyd6rmccazq4w6f62q5h94jfqwh8p01f1vrwzpbc9b3dfcbhrdrj1akn1bb74byz0aej3hah2dj2j45fmx7zbh313f9rpdbprf5wd474t7gf9rgskhqka5tnk458j0hkrttqt6ac7nkdem1p6jq4hzhm6stzhzvyx9c51vdeatvb0ynnnxz8pms1spm88zh2cq499q6q1hqp6djjpsrjcbe15hhvnehg1m1c7xwjsr2mn0hq4mhn48j18cjpjj0wdzmvv8d7zn0kvk10wzb19hhg7w1ysa1h48mtkepcnxvvevm8xrc782chwybz6y1mnhdb0kvrk558a8we4twa086kx&b=ZCSrfAANp9wKm5MPAAs7wbrkBF7_uhAEbj3sLQ
Requested by: Host: trfnews.i234.me
URL: https://trfnews.i234.me/wordpress/news-healthy-relationships-for-high-schoolers-a-new-social-media-challenge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 29 Mar 2023 21:19:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame DCEC 2 KB
2 KB 47ms
36ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jw5g02w411ymphx3rvxvrm3p9g5898e698z432qt6n8k4hp55ap8pn89zeg0sn50drtnt7z2twjh6p6mcwjzxj72hgsjvvwx262npdts6zvfyf6dwdjr0nmwz4grnrqtvk0vekrgc86tt6zjnv9nd76dvk9bcawkc8sq9w8b7m47c1s6ye3nz0gyxfe52gxna3vfdq9srzamnj6wqm4y05e3x2nndxy9yd9rpbtp7atjyktgksnej3an09aw33t4r4nnkd7x82sxgmpwywyzvbfwakkhvz9t9kgdpmt8z68p4y1tvta1c6nz7a3reh6wym713ar37kbc6t4ect42tbnygrcdfgw7rfzwxrfed1mmbsyx5x4mrrzx12513377yn1g7jjvnvx68h8x6cc2r5hb78bhk52hdhyr060vc6b3rjdc2ynjvncnxm1qvkkaag4wyzb7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%26client%3Dca-pub-3868038712334580%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=1523374986&adf=2384712805&pi=t.ma~as.6622280029&w=468&lmt=1680124796&format=468x60&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796409&bpp=1&bdt=1690&idt=274&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bnzGLwxMoy&p=https%3A//trfnews.i234.me&dtd=279

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

517dfa8885bd28f041ecfe76f4045fc26adbba35d3799e287b9f96c84e77dfc4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7afb276e4b1e91de-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:57 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/ Frame EDDD 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 19:42:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:42:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6FD9 1 KB
643 B 19ms
17ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 17:46:38 GMT
etag: 48472445140208031
expires: Thu, 30 Mar 2023 17:46:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/ Frame EDDD 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c65c175488a9e52e5ba6a5a510a368d307adb704f74cf8694450e882de26aec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 3460810559063626959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 10:56:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EDDD 158 KB
49 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b508f51e67897ed88fa49901e1ccbe5e1ddacdc43a391f699f757ce1c0a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49596
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679917726319514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 21:19:57 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame B38A 94 KB
12 KB 24ms
22ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kxhcb8t2n2pwb691hqm8ybdtp0bs9m5e8e4v33y7jfg8wztkq8yh3fhhcc9tf45yehspfmsw9my1c8xdjgnzdyvzn6pexx9wvm64gdwjfj8ch7m4gdpkzstnk6a1295sqmzzgn6k731w6syzrqnhb13k8s9b6w57s9a82jf0rgryza31x1aabtxxa40bg7r9bnfw4vqs1nysk2hy44n2av79en9gm2av30k9s4yv37af94hh2zr388s21f7516pwy9w8e98g9vze6axqfsd1d6cav4wn5tf7ht1wrezhjsnqke96x8f3aq2n31svf2gaaezc2ze683r93hvsxyer0enp2qe5vdjsahwazcbbzrreszwsyx2q3qxvrkaj77ccac6y8atvq6n50bd9gyqh6sapx8nzcp1q21z5yzbb02cxgp84dkdnn0f4k0xbcbtra34jyv3bg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%26client%3Dca-pub-3868038712334580%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kxhcb8t2n2pwb691hqm8ybdtp0bs9m5e8e4v33y7jfg8wztkq8yh3fhhcc9tf45yehspfmsw9my1c8xdjgnzdyvzn6pexx9wvm64gdwjfj8ch7m4gdpkzstnk6a1295sqmzzgn6k731w6syzrqnhb13k8s9b6w57s9a82jf0rgryza31x1aabtxxa40bg7r9bnfw4vqs1nysk2hy44n2av79en9gm2av30k9s4yv37af94hh2zr388s21f7516pwy9w8e98g9vze6axqfsd1d6cav4wn5tf7ht1wrezhjsnqke96x8f3aq2n31svf2gaaezc2ze683r93hvsxyer0enp2qe5vdjsahwazcbbzrreszwsyx2q3qxvrkaj77ccac6y8atvq6n50bd9gyqh6sapx8nzcp1q21z5yzbb02cxgp84dkdnn0f4k0xbcbtra34jyv3bg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%26client%3Dca-pub-3868038712334580%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 38784
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEoGcbRZZuaPVJzcjkqwMD%2FPNBcjLO7MZ4nYD%2BFGOT3hk8BHuvJ5vy5YZJihzyLdT67PFN4rT5HqXsfKfTUOBi4LhRu8NCxrK%2Bhab4rFfhw0ifXtKU5VtRlO37uR%2Fs9kJbz7T%2BH0xiE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7afb276eebce91de-FRA
expires: Wed, 29 Mar 2023 22:19:57 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame B38A 25 KB
10 KB 42ms
22ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kxhcb8t2n2pwb691hqm8ybdtp0bs9m5e8e4v33y7jfg8wztkq8yh3fhhcc9tf45yehspfmsw9my1c8xdjgnzdyvzn6pexx9wvm64gdwjfj8ch7m4gdpkzstnk6a1295sqmzzgn6k731w6syzrqnhb13k8s9b6w57s9a82jf0rgryza31x1aabtxxa40bg7r9bnfw4vqs1nysk2hy44n2av79en9gm2av30k9s4yv37af94hh2zr388s21f7516pwy9w8e98g9vze6axqfsd1d6cav4wn5tf7ht1wrezhjsnqke96x8f3aq2n31svf2gaaezc2ze683r93hvsxyer0enp2qe5vdjsahwazcbbzrreszwsyx2q3qxvrkaj77ccac6y8atvq6n50bd9gyqh6sapx8nzcp1q21z5yzbb02cxgp84dkdnn0f4k0xbcbtra34jyv3bg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%26client%3Dca-pub-3868038712334580%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 512831
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35za9SLKWtFpJrGvOVkc2KIVZArok1p7qz8FkjfksEYEiO3SfEDzuCSS8YiTRaVAbbNqwUmjvabcBioAF2xRcvdB3h3%2BSUPh8coOKoS2yNSohsY2CGjujXPz97ADPPx3BFjRFd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7afb276f0bf991de-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 21 Mar 2023 13:45:38 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame DCEC 94 KB
12 KB 23ms
22ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jw5g02w411ymphx3rvxvrm3p9g5898e698z432qt6n8k4hp55ap8pn89zeg0sn50drtnt7z2twjh6p6mcwjzxj72hgsjvvwx262npdts6zvfyf6dwdjr0nmwz4grnrqtvk0vekrgc86tt6zjnv9nd76dvk9bcawkc8sq9w8b7m47c1s6ye3nz0gyxfe52gxna3vfdq9srzamnj6wqm4y05e3x2nndxy9yd9rpbtp7atjyktgksnej3an09aw33t4r4nnkd7x82sxgmpwywyzvbfwakkhvz9t9kgdpmt8z68p4y1tvta1c6nz7a3reh6wym713ar37kbc6t4ect42tbnygrcdfgw7rfzwxrfed1mmbsyx5x4mrrzx12513377yn1g7jjvnvx68h8x6cc2r5hb78bhk52hdhyr060vc6b3rjdc2ynjvncnxm1qvkkaag4wyzb7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%26client%3Dca-pub-3868038712334580%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jw5g02w411ymphx3rvxvrm3p9g5898e698z432qt6n8k4hp55ap8pn89zeg0sn50drtnt7z2twjh6p6mcwjzxj72hgsjvvwx262npdts6zvfyf6dwdjr0nmwz4grnrqtvk0vekrgc86tt6zjnv9nd76dvk9bcawkc8sq9w8b7m47c1s6ye3nz0gyxfe52gxna3vfdq9srzamnj6wqm4y05e3x2nndxy9yd9rpbtp7atjyktgksnej3an09aw33t4r4nnkd7x82sxgmpwywyzvbfwakkhvz9t9kgdpmt8z68p4y1tvta1c6nz7a3reh6wym713ar37kbc6t4ect42tbnygrcdfgw7rfzwxrfed1mmbsyx5x4mrrzx12513377yn1g7jjvnvx68h8x6cc2r5hb78bhk52hdhyr060vc6b3rjdc2ynjvncnxm1qvkkaag4wyzb7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%26client%3Dca-pub-3868038712334580%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 38784
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Njm9GWUwz0cYIosVzwhf5lldOF2NH6VsknYz3VpH%2BT3EhT3cAdVlKchVZ7rbLB5pMeKGQqFmjPQ0d8z7gJiaiUoRjnQxNSRRCWrG0Mwze3ZHU353W7pKMOVzZp7LuJjK8inwLybYY5U%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7afb276efbff914c-FRA
expires: Wed, 29 Mar 2023 22:19:57 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame DCEC 25 KB
10 KB 28ms
19ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jw5g02w411ymphx3rvxvrm3p9g5898e698z432qt6n8k4hp55ap8pn89zeg0sn50drtnt7z2twjh6p6mcwjzxj72hgsjvvwx262npdts6zvfyf6dwdjr0nmwz4grnrqtvk0vekrgc86tt6zjnv9nd76dvk9bcawkc8sq9w8b7m47c1s6ye3nz0gyxfe52gxna3vfdq9srzamnj6wqm4y05e3x2nndxy9yd9rpbtp7atjyktgksnej3an09aw33t4r4nnkd7x82sxgmpwywyzvbfwakkhvz9t9kgdpmt8z68p4y1tvta1c6nz7a3reh6wym713ar37kbc6t4ect42tbnygrcdfgw7rfzwxrfed1mmbsyx5x4mrrzx12513377yn1g7jjvnvx68h8x6cc2r5hb78bhk52hdhyr060vc6b3rjdc2ynjvncnxm1qvkkaag4wyzb7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%26client%3Dca-pub-3868038712334580%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 512831
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mA9BwWZAnFfBV0KAcuIP7uOEIgWiybDlgGk74hr%2FTz7mibVlZSKIwvwV8V9ziZ7jvr%2FEzBs%2Byhy6S0XwmZoHWEblMi%2FiyJiC%2F%2FpRD46eETZFVU5ezRjOIhNbRmI8rbtfYhqGPxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7afb276f0bf791de-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 21 Mar 2023 13:45:38 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F32C 35 B
465 B 40ms
8ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA7lB_btp6WPuUSKgGQooJo&google_cver=1&google_push=Aer7DvLfg7OkvfFbDabECKkP8_4EiMnFBlCrpgwvZIe1e3l9kLyAsQ81amKQXM1iATKyYyEhwrdZf4-tDcVVwAyxLdy1MBIQUK-Wz0ZR

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F32C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKG9lEfI7q_Dsjzs1T9Hw8I&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKG9lEfI7q_Dsjzs1T9Hw8I&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UkRDZmx1YU0xUEhEZDM1&google_gid=CAESEKG9lEfI7q_Dsjzs1T9Hw8I&google_cver=1&google_push=Aer7DvJWtXGyV3G0wdNhvFQQLt-_M8lVPdLpj37U3XD6Vip...

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UkRDZmx1YU0xUEhEZDM1&google_gid=CAESEKG9lEfI7q_Dsjzs1T9Hw8I&google_cver=1&google_push=Aer7DvJWtXGyV3G0wdNhvFQQLt-_M8lVPdLpj37U3XD6VipxvBmt1tcEhrAlvxYTJJYUa4iIR2-DhtfUDr9X_j8kOwKCVz7I_tCEtQA6

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 21:19:57 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-03d536d47c7b38dcc@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UkRDZmx1YU0xUEhEZDM1&google_gid=CAESEKG9lEfI7q_Dsjzs1T9Hw8I&google_cver=1&google_push=Aer7DvJWtXGyV3G0wdNhvFQQLt-_M8lVPdLpj37U3XD6VipxvBmt1tcEhrAlvxYTJJYUa4iIR2-DhtfUDr9X_j8kOwKCVz7I_tCEtQA6
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F32C 70 B
265 B 107ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBknFFoZOLsLQsBGMFeL_i4&google_cver=1&google_push=Aer7DvIyPHNKgBhZMDjK0o_k0wEefrhPyK_cO0Dl7FppCNRRt9ZI0SUE7vyEZUAzZGksAK5GPHaktF5aFHCAi8Uu8B5SWOu77HaXAwfL
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=899296659&adf=2614346290&pi=t.ma~as.6622280029&w=728&lmt=1680124796&format=728x90&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796412&bpp=1&bdt=1693&idt=292&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=jaLPJlTQZ6&p=https%3A//trfnews.i234.me&dtd=296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F32C 0
173 B 42ms
15ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELKCBT7wwOh09Bm7M2bJFGQ&google_cver=1&google_push=Aer7DvJZUMMCxo5yNQZxTGfOc6dmxmlbX2I6l_cQPfze0Srqf-9NpQlUT9300mcDtJaebnVa5BBoQAZSNhuFatc-cgJaBB3YF3v1WUOy
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=899296659&adf=2614346290&pi=t.ma~as.6622280029&w=728&lmt=1680124796&format=728x90&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796412&bpp=1&bdt=1693&idt=292&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=jaLPJlTQZ6&p=https%3A//trfnews.i234.me&dtd=296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F32C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDYzvoPGig_JZBM1vc36DWU&google_cver=1&google_push=Aer7DvJL0i4wwgde0A7yL9FyUiJGjGvGCj-KZs_OdS8BJEmtfv6ZNV35G85VK408lPZDZ0fR_L88_EJFrtDVhr...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxNjA4MTA1NjMyMzUzMjk0NQ%3D%3D&google_push=Aer7DvJL0i4wwgde0A7yL9FyUiJGjGvGCj-KZs_OdS8BJEmtfv6ZNV35G85VK408lPZDZ0fR_L88_EJFrtDVhr3Lom...

170 B
329 B

16ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxNjA4MTA1NjMyMzUzMjk0NQ%3D%3D&google_push=Aer7DvJL0i4wwgde0A7yL9FyUiJGjGvGCj-KZs_OdS8BJEmtfv6ZNV35G85VK408lPZDZ0fR_L88_EJFrtDVhr3LomPYDOjHBGHmx6wD

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxNjA4MTA1NjMyMzUzMjk0NQ%3D%3D&google_push=Aer7DvJL0i4wwgde0A7yL9FyUiJGjGvGCj-KZs_OdS8BJEmtfv6ZNV35G85VK408lPZDZ0fR_L88_EJFrtDVhr3LomPYDOjHBGHmx6wD
Date: Wed, 29 Mar 2023 21:19:57 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F32C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFmo6Vxr9bvWgSes_R09K9E&google_cver=1&google_push=Aer7DvLW-ruqxTC6I-tJvNcHRqE5JtgzgOKWLicUhJp3vf0yqGRUQmYGQQLT_EDkHwhOjUYMRAU...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZVNlhBSVktMU0tSFdJRg==&google_push=Aer7DvLW-ruqxTC6I-tJvNcHRqE5JtgzgOKWLicUhJp3vf0yqGRUQmYGQQLT_EDkHwhOjUYMRAUaB8kehao_CGiMcksWqmHQ6dPIJo9a

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZVNlhBSVktMU0tSFdJRg==&google_push=Aer7DvLW-ruqxTC6I-tJvNcHRqE5JtgzgOKWLicUhJp3vf0yqGRUQmYGQQLT_EDkHwhOjUYMRAUaB8kehao_CGiMcksWqmHQ6dPIJo9a

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZVNlhBSVktMU0tSFdJRg==&google_push=Aer7DvLW-ruqxTC6I-tJvNcHRqE5JtgzgOKWLicUhJp3vf0yqGRUQmYGQQLT_EDkHwhOjUYMRAUaB8kehao_CGiMcksWqmHQ6dPIJo9a
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F32C
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHqs7ByMURnUsLxjz7K0OvY&google_cver=1&google_push=Aer7DvLNalq1czjdVHt9HpUYmkU__31JJzDfDwab5uGuCoK4TrV3p2icn3WkUsR4Ko6tuiPR15H1SM6rL6o_...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLNalq1czjdVHt9HpUYmkU__31JJzDfDwab5uGuCoK4TrV3p2icn3WkUsR4Ko6tuiPR15H1SM6rL6o_5F9ale5K742O0sV5kU-J

170 B
232 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLNalq1czjdVHt9HpUYmkU__31JJzDfDwab5uGuCoK4TrV3p2icn3WkUsR4Ko6tuiPR15H1SM6rL6o_5F9ale5K742O0sV5kU-J

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLNalq1czjdVHt9HpUYmkU__31JJzDfDwab5uGuCoK4TrV3p2icn3WkUsR4Ko6tuiPR15H1SM6rL6o_5F9ale5K742O0sV5kU-J
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F32C 0
130 B 52ms
14ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13In6WlGNKootih4tKy_r99yhy8dvC-6nFnHEYo55MlXfJ_a7lU96ZSxoZB4MMcxzr4TSTZR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 8FB8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56090fecce786a5c5950ac7023c8496b44188c88738d746e8a9e06440e10229c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EDDD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eea5d7947ee984bd3ae751fed947624b8bec44ca2e3b4fd6f86e800e97fd8671

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 6FD9 0
104 B 1146ms
955ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEH_-iYbHkoZ927bQyyUYmwI&google_cver=1&google_push=Aer7DvIYROFh-AMWh8lMQWDed9CuPtaeYcXFbIXZvfxrzZxYQcXn4rsPb_YkIFf02uNPdDOxlB8bIyUD2JDGgrBQkDEaZGcTZcLy6l0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=1523374986&adf=2384712805&pi=t.ma~as.6622280029&w=468&lmt=1680124796&format=468x60&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796409&bpp=1&bdt=1690&idt=274&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bnzGLwxMoy&p=https%3A//trfnews.i234.me&dtd=279
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6FD9 70 B
264 B 40ms
37ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDjjWb_J7_N9L6FWgwB9gGU&google_cver=1&google_push=Aer7DvJCJn8dBBayQodJ6zrMX3am6RlctSc-pCIRCzNYcHV5yb5yHGthIH5DDRvbn_d9vw3KRpCPGSpDN7CHgm7hk3tm6e6PONTGVQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=1523374986&adf=2384712805&pi=t.ma~as.6622280029&w=468&lmt=1680124796&format=468x60&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796409&bpp=1&bdt=1690&idt=274&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bnzGLwxMoy&p=https%3A//trfnews.i234.me&dtd=279
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FD9
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPKLmEDS-z_eVyCxfu6X7Rw&google_cver=1&google_push=Aer7DvKQ0ZFWCqaf3-Kjf__u5qWEgMDELX_EOmwmPGn7RJqXLd1qF8zFkhXCknnkLVFpHca_I5TX41bcOMrkd_...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aer7DvKQ0ZFWCqaf3-Kjf__u5qWEgMDELX_EOmwmPGn7RJqXLd1qF8zFkhXCknnkLVFpHca_I5TX41bcOMrkd_dM-qbI3-m1PG7HQA&google_hm=hmQkq30GaUun5Db...

170 B
188 B

56ms
39ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aer7DvKQ0ZFWCqaf3-Kjf__u5qWEgMDELX_EOmwmPGn7RJqXLd1qF8zFkhXCknnkLVFpHca_I5TX41bcOMrkd_dM-qbI3-m1PG7HQA&google_hm=hmQkq30GaUun5Db0Rg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6424AB7D06694BA7E436F446BLIS

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aer7DvKQ0ZFWCqaf3-Kjf__u5qWEgMDELX_EOmwmPGn7RJqXLd1qF8zFkhXCknnkLVFpHca_I5TX41bcOMrkd_dM-qbI3-m1PG7HQA&google_hm=hmQkq30GaUun5Db0Rg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6424AB7D06694BA7E436F446BLIS
date: Wed, 29 Mar 2023 21:19:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FD9
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMyb55GgMz0Y-oy4AiJe8yc&google_cver=1&google_push=Aer7DvL-EytGFhyrJY-3gXnT19gGsOzWbygtqxzciuJ3UUYmD9HxpEK_v4Ju500WFh7MY3ZGnb5QvQhibw0GRqDB...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ysoOFr55T3-GVZIE4cxALg2&google_push=Aer7DvL-EytGFhyrJY-3gXnT19gGsOzWbygtqxzciuJ3UUYmD9HxpEK_v4Ju500WFh7MY3ZGnb5QvQhibw0GRqDB_rqv47oYZyBny6M

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ysoOFr55T3-GVZIE4cxALg2&google_push=Aer7DvL-EytGFhyrJY-3gXnT19gGsOzWbygtqxzciuJ3UUYmD9HxpEK_v4Ju500WFh7MY3ZGnb5QvQhibw0GRqDB_rqv47oYZyBny6M

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Mar 2023 21:19:57 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ysoOFr55T3-GVZIE4cxALg2&google_push=Aer7DvL-EytGFhyrJY-3gXnT19gGsOzWbygtqxzciuJ3UUYmD9HxpEK_v4Ju500WFh7MY3ZGnb5QvQhibw0GRqDB_rqv47oYZyBny6M
x-host: tde-deliveryengine-production-86c874c4d8-gtj9x
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FD9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEITVbyREdbLVpGnjGkJKDPc&google_cver=1&google_push=Aer7DvKo7HmZUCgBwyEmuz-GRPADS01RmGtNaQWu49VZTW3AjkcUiA3Npch65yL-v38fc_KILd6RwWwBcC1ITcPAsONHF5I...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKo7HmZUCgBwyEmuz-GRPADS01RmGtNaQWu49VZTW3AjkcUiA3Npch65yL-v38fc_KILd6RwWwBcC1ITcPAsONHF5IFOFZ2Eik&google_hm=eS00WnNraWxsRTJwRjZ...

170 B
188 B

21ms
20ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKo7HmZUCgBwyEmuz-GRPADS01RmGtNaQWu49VZTW3AjkcUiA3Npch65yL-v38fc_KILd6RwWwBcC1ITcPAsONHF5IFOFZ2Eik&google_hm=eS00WnNraWxsRTJwRjZPZmo5UjJULmkuaTVsb1liZV9wdn5B

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Mar 2023 21:19:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKo7HmZUCgBwyEmuz-GRPADS01RmGtNaQWu49VZTW3AjkcUiA3Npch65yL-v38fc_KILd6RwWwBcC1ITcPAsONHF5IFOFZ2Eik&google_hm=eS00WnNraWxsRTJwRjZPZmo5UjJULmkuaTVsb1liZV9wdn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FD9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIBJJOS_P3Lm73PkaB_rbKg&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIBJJOS_P3Lm73PkaB_rbKg&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIBJJOS_P3Lm73PkaB_rbKg&google_hm=ZCSrfQsMA996bdiNGk29pQAACK8AAAIB&google_nid=index&google_push=Aer7DvIb-lUOT0SPoaNOSiPpKSV0YyuWVaXgc...

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIBJJOS_P3Lm73PkaB_rbKg&google_hm=ZCSrfQsMA996bdiNGk29pQAACK8AAAIB&google_nid=index&google_push=Aer7DvIb-lUOT0SPoaNOSiPpKSV0YyuWVaXgc8UThhP8P0PBMoLxuk03P5LRIAtqNAG770vSX1oOuFJAExl1HtEJbALszwUB5iM0KA

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 21:19:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIBJJOS_P3Lm73PkaB_rbKg&google_hm=ZCSrfQsMA996bdiNGk29pQAACK8AAAIB&google_nid=index&google_push=Aer7DvIb-lUOT0SPoaNOSiPpKSV0YyuWVaXgc8UThhP8P0PBMoLxuk03P5LRIAtqNAG770vSX1oOuFJAExl1HtEJbALszwUB5iM0KA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 6FD9
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOp-YLeIBkp2G8UuKQj6mEE&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLTzkPhuEdeUcQR7gpx7VXFmQ31d-ZQcZ-406jDvc7GYumVQMyXv52vGM_iEEiid0_oyy8m9x0gVdCSDWaPAoQBVyY6N_JpOW0q
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

33ms
33ms

Image
image/gif

2.23.197.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=1523374986&adf=2384712805&pi=t.ma~as.6622280029&w=468&lmt=1680124796&format=468x60&url=https%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fnews-healthy-relationships-for-high-schoolers-a-new-social-media-challenge%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680124796409&bpp=1&bdt=1690&idt=274&shv=r20230327&mjsv=m202303230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60&nras=1&correlator=5948567071963&frm=20&pv=1&ga_vid=983628095.1680124796&ga_sid=1680124797&ga_hid=1781056626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=380&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44777877%2C44759926%2C44787455%2C31071268%2C21065725&oid=2&pvsid=2817241397508754&tmod=456875034&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bnzGLwxMoy&p=https%3A//trfnews.i234.me&dtd=279
Protocol: H2
Server: 2.23.197.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed, 29 Mar 2023 21:19:57 GMT
pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:19:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6FD9 0
49 B 19ms
18ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUR7Q0U3clLhRXz7Q6pPxZ-R1okuuG77suem50vfsErPV075lU5eJFTu-DoeprTWDj2IpNLA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B38A 3 KB
3 KB 76ms
23ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3104
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNAK0Cfjs7jtzcd4Or6TE5dU9D8FbSnso26gwDSsWEmzFbOAMx8KQEbpwTyJlEe8R8DbbN6ZLic5cHvzSUMRBo6QBFe20peuCqLFU%2BJK1RxXkKUABzx2ZYfjvovjjm8NxFyFPYS%2FxigCod3eRi%2BauQEd"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7afb277088709104-FRA
expires: Wed, 29 Mar 2023 20:41:23 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DCEC 3 KB
4 KB 75ms
23ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3104
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXs8BoLGh%2FXLxnqF00Swjgx9VgfErAUNiR6fDcRr0USWGwVxLl6XW9T9WJY85gjSdguP3XAwd8B%2FzkEOW9SA4ATtsJFz0qDGdm4F2Hx9e70zOEwyUZxIBPwSIgujtOOL8f229hWRRK13yhPmb5ym%2BFoz"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7afb277088729104-FRA
expires: Wed, 29 Mar 2023 20:41:23 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 9725 2 KB
1 KB 37ms
33ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 814449
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7afb27703ddd914c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 21:19:57 GMT
expires: Mon, 27 Feb 2023 21:37:06 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eon31rpYsFzuMiYTCKPwZl%2BX2HAxmbkLLO3IpA2efBinn50GohWmZS5EFClbMi6bnkW1kbZtT359woLvk6RSvuCCZrAbPiJLfyY%2BN00ZBtUBBbc%2BE3TwNkm85eIm4QKzUYDTSaQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 851E 2 KB
1 KB 20ms
17ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 814449
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7afb27703de0914c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 21:19:57 GMT
expires: Mon, 27 Feb 2023 21:37:06 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDnymHGauaJeeXUqYR%2BafERsVmRq9j9q64p0uVkavFlUQQFmUq5Roz9ZfqDhe8IzgjgSUelAY18emYI%2B0iMn8pl5u%2BZZnEHmU3Ww9KSbfsCzzTBOB6TI9u76w8sNKBWN9CyWYJs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F6BB 0
10 B 17ms
16ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eAANcg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 rs Show response
ad4m.at/ Frame DCEC 1 KB
2 KB 33ms
33ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 298016ee16422d6e3a8b7defe95189374c3b506c02fc4146a3e3e44f30bdc063

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAtf46mBcWcwDgjGxAg6YwslMrwtBd3w8yLUEKhUwz5WaLJspLhoGnmdqwJ8g%2F0YZs9WN0VEwslBrmfrHk5PNl6A4M2%2BuadGgDSxrOlfc3wlzajcThBsQuEtCqp7%2F8RCNxNU3uA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7afb2770fa1a699f-FRA
x-backend-server: aa-reachservice-group-europe-west1-703m
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 46ms
35ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb2770c9eb699f-FRA
content-length: 24
content-type: text/plain
date: Wed, 29 Mar 2023 21:19:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42rTzSQzpshu6NfKOEF2htSYRZX28rdYHP7rR1BvcD8S7GP74S9QtmxXZmJP7dAvP5lYXpLwWeRm6Li4CiIt7sV9vSbRdcPxIFb%2B79mnrLzQo8Fq8EUTrd8Lr1wokQTV0MZY6Q0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-92fg

POST
H3 200 rs Show response
ad4m.at/ Frame B38A 2 KB
2 KB 34ms
33ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af40cf29ba55b212a65b0b849cd97dc2f9a6cef6917c9dc1ddbaf7e556912a92

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fq9jmKQb3n1ZGN43B73n2zDNAa%2BQveGPo80eAnlhkQPgctjyhaSl1p68MNkTpxLEGCHZmhQvts4ibokvJwmY2XfCR5H8D25FH%2BfHPzyHOXa1ClLPmEWK6Wk6sGOU2OpEE2FtKq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7afb2770fa16699f-FRA
x-backend-server: aa-reachservice-group-europe-west1-92fg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
33ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb2770c9ea699f-FRA
content-length: 24
content-type: text/plain
date: Wed, 29 Mar 2023 21:19:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Py9fYdykwBan2I87IXFwGs35EsS654Jm2gcqFiNcwg32l33fd8teoTasJlzs7x81qLiyPSqnDRUZolLg%2FCr5SW0aYseJ3xdDlP%2B23BjH9Q2dlyIr9FjtU50tUXS7N%2BAsP8gxVyg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-703m

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame CE2F 11 KB
5 KB 30ms
30ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3b09afe8c0db190d5eb3832205256634384c8149f2458f8cb6af9384c0a6bc0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kxhcb8t2n2pwb691hqm8ybdtp0bs9m5e8e4v33y7jfg8wztkq8yh3fhhcc9tf45yehspfmsw9my1c8xdjgnzdyvzn6pexx9wvm64gdwjfj8ch7m4gdpkzstnk6a1295sqmzzgn6k731w6syzrqnhb13k8s9b6w57s9a82jf0rgryza31x1aabtxxa40bg7r9bnfw4vqs1nysk2hy44n2av79en9gm2av30k9s4yv37af94hh2zr388s21f7516pwy9w8e98g9vze6axqfsd1d6cav4wn5tf7ht1wrezhjsnqke96x8f3aq2n31svf2gaaezc2ze683r93hvsxyer0enp2qe5vdjsahwazcbbzrreszwsyx2q3qxvrkaj77ccac6y8atvq6n50bd9gyqh6sapx8nzcp1q21z5yzbb02cxgp84dkdnn0f4k0xbcbtra34jyv3bg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%26client%3Dca-pub-3868038712334580%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7afb27713fad914c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:57 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 904D 5 KB
3 KB 35ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=4cac2ab6d8f9ae5b0f26b49e0575210b%2F5371679775668650549&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7gn4hggnc77y6mkahpdjgyep43v9e3rw6zmbegcv3dgjpcmrb6f1mxv9bvrsjhpfbddb7sf7cnj7n232qv1cfakxqr96sgp63jfstg2znyksxxwp7cbykmk3wyte9krxa78ha2hkbcdrce8sa8fqskscmw3064fd0q10rj3b536ckzxwn4hr6jwhz2magb0qbq5h3v4v719mss5njxqhcpw7gtw8s2yq6gpm3ncwwfqbv96e3bd49vqyx118s335qxekv6rggcqty4bf3kdf9hqw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9789506ce2cca7bce0cbd38415033ba46244c89060007d61a90568ef5d3f928

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jw5g02w411ymphx3rvxvrm3p9g5898e698z432qt6n8k4hp55ap8pn89zeg0sn50drtnt7z2twjh6p6mcwjzxj72hgsjvvwx262npdts6zvfyf6dwdjr0nmwz4grnrqtvk0vekrgc86tt6zjnv9nd76dvk9bcawkc8sq9w8b7m47c1s6ye3nz0gyxfe52gxna3vfdq9srzamnj6wqm4y05e3x2nndxy9yd9rpbtp7atjyktgksnej3an09aw33t4r4nnkd7x82sxgmpwywyzvbfwakkhvz9t9kgdpmt8z68p4y1tvta1c6nz7a3reh6wym713ar37kbc6t4ect42tbnygrcdfgw7rfzwxrfed1mmbsyx5x4mrrzx12513377yn1g7jjvnvx68h8x6cc2r5hb78bhk52hdhyr060vc6b3rjdc2ynjvncnxm1qvkkaag4wyzb7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%26client%3Dca-pub-3868038712334580%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7afb27713fb8914c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 21:19:57 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame CE2F 94 KB
12 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 38784
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHEeb1uR3rcpxKsH60546vh4nHIyd%2Fu%2Foq4tBaqCHzAqV1uGKB5ibLOeIpg7e627JKS6167ltsEu9sJwWPk%2B0r8bwgPQE5S1gxnDYVtwBWFsfgpCf4gYSofRWHU%2BCT9pCJQ0PGA94TM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7afb27717809914c-FRA
expires: Wed, 29 Mar 2023 22:19:57 GMT

GET
H2 200 B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame CE2F 47 KB
48 KB 39ms
24ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d605bd2ec6ee95ecf8d2966ef89588ff8894e4d9c88ae95c82a59d71ab753d40

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1976084
cf-polished: origSize=53992, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48382
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jun 2022 14:47:26 GMT
server: cloudflare
etag: "e460905652d65e6a54a57da046f52d6c"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bsngi5FCLwJU8rFdY9RJLtNM1NwhCh8K%2Biwl3ypiCbCF1gCIVlRqCI3O3IGfVMEaCQEXPKKf91g6qpX8HHR6xvMz68T1TEzJF1Y9ZN3WZ%2Bt7ne95SWDkaXo9A9yxRHpiH1y5oH6C4mAjJcri"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7afb27718f3e91de-FRA
expires: Thu, 30 Mar 2023 21:19:57 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame CE2F 54 KB
55 KB 30ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 923988
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqzSoDJinduYx8w5tIz1nz0%2B1knGcRhB72fBl3mnC4E4BDkFjGjB80%2BePmMvxPhXVNeDkIMJJvoNmgqIySBVpSssisuQzwhdgkKo%2FYAeU1FbqymXH24kUNTHRVauiL%2BWfw5%2FMbcBmWEPZPvl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7afb27718f3b91de-FRA
expires: Thu, 30 Mar 2023 21:19:57 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 904D 94 KB
12 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=4cac2ab6d8f9ae5b0f26b49e0575210b%2F5371679775668650549&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7gn4hggnc77y6mkahpdjgyep43v9e3rw6zmbegcv3dgjpcmrb6f1mxv9bvrsjhpfbddb7sf7cnj7n232qv1cfakxqr96sgp63jfstg2znyksxxwp7cbykmk3wyte9krxa78ha2hkbcdrce8sa8fqskscmw3064fd0q10rj3b536ckzxwn4hr6jwhz2magb0qbq5h3v4v719mss5njxqhcpw7gtw8s2yq6gpm3ncwwfqbv96e3bd49vqyx118s335qxekv6rggcqty4bf3kdf9hqw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=4cac2ab6d8f9ae5b0f26b49e0575210b%2F5371679775668650549&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7gn4hggnc77y6mkahpdjgyep43v9e3rw6zmbegcv3dgjpcmrb6f1mxv9bvrsjhpfbddb7sf7cnj7n232qv1cfakxqr96sgp63jfstg2znyksxxwp7cbykmk3wyte9krxa78ha2hkbcdrce8sa8fqskscmw3064fd0q10rj3b536ckzxwn4hr6jwhz2magb0qbq5h3v4v719mss5njxqhcpw7gtw8s2yq6gpm3ncwwfqbv96e3bd49vqyx118s335qxekv6rggcqty4bf3kdf9hqw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 38784
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqHA5vhd9Ip4SKLNBepauho1fuZbzULR1MMTZaqe%2BTOQqYaGdQdKvSxoZzascwik1MPXqixMdkrzMsy48n9NzaWZ%2F6KU8hbAUy1SipPTUsSmzYjnhM8cchhfb7rLYD465R8itrbhvWA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7afb27718829914c-FRA
expires: Wed, 29 Mar 2023 22:19:57 GMT

GET
H2 200 B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 904D 47 KB
48 KB 31ms
26ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=4cac2ab6d8f9ae5b0f26b49e0575210b%2F5371679775668650549&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7gn4hggnc77y6mkahpdjgyep43v9e3rw6zmbegcv3dgjpcmrb6f1mxv9bvrsjhpfbddb7sf7cnj7n232qv1cfakxqr96sgp63jfstg2znyksxxwp7cbykmk3wyte9krxa78ha2hkbcdrce8sa8fqskscmw3064fd0q10rj3b536ckzxwn4hr6jwhz2magb0qbq5h3v4v719mss5njxqhcpw7gtw8s2yq6gpm3ncwwfqbv96e3bd49vqyx118s335qxekv6rggcqty4bf3kdf9hqw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d605bd2ec6ee95ecf8d2966ef89588ff8894e4d9c88ae95c82a59d71ab753d40

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1976084
cf-polished: origSize=53992, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48382
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jun 2022 14:47:26 GMT
server: cloudflare
etag: "e460905652d65e6a54a57da046f52d6c"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRUzxfESdWSwuZvCsGy7iY0iLGllef%2F6fvqtkosolC8QRDvrJpVvRyuFMVpLd71wRCXXH4JIMeHgq6GPpaS3IVv1jqHjwx07bc6r%2BRwmOMSHhZV3YccYKkKlezpYnK9nSleJf0Vr1%2FyP7E9e"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7afb27718f4091de-FRA
expires: Thu, 30 Mar 2023 21:19:57 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 904D 54 KB
55 KB 26ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=4cac2ab6d8f9ae5b0f26b49e0575210b%2F5371679775668650549&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7gn4hggnc77y6mkahpdjgyep43v9e3rw6zmbegcv3dgjpcmrb6f1mxv9bvrsjhpfbddb7sf7cnj7n232qv1cfakxqr96sgp63jfstg2znyksxxwp7cbykmk3wyte9krxa78ha2hkbcdrce8sa8fqskscmw3064fd0q10rj3b536ckzxwn4hr6jwhz2magb0qbq5h3v4v719mss5njxqhcpw7gtw8s2yq6gpm3ncwwfqbv96e3bd49vqyx118s335qxekv6rggcqty4bf3kdf9hqw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 923988
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDnAtY8S2iPj4Kk%2F4qFVocE%2Fmp59J7tEXK0uRi84uOPW3Wt4T%2B74bt5aHcfstFF5OR%2BM5VY6O0yGxH55%2FyA4tgdv6H0WUZ9lRzG4S8lUPUwy%2B25INwUtydHF1F4RN%2FwoAL06TIEDQp5QBSy2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7afb27718f3791de-FRA
expires: Thu, 30 Mar 2023 21:19:57 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame CE2F 2 KB
3 KB 27ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1109724
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7S43hl8kGPkm7bF8vl0zBSkDPsXqYFxyd64Iz7uj54JE5DlJea5RZ2UuJ%2FvBmwl2i9%2F70XvN2jvVJgjO1PDIUytD2nhmqf0AEFofni9hgW%2B2B%2BLQF4pmfEgXlqVSHYQMA8MvBH6ux7Vs54%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7afb27718f3a91de-FRA
expires: Thu, 30 Mar 2023 21:19:57 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame CE2F 339 KB
340 KB 29ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91028
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMR7uSYhHvOgOlIez9HL3Gf0cKckhFfMySt3GeCw00rvy%2F99UO9wg4SsLfp6E7xIRcEgiLlX0RCvtTio%2FLMbeO0Jq7ycmbVL6mOzuT60XE3dhEXPLhLwBdGjZAWGkFgX%2F4iJOWI2EBglY3kQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7afb27718f3d91de-FRA
expires: Thu, 30 Mar 2023 21:19:57 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CE2F 43 B
702 B 233ms
110ms Image
image/gif 23.40.2.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.40.2.151 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-2-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 21:19:57 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame CE2F 36 KB
36 KB 21ms
17ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1479193
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqNYjJ7ztIQc6f4lyR8MnN4umw5VqSpD9oEkTXjR%2FUtSU7OWODjlqtm7oh780IXoOAboVKsTXOR1P5HqWJhDQ8qESJ5CuW7%2FSSQHw4KjDFAxwHEgeFteZ0tJHn4PVKRj7THo22tfwRiMUq9Y"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7afb27718f3591de-FRA
expires: Thu, 30 Mar 2023 21:19:57 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame CE2F 28 KB
29 KB 22ms
19ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1727008
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0GEKA%2Fn%2FAUyuvcWHE7RC%2F0Ey1g0jKZ89FamS%2Fe3WYxNSBsTdJq57vHO%2BEDS1%2ByEvLZpnSTJlW8Kof6oHOKy2i0nDdliRXL%2BdlHoqrTwXaM%2FFK8%2BNy32CQrG2%2FwlBZgzbXiCipHdnYbK%2BkGD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7afb27718f3991de-FRA
expires: Thu, 30 Mar 2023 21:19:57 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CE2F 43 B
702 B 345ms
111ms Image
image/gif 23.40.2.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.40.2.151 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-2-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 21:19:58 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame CE2F 2 KB
2 KB 151ms
83ms Script
text/html 52.56.129.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hby2bx7r2ysvs0hbn53af084pjhep4nd2gactfdq51akp4vzyp152b9aac2b9bgz9bnfsb7m7rnwymh77zcjty9ak27gr7s4a1crh8qbrb3fy22vx6rn78pxkgzn5xb4x392we2t4h3sjcda44bnpnm378yvsnfwj4q2ard9xsv5wq60rw7vasf8pjaq2vkh5jk8q9py63s8ay8vdvg918rvhxssr5mhmezcfj7snrnck2pwra821zvav5zxjnne370%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%252526client%25253Dca-pub-3868038712334580%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=c550d3cfe75565fa6dc81331317671fb%2F7988875580430943899&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797616&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.129.202 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-129-202.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: ea35eced2b8dd47393638ac0444d375d3b65dd504ed08112faa677dd09911681

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
last-modified: Wed, 29 Mar 2023 21:19:57 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 29 Mar 2023 21:20:57 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 904D 2 KB
2 KB 130ms
73ms Script
text/html 52.56.129.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k73c5xq39n9wjc2ts1hhdtf0mb3fak7qkjyr2xgzvhb6s3rv35jzkscm3fbsxz3sa535h2js0c63dxvn2ysscc5apbgsen98jm5cgx3d0nm96cb1rrgp4cv1x34ps2ppz4jfn17h2tty9gnaz9zhwmpj4hmt3p92gde7w99ddjm9rc06q9mpqkn81rrn74n9s3z37nts3jhgt9t9vkb4m6w4e3r4pdf4a6hqhp36232pd5r6bg4wp7408tn2mgmtk4g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k7gn4hggnc77y6mkahpdjgyep43v9e3rw6zmbegcv3dgjpcmrb6f1mxv9bvrsjhpfbddb7sf7cnj7n232qv1cfakxqr96sgp63jfstg2znyksxxwp7cbykmk3wyte9krxa78ha2hkbcdrce8sa8fqskscmw3064fd0q10rj3b536ckzxwn4hr6jwhz2magb0qbq5h3v4v719mss5njxqhcpw7gtw8s2yq6gpm3ncwwfqbv96e3bd49vqyx118s335qxekv6rggcqty4bf3kdf9hqw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%252526client%25253Dca-pub-3868038712334580%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=4cac2ab6d8f9ae5b0f26b49e0575210b%2F5371679775668650549&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7gn4hggnc77y6mkahpdjgyep43v9e3rw6zmbegcv3dgjpcmrb6f1mxv9bvrsjhpfbddb7sf7cnj7n232qv1cfakxqr96sgp63jfstg2znyksxxwp7cbykmk3wyte9krxa78ha2hkbcdrce8sa8fqskscmw3064fd0q10rj3b536ckzxwn4hr6jwhz2magb0qbq5h3v4v719mss5njxqhcpw7gtw8s2yq6gpm3ncwwfqbv96e3bd49vqyx118s335qxekv6rggcqty4bf3kdf9hqw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.129.202 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-129-202.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 9812b69478cc6603f3eb3ea89b1527538ca6b6b5baaa2eb6e08049f29a9cde11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:19:57 GMT
last-modified: Wed, 29 Mar 2023 21:19:57 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 29 Mar 2023 21:20:57 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 904D 85 KB
31 KB 50ms
7ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k73c5xq39n9wjc2ts1hhdtf0mb3fak7qkjyr2xgzvhb6s3rv35jzkscm3fbsxz3sa535h2js0c63dxvn2ysscc5apbgsen98jm5cgx3d0nm96cb1rrgp4cv1x34ps2ppz4jfn17h2tty9gnaz9zhwmpj4hmt3p92gde7w99ddjm9rc06q9mpqkn81rrn74n9s3z37nts3jhgt9t9vkb4m6w4e3r4pdf4a6hqhp36232pd5r6bg4wp7408tn2mgmtk4g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k7gn4hggnc77y6mkahpdjgyep43v9e3rw6zmbegcv3dgjpcmrb6f1mxv9bvrsjhpfbddb7sf7cnj7n232qv1cfakxqr96sgp63jfstg2znyksxxwp7cbykmk3wyte9krxa78ha2hkbcdrce8sa8fqskscmw3064fd0q10rj3b536ckzxwn4hr6jwhz2magb0qbq5h3v4v719mss5njxqhcpw7gtw8s2yq6gpm3ncwwfqbv96e3bd49vqyx118s335qxekv6rggcqty4bf3kdf9hqw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%252526client%25253Dca-pub-3868038712334580%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:43:23 GMT
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 74195
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: vgip5jXKNrSDjS0AOJnXRH5KapsUJ_omMCHrdA2Wv7hKOqmGNWvbWA==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 904D 15 KB
15 KB 45ms
7ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1680125097&Signature=mmtr4NzAl~35n5FeomvIfV0Hv0d7d5gSfYaeovr4dvuvFgplSChlJ0J-7Im2wU~LMuhIU8Ay3rVU5fwXK7nf9QR5S1sGML6H9MIJUog7TcrIBoSN8wAsYcY2V0Gcpzo9iHlx7~pouQ-8h2kOVcKlh165KyfallZyRrO1KKbKkabLWv-K8nW6g-Au76J4prs0kJnZRgrwe~--flgm8treDoPIojV2E0iu3q7yDhJ28L8zQaY6xguLYas7-kPNK2x~d~jE9uriZa8yGxhHKqXg9gky-nXyCFhP~xTVGdLbhYo~g1XtR5XKynssECMUvxE0QRXvwpDsBZZDucO~Xdrc-Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW&c=320&d=50&e=&g=4cac2ab6d8f9ae5b0f26b49e0575210b%2F5371679775668650549&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1680124797618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7gn4hggnc77y6mkahpdjgyep43v9e3rw6zmbegcv3dgjpcmrb6f1mxv9bvrsjhpfbddb7sf7cnj7n232qv1cfakxqr96sgp63jfstg2znyksxxwp7cbykmk3wyte9krxa78ha2hkbcdrce8sa8fqskscmw3064fd0q10rj3b536ckzxwn4hr6jwhz2magb0qbq5h3v4v719mss5njxqhcpw7gtw8s2yq6gpm3ncwwfqbv96e3bd49vqyx118s335qxekv6rggcqty4bf3kdf9hqw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0-6afKskZNzPNo-m7gTB96z4A5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpAuNOwo7-KbI-qAMBqgSnAk_QfGPtUKxCLOyQH6PIOASmtvSyFCsLC3pMNI2EUFRW6Tj5XtKfD1NFrEyibTPgEDpuSHJDZPiebQInJlTlVlzp6XQn2eBZ3jrpftO43iFTdVCVs1N62eAz80I813VNabk5_92yk_F4ZB02xJZN-pJT-fBgm0QbSt33PoR7duKe_VCsnSNCHvOAdFigY82N6lQqadYmgptjesJMreJtl0lBvGDQOcNHp89wJ1lAVbys6fnwtFpM0VVFodzh_4mfRbPD7awkJ9T1rFNTbjukX9bjJGJC7teAV9euHlDwzL91KlsL_8kDmM_X4QkoZhO9ZF5VGgwEXUWtCLbe9uFO5anvUeb0EoqCGMrYPT7zQ3CCim3AU5HmSILCJw1uEaXRGS5QbIS5tg-ABrHCidmg6dXLkAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2v8RCYuRHD-dgzcFDBPHCDz8veJg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 29 Mar 2023 01:55:56 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 69842
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: KSbI36wbzbzLhp5vOmqD5pxbW16xgW28Tw0E_E8BEj6R06KoRWJECw==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame CE2F 85 KB
31 KB 46ms
13ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hby2bx7r2ysvs0hbn53af084pjhep4nd2gactfdq51akp4vzyp152b9aac2b9bgz9bnfsb7m7rnwymh77zcjty9ak27gr7s4a1crh8qbrb3fy22vx6rn78pxkgzn5xb4x392we2t4h3sjcda44bnpnm378yvsnfwj4q2ard9xsv5wq60rw7vasf8pjaq2vkh5jk8q9py63s8ay8vdvg918rvhxssr5mhmezcfj7snrnck2pwra821zvav5zxjnne370%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%252526client%25253Dca-pub-3868038712334580%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:43:23 GMT
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 74195
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: LgSrGSTrkl4EVJTxxQvt884D-bdQ2DD2QuHfoGRibQ--XC52SMnekA==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame CE2F 15 KB
15 KB 35ms
7ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1680125097&Signature=mmtr4NzAl~35n5FeomvIfV0Hv0d7d5gSfYaeovr4dvuvFgplSChlJ0J-7Im2wU~LMuhIU8Ay3rVU5fwXK7nf9QR5S1sGML6H9MIJUog7TcrIBoSN8wAsYcY2V0Gcpzo9iHlx7~pouQ-8h2kOVcKlh165KyfallZyRrO1KKbKkabLWv-K8nW6g-Au76J4prs0kJnZRgrwe~--flgm8treDoPIojV2E0iu3q7yDhJ28L8zQaY6xguLYas7-kPNK2x~d~jE9uriZa8yGxhHKqXg9gky-nXyCFhP~xTVGdLbhYo~g1XtR5XKynssECMUvxE0QRXvwpDsBZZDucO~Xdrc-Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hby2bx7r2ysvs0hbn53af084pjhep4nd2gactfdq51akp4vzyp152b9aac2b9bgz9bnfsb7m7rnwymh77zcjty9ak27gr7s4a1crh8qbrb3fy22vx6rn78pxkgzn5xb4x392we2t4h3sjcda44bnpnm378yvsnfwj4q2ard9xsv5wq60rw7vasf8pjaq2vkh5jk8q9py63s8ay8vdvg918rvhxssr5mhmezcfj7snrnck2pwra821zvav5zxjnne370%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hwc01fyws57qmezbxky20csz7acm4j4xppgn8adeydrjvvktkyg0jtaf051p7wepzq7b4znn0tmmjjt53zsvrv5mf24dmp62fha2f4wsc7h9xd4a67j230hener6d60ne2ak42ewgcn2faytrzc5d3y265krtyvybqe5fgtkha45dy0a4b91bx2tt4bvx3v435x7esrk689wjafkwtge26yth0404j4srvedjda691tnm37a1j6ecvq2dvrax7es1t8207sxq6nrxv516dz6ms398%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXbeXfKskZMzJNdW6x_APse2n4AuQ4YGEXLaoworwAsCNtwEQASAAYO0EggEXY2EtcHViLTM4NjgwMzg3MTIzMzQ1ODDIAQmpApTfafvMMLI-qAMBqgSzAk_Qspn3DiAq_IdA6BVR2-yJnfmuxFzi91WOuNYxgYdgxwu5DgVoVP5WejDREP_lmQK9_H79BvEAs6sHy3D88eO5rA9XKfXtPlUb1WJLx8PJ5X2NfQjjJDIsSbtPWs2YyCFmQkyWuKfUAJmoAlAbaE_VNPywoMlUiL9epQRzoKqsBPS0ZCDwBgLKNT3k6bWAs8sCnz8cJrvYCGehOx3XodTBUS3rlIUHf1TYPS9rjzALvY6Y9j7lw6wgG2_R6rbVT6ncgiRBczLw4Oy_vRILo3iG9ABb6T_vwtrnQ0NuaqYdK5AAgM7jd81jqpgtFMBJLCs8ddxKm9i7l4oMQCyLwB-FJfNgcjvMLTlf3siJzGIvdn68jlweaNiJon0epKHkyNupDiIrk7awu8jGdJsP03AO0h2ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3cR72fM_DKwNNTLiqMTzi1MSEutA%252526client%25253Dca-pub-3868038712334580%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 29 Mar 2023 01:55:56 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 69842
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: ekf8KQDW-DV-jcn5O4gOS5m2E21jOv2-KQD1zRyDe9STY9ZsYg3y2w==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230327&jk=2817241397508754&bg=!bG-lbzvNAAbO2UOH7tk7ADkAdvg8Wl3A85Z2yJvFPGWy1up9d3jO72wfWp3JeaRSxGShN1pHTw2op_3-iJPkUp3L4WNNb_FGiPYCAAABUFIAAAAEaAEHCgATYtzvrY4rNvQr3gILx-VzZMQes5kCoWnx507R7Dlhdo8exLaS_ppkatyw-nKgjvgQPBJGKQjtLlzYK87_Mpw4ZwDXVWBE7_P9SDurNCy-OPhzuPf6vzVC0bm6aHfCZww9UXY2dSB-XUcNTIYglExUCpGvN9eCw9UvXiWwnU7lxId6jnJXM4qEiCiaR_H6GHWr5pEf8EZ9bpVLBKmUV9Opaqi6C5P9p90nhj62O1z1aXcCn3G6GbR6gR7sxbbYoZqtPfwkXsD_W7qqAHQUITqa4Y9vYTM4lzEsyTvU0RZy8Ij2xjMQw2rL9Rs8AkRbhiI4aMc_vjrgEpyS_q0RKUB4o9mPpsnXjBabWnVj54VQZScyO47hRQz8JXRT_q9JhIlf05X4B1KCvxtrnZuhKOsRCZ821WRpOEUb9vyKJf2BUFh3wuNV1yll5wfX-YlgvMpkEV6qpzwhDGDzopzF0a1EClgIFPwtDRGfRG7KK0Sai1W_HHTA25ScovoarpvRYsKK1XMUBPtVT4r4qESCX_S8gNhAurjRI_-Fm-Klivwi3tubsLr96wx9wUKQNbyhPiJmfM1TBWCAvCZcNjHg5Hi5vLQ30cX5ELJN5Mth-SFtkjGn0eyHyGvOi8j5s8HcdgWUriKo6Ow54IDxARfcsnZA5QRj6kq7RuqYaDCNvdgCp5kcRBMZZxXCckqQn5AYdyYxdC40bKyTu0e_etb4MSccXNpu_MXq4oKXYV-mAKkTp4I0WAyWaQr8MqyoPAp28EyyK1Ae2x3rgXoKzVHDR57FnmlHZ9K45QJMx5PDtZs0H5nWf9JaNMdWGGPUXrQMX3hx84YpMWF56hVJ4rIu636S5CgS9bVW43IAh0pmgD1qMw83rWUxEWWqdXZcQ3744ny0icMLCtL1tuhKvB6bji0YCOutB3Y3Vic
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CDCF 28 B
54 B 21ms
20ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/931a8913/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
X-Goog-Request-Time: 1680124798314
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Q19IGkI2WEs?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
X-YouTube-Client-Version: 1.20230326.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtBR2tQeWIyN0FsZyj71pKhBg%3D%3D
X-YouTube-Ad-Signals: dt=1680124795806&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C560&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 29 Mar 2023 21:19:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 29 Mar 2023 21:19:58 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 904D 16 B
232 B 79ms
77ms Fetch
application/json 13.41.237.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.237.201 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-237-201.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:19:58 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 97ms
21ms Preflight 13.41.237.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.237.201 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-237-201.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 29 Mar 2023 21:19:58 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame CE2F 16 B
232 B 67ms
66ms Fetch
application/json 13.41.237.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.237.201 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-237-201.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:19:58 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 82ms
22ms Preflight 13.41.237.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.237.201 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-237-201.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 29 Mar 2023 21:19:58 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bot.webpushr.com
URL: https://bot.webpushr.com/prompt/get_info

Verdicts & Comments Add Verdict or Comment

290 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
trfnews.i234.me/wordpress/	1970-01-20 10:43:31	Name: pvc_visits[0] Value: 1680211196b40839
.trfnews.i234.me/	1970-01-20 20:18:04	Name: _ga_NW06L14YXV Value: GS1.1.1680124795.1.0.1680124795.0.0.0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: _umMSkcgC9w
.youtube.com/	1970-01-20 15:01:16	Name: VISITOR_INFO1_LIVE Value: AGkPyb27Alg
.trfnews.i234.me/	1970-01-20 20:18:04	Name: _ga Value: GA1.3.983628095.1680124796
.trfnews.i234.me/	1970-01-20 10:43:31	Name: _gid Value: GA1.3.70446630.1680124796
.trfnews.i234.me/	1970-01-20 10:42:04	Name: _gat_gtag_UA_129116107_3 Value: 1
.doubleclick.net/	1970-01-20 20:03:40	Name: IDE Value: AHWqTUmI75gIsp3sK3bAW3nmiI6n-tgTkwwq2AZwLK1W7aKLkYmIWTYDivC1B-PQ4uc
.quantserve.com/	1970-01-20 12:51:40	Name: d Value: EGABCQHQKIEA
.quantserve.com/	1970-01-20 20:12:19	Name: mc Value: 6424ab7d-4ba27-5ad70-80d7c
.adfarm1.adition.com/	1970-01-20 12:51:40	Name: UserID1 Value: 7216081056323532945
.blismedia.com/	1970-01-20 19:27:44	Name: b Value: 6424AB7D06694BA7E436F446BLIS
.w55c.net/	1970-01-20 20:13:45	Name: wfivefivec Value: RDCfluaM1PHDd35
.w55c.net/	1970-01-20 11:25:16	Name: matchgoogle Value: 5
.travelaudience.com/	1970-01-20 20:13:45	Name: _tracker Value: %7B%22UUID%22%3A%22CACA0E16-BE79-4F7F-8655-9204E1CC402E%22%7D
.casalemedia.com/	1970-01-20 19:27:40	Name: CMID Value: ZCSrfQsMA996bdiNGk29pQAA
.casalemedia.com/	1970-01-20 12:51:40	Name: CMPS Value: 2223
.casalemedia.com/	1970-01-20 12:51:40	Name: CMPRO Value: 2223
.yahoo.com/	1970-01-20 19:28:02	Name: A3 Value: d=AQABBH2rJGQCENVJraRtOOpROBinBe1yGroFEgEBAQH8JWQuZAAAAAAA_eMAAA&S=AQAAAktIzftQ5bk7KW8aEaa-U1s
.awin1.com/	1970-01-20 10:44:57	Name: awpv20044 Value: 412871\|1680124797\|750e60a0-ce77-11ed-b00f-2238801674a3
.awin1.com/	1970-01-20 10:44:57	Name: awpv14702 Value: 412871\|1680124797\|7520b023-ce77-11ed-b6bf-22318f8574b4
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2022/12/1.jpg?v=1670241682 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2022/12/13.jpg?v=1670241907 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trfnews.i234.me/error_204?a=logerror&t=jserror&type=SyntaxError&msg=Failed%20to%20execute%20%27postMessage%27%20on%20%27Window%27%3A%20Invalid%20target%20origin%20%27data%3A%27%20in%20a%20call%20to%20%27postMessage%27.&line=Not%20available&level=WARNING&client.name=1 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
analytics.webpushr.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
bot.webpushr.com
cdn.track.production.webgains.team
cdn.webpushr.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
region1.google-analytics.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
trfnews.i234.me
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
bot.webpushr.com
13.41.237.201
142.250.185.194
167.71.54.9
18.66.147.98
184.99.187.226
185.80.39.216
2.23.197.36
2001:4860:4802:32::36
2001:4860:4802:34::178
23.40.2.151
2600:1901:0:76b9::
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2016
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a02:fa8:8806:13::1370
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3601:eb09:ecfd:dac6:f566
3.33.220.150
34.96.105.8
35.190.0.66
46.101.145.111
51.75.86.98
52.28.63.52
52.56.129.202
69.173.144.139
85.114.159.118
99.86.4.53
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01308519f7b9686fda15269fc7389840325bd6359340b7230c2bb90619a5e053
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07eedabca3ad6616a40e1253b51c2b398db458c0d088217e663880cfdc4c96c6
092804d065eee9d096bea623a228ce7fe27d7791cd9f50f2d3faa63b1c54668a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e457e2007cb6ce944119c43898dd894d210bcf2fbd3afe7e13092da7af51ce5
1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0
10a2439001d53cac93726a7b6f5b1fbc3dc1af341589c3a1759703c66bf21fed
1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2
13b67107cd25011fb7544b2c9735c199569411e92273a52cd380f39c19bb7259
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
17b9e8288f08457d2ffd3740aab715ceb3730046c9deebd448be7f0e5f351684
192381ee07acebed60bd6c0829a3b941004e2f46f10b2000a937668cdd3009ac
1ad83a0bad9cbb33f232d8a1d822c5b74509822daed5de3cb00ea4ee70a81f91
211b508f51e67897ed88fa49901e1ccbe5e1ddacdc43a391f699f757ce1c0a9c
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
298016ee16422d6e3a8b7defe95189374c3b506c02fc4146a3e3e44f30bdc063
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f1ff59ab6613ee94e9abba3ba1e294ef7009685861b0eefc073b048b95c58d8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35cf24d2125ee634ad18070ecc44ec9d73e736b7d3b24f83d0fd274d780b448a
3adeef26fad2c537c7506bf1f293c1d3125c059dd57a660a6c5f5625ad9d69c2
3b2e89ba5d426b751c21197a54fb614d94adec06cc928df77fcf569e7e35eab2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
4133f474e29ae1b76adfdaad248df44f5b408ed637c06cedf4ab14b0739e6625
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
463c631830be269a928313ad7294be59ed443ab215adca4f47472f09768c0926
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
517dfa8885bd28f041ecfe76f4045fc26adbba35d3799e287b9f96c84e77dfc4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56090fecce786a5c5950ac7023c8496b44188c88738d746e8a9e06440e10229c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cac34e6b4b21c0ed6aaf4387b17a83f59bf94217b4da540d23d185a61aa124f
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272
5fe7a6fa7b5793197731b7aef42cc21bd18c19491c2479a164b45d8eb288d399
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622699736b107317a1cbca2d8650218e3b33fc60a898bfc768557007b8356919
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ff97354aa9f99ef20d45aaf9caaa30b3508103c6fac49e94ab605726df5d5f5
742a90c707a6e4b6bd421fd3cf6160a5fc00fc05c570b020efd3838c3349c996
7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
7fe3130790919ad9e518ef3d6e4c6c6cfaefaad10c3c05491ce4a72da37218b6
81e837b79ec971399b093e7df815dec85038b0d46554ad2853c50019db2af294
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
86ff56fcfc94d3522945ccf75e4968bc7bdd894b3ccefd173e988c5d4cc9a640
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8b619a6de7b8f3016ceab2b752a09df4b900933c96ade22d1a68e5ab1f54687f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
952ced9b3c00cf94d0426377dc8cd434bdb3784dee2695958bd985983a5dcf88
9812b69478cc6603f3eb3ea89b1527538ca6b6b5baaa2eb6e08049f29a9cde11
987eb3b6bcddc8840293b70321b1cff9d39476c0180cccfb20f41692d7d85283
99fb208feb8147fd4338def0edbbfd590d7508680ccef92ef4f7ec3419009616
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9d675e4f59769f8bee80ab6fdf0d108324d1d577d6e195c6e121db8a7bb6784f
a0687d844382901430c6b38c810c183b1e38159ad846305c76b2bf9f9612ad26
a086a0da01149c9ca15c0dede6316d8ae43172e254a7b59c21c2d797a069899e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a962e78b49ce53432989233f836159d3342453863692b895db9b17ac4c7f725c
a9789506ce2cca7bce0cbd38415033ba46244c89060007d61a90568ef5d3f928
ad34d5a84b01aa645c3fc829ba4ecc5c51ea357daabf4972c68bdeaa12f25109
af40cf29ba55b212a65b0b849cd97dc2f9a6cef6917c9dc1ddbaf7e556912a92
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b6d6559b3c8a75be3f76734923cc195cc200176ba1414447baba0759b99558fe
b70798fde2cc3f682d906eb5fa690b150888bfb4eb7257cd1f61faf558f0b1f6
b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d
b7a793103cc02f4757648f3abe5499ee69acc5cabe284adab055da40ff9e3fe9
b86fec316e4c220888e3fc932cce153104123d0ac9b5d3d8041ad7ba991ac34d
b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf0a0274f789119888af5ff2a533d73d7874c099865871e98c451ddf6e98dc1c
bf3f1b48fb05fd6d2361da077bbb1937c0393a44937431c359524bf6baed326a
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8
c65c175488a9e52e5ba6a5a510a368d307adb704f74cf8694450e882de26aec3
c7f811b4f9d721c111efd871b6cc731ab934b090d0fda2ed3cbc04b3e5476c58
c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cfd52c0202d3aa458abd7018d0da13971b9b27eccbdfd79d1a13ec33176634b9
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d3b09afe8c0db190d5eb3832205256634384c8149f2458f8cb6af9384c0a6bc0
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d605bd2ec6ee95ecf8d2966ef89588ff8894e4d9c88ae95c82a59d71ab753d40
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9e96ee41cc291ec92aa96991e655bbe3d13e59c027288d38ad550106c9e1f54
db72bfc2feb950f0a2001228eabe132f3ffb213283453b1d374e3cd641d68c4a
db82c768d75f71150536cf33ae28fb009845de7f34099c7de67d5eee900ec1bc
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df08ecea3c17448cf735e62672f7a8dc5e66cc411e620dbd2e609e730d485b48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e9c251d0f2216133d2268e3dad5ccac1339740d4460044c0a2fc5ec8f0681829
ea35eced2b8dd47393638ac0444d375d3b65dd504ed08112faa677dd09911681
ea47b34c50423f562f48cc0de9b50054362a8d431a81a075f5fa2d333a5e1100
ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea5d7947ee984bd3ae751fed947624b8bec44ca2e3b4fd6f86e800e97fd8671
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f4ebdbcc24b6bf528415788a061b94d0a0044660d11c920ad1f6cca1cc57cc90
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6085a6eaf2e13f9041dc7aa8e609f8cad8d29ef52a8f660ec24ae2a02cab744
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ffe72da830df829bce216164b9feb9f2a6b2f5273dbcbe64f27d00cab07e598c

trfnews.i234.me Open in urlscan Pro 184.99.187.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

174 Requests

94 %HTTPS

60 %IPv6

35 Domains

48 Subdomains

40 IPs

7 Countries

3421 kBTransfer

9321 kBSize

22 Cookies

7 Outgoing links

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

trfnews.i234.me Open in urlscan Pro
184.99.187.226 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

94 %
HTTPS

60 %
IPv6

35
Domains

48
Subdomains

40
IPs

7
Countries

3421 kB
Transfer

9321 kB
Size

22
Cookies

174 HTTP transactions
9 data transactions