www.wpgxfox28.com Open in urlscan Pro
2606:4700:4400::ac40:9409 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wpgxfox28.com/
Submission: On October 26 via api (October 26th 2022, 12:57:36 am UTC) from SG — Scanned from DE

Summary HTTP 255 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 24 domains to perform 255 HTTP transactions. The main IP is 2606:4700:4400::ac40:9409, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wpgxfox28.com.
TLS certificate: Issued by Cloudflare Inc RSA CA-2 on March 2nd 2022. Valid for: a year.

This is the only time www.wpgxfox28.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:440... 2606:4700:4400::ac40:9409	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:440... 2606:4700:4400::ac40:94e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:440... 2606:4700:4400::6812:2862	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2606:4700:440... 2606:4700:4400::6812:2776	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	52.160.40.218 52.160.40.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:340... 2a02:26f0:3400::1702:d13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
25	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
13	20.60.81.107 20.60.81.107	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
9 12	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
5 11	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5 8	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
48	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:6::17d5:a191	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
1 2	3.122.30.254 3.122.30.254	16509 (AMAZON-02) (AMAZON-02)
255	34

7 2606:4700:4400::ac40:9409 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wpgxfox28.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::ac40:94e4 (United States)

ASN13335 (CLOUDFLARENET, US)

ngw-static.franklyinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::6812:2862 (United States)

ASN13335 (CLOUDFLARENET, US)

ftpcontent.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ftpcontent6.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:4400::6812:2776 (United States)

ASN13335 (CLOUDFLARENET, US)

wpgx.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stacker.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prsubmitpresslifestyle.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cntsyncont.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3400::1702:d13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

citysparkstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.98 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.20 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:6::17d5:a191 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.30.254 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-30-254.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147	747 KB
48	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	445 KB
41	worldnow.com ftpcontent.worldnow.com — Cisco Umbrella Rank: 144531 ftpcontent6.worldnow.com wpgx.images.worldnow.com content.worldnow.com — Cisco Umbrella Rank: 162670 stacker.images.worldnow.com prsubmitpresslifestyle.images.worldnow.com cntsyncont.images.worldnow.com	2 MB
36	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	278 KB
13	windows.net citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 28840	1 MB
11	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	9 KB
11	franklyinc.com ngw-static.franklyinc.com — Cisco Umbrella Rank: 158251	1 MB
8	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	8 KB
7	wpgxfox28.com www.wpgxfox28.com	145 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 363	124 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	213 KB
5	gstatic.com fonts.gstatic.com	106 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 482 tps.doubleverify.com — Cisco Umbrella Rank: 502 tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9427	109 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2668 www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	130 KB
3	cityspark.com cdn.cityspark.com — Cisco Umbrella Rank: 32977 p.cityspark.com — Cisco Umbrella Rank: 22523	29 KB
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 52620	757 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	128 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	6 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720	31 KB
1	azureedge.net csp.azureedge.net — Cisco Umbrella Rank: 29972	61 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	29 KB
255	24

	Domain	Requested by
48	s0.2mdn.net	www.wpgxfox28.com s0.2mdn.net 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
24	pagead2.googlesyndication.com	www.wpgxfox28.com 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com securepubads.g.doubleclick.net
22	tpc.googlesyndication.com	5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.wpgxfox28.com
16	wpgx.images.worldnow.com	www.wpgxfox28.com wpgx.images.worldnow.com
13	citysparkstorage.blob.core.windows.net	www.wpgxfox28.com
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.wpgxfox28.com
11	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
11	ngw-static.franklyinc.com	www.wpgxfox28.com ngw-static.franklyinc.com
10	cntsyncont.images.worldnow.com	www.wpgxfox28.com
8	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
7	www.wpgxfox28.com	www.wpgxfox28.com ngw-static.franklyinc.com
6	googleads4.g.doubleclick.net	www.wpgxfox28.com
6	ftpcontent.worldnow.com	www.wpgxfox28.com content.worldnow.com
5	cdn.ampproject.org	5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
5	googleads.g.doubleclick.net	5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com www.wpgxfox28.com
5	5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	content.worldnow.com 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
3	stacker.images.worldnow.com	www.wpgxfox28.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.wpgxfox28.com
3	content.worldnow.com	wpgx.images.worldnow.com
3	fonts.googleapis.com	ftpcontent.worldnow.com client 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
2	d.adtriba.com	1 redirects 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
2	cdn.doubleverify.com	securepubads.g.doubleclick.net www.wpgxfox28.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	prsubmitpresslifestyle.images.worldnow.com	www.wpgxfox28.com
2	p.cityspark.com	cdn.cityspark.com
2	www.googletagmanager.com	www.wpgxfox28.com
2	cdnjs.cloudflare.com	www.wpgxfox28.com cdn.cityspark.com
2	maxcdn.bootstrapcdn.com	www.wpgxfox28.com
1	tpsc-eu3.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	csp.azureedge.net	cdn.cityspark.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	imasdk.googleapis.com	content.worldnow.com
1	cdn.cityspark.com	www.wpgxfox28.com
1	code.jquery.com	www.wpgxfox28.com
1	ftpcontent6.worldnow.com	www.wpgxfox28.com
255	42

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
wpgxfox28.com
portal.cityspark.com
www.grittv.com
publicfiles.fcc.gov
www.aboutads.info
www.franklymedia.com

Subject Issuer	Validity	Valid
www.wpgxfox28.com Cloudflare Inc RSA CA-2	`2022-03-02` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
images.worldnow.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.cityspark.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-08` - `2023-03-11`	a year	crt.sh
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 01	`2022-08-18` - `2023-08-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.wpgxfox28.com/
Frame ID: 44C02B1A37DC78C7606C6ADF148BFDAF
Requests: 114 HTTP requests in this frame

Frame: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AE3E7A5EA5286D98E63C1466A3E16ED0
Requests: 1 HTTP requests in this frame

Frame: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B8BA123E056A798FFCBF18842C4BFC3B
Requests: 13 HTTP requests in this frame

Frame: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C841BB435BE676C847A7E2898563B334
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjdy4-_ATAB&v=APEucNU0x9JTsZxuWRD7EiAfpTv-B_vGGLpEDpxum5gOxq3CTUM-KFYeh1jj-NGoT5LxD2RmCxlaTcdDXRQ9aLkJs5kOMkCY8OWEsjK5V6chpwYCqbsineg0LoHwg_LSFkCCoop7lWJN0YQ4JQdbH52RywsRZT8pyDP1AZmdAcoqe6LFY5ERGxg
Frame ID: AA1EF24C5412FB82C92C4D1FE952BCA1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNUE6uAfzOkZvfj4CPxLR64ktZ0ildx4paux5bE9N6RGm3UAgI1QTS6oVJmXhmqbOwYIdiTYl6OtAW1rWOquBrYGzXrAHix3lhmDS0KlWsw1JIG0zsgyd8TjQVG-_3X_GP_ceiTEQESoZSob4OcY0CCvTV__BwyIllks1zhE8H8wqH9fNeI
Frame ID: C553FB0AB451AB74FA34D0353C7C6FF6
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSRWcmfOIaw-5Cllvymrhbo5AzGZJK7p8UCSvI4YQ0KLiPVda7VVk4iHkiqlNuod5DHo5PK6radU8837Fo6ZDkXMl13nlsu9cLgZnOVrioiDtuYzlf7FmdiYu6Poj974CvcCO9MlxmcvBNcvtXSDbk65MGyufLGaeEZa5fxdMn7REPPvVxU_ID6pVXeElv3PHI4rM7H-7bpUOb6vvcWZvesuzPZYtV2W3WJHygvmKFYjfJdvV-1mC9eDgZPldyWFB36gHi6shMwuOUd_YC8o37ofMMEp1aV_CsrWH9iq0kKAHxMo3l9AkRbiyMNAfwqtmqw-BQUNpha4pqfBszt9wuruRdo3Iuoc6A2F8elNAjo0WV&sai=AMfl-YTTABZmzTK9gNml8XuWZtGUe1_IQEDY4q9IV0YYMEzpLK6asD3ulkr5GAUgt-6Is8wr_cLMzFDvK5Od2-6AAViPM2q1XqdMuWQFlw7FDhp7CXeOSIQgDJ7sc5OUZPmqVKaZHw&sig=Cg0ArKJSzOsIsZFYbLnMEAE&uach_m=[UACH]&adurl=
Frame ID: 5BE7F29CA1B70FB5E3B5E6E0060600B0
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2784116164253232531/index.html?e=69&leftOffset=0&topOffset=0&c=zWdyilyflp&t=1&renderingType=2&ev=01_247
Frame ID: BD64ED96853220CBDE3AA8DDF379572E
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
Frame ID: 4936DF8A57F268DE24C24EEE00BB00D9
Requests: 13 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: 86227F9F270A0F5BCF24D905B8B1E242
Requests: 3 HTTP requests in this frame

Frame: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FE78637E263A5B98F597C1A7F8139A3A
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4B3DE7B5FD5AB41AC1097EEA0BF8F157
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 289B092B95C66E920A5900912DEB4F2E
Requests: 3 HTTP requests in this frame

Frame: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A666026087CD464D1988E0D3D7785676
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjjhpmxATAB&v=APEucNXrPV4GIyedPvz_j-GywNNC24BNiZeU5qgJXAEGc4UejYgs7JGJdttXC5cccGa-CIfVlLbS_fiwcO9VSzcs8DS0QLj4RQq3VwWzxZG_ED1WDljX7CjR8X8XqXE8YxVSgp2vjYxN2SCS3IPhRcniOFjy2HI4P0knh_pH1nrzSZOlJ6mh0DY
Frame ID: E93510CA67214D14D204207E3C0EC913
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js
Frame ID: A0955C6329A595FB53BD14F7DD0E4621
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
Frame ID: 8FEB538EF75AAEBC769BB236EDB57748
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 28904BA620459667EDE94D2FF0BFE42D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ABF80F9B2DA3552794417554856B9B80
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1713EFC0BD440080734159C097C00A85
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - WPGX-Fox28 - WPGX - Fox28Arrow LeftArrow Right

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

255
Requests

95 %
HTTPS

76 %
IPv6

24
Domains

42
Subdomains

34
IPs

5
Countries

7140 kB
Transfer

17106 kB
Size

17
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/FOX28WPGX/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/explore/locations/140037995/fox28-wpgx/

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/THE-PANTERA-EXPERIENCE-A-TRIBUTE-TO-PANTERA/10819290/2022-10-28T20
Title: Fri, Oct 28 @8:00pm SponsoredThe Pantera Experience - A Tribute to PanteraClub LA Destin, FL48.7 mi

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/THE-VELCRO-PYGMIES/10822328/2022-11-10T20
Title: Thu, Nov 10 @8:00pm SponsoredThe Velcro PygmiesClub LA Destin, FL48.7 mi

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/NIGHTRAIN-THE-GUNS-N-ROSES-EXPERIENCE/10829564/2022-11-11T20
Title: Fri, Nov 11 @8:00pm SponsoredNIGHTRAIN - The Guns N' Roses ExperienceClub LA Destin, FL48.7 mi

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/KIDS-CRAFT-TOUR/10653040/2022-10-25T18
Title: Tue, Oct 25 @6:00pmKids Craft TourOakland Terrace Park Playground

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/NORTH-BAY-FOOD-PARTY/10794436/2022-10-25T17
Title: Tue, Oct 25 @5:30pmNorth Bay Food PartyGulf Coast State College

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/WEEKLY-501-DART-TOURNAMENT/9765993/2022-10-26T19
Title: Wed, Oct 26 @7:00pmWeekly 501 Dart TournamentLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/EARLY-EDUCATION-CARE-PARENTS-SOCIAL-PROGRAM/10653042/2022-10-26T09
Title: Wed, Oct 26 @9:00amEarly Education & Care Parent's Social ProgramOakland Terrace Clubhouse

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/ASYLUM-POSTERS-BY-ERIN-WRIGHT/10914059/2022-10-26T10
Title: Wed, Oct 26 @10:00amAsylum - Posters by Erin WrightGulf Coast State College

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/ST-ANDREW-HISTORIC-WALKING-TOURS/11001987/2022-10-26T14
Title: Wed, Oct 26 @2:30pmST. ANDREW HISTORIC WALKING TOURSPANAMA CITY PUBLISHING MUSEUM

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/TROY-UNIVERSITY-VIRTUAL-WORLDWIDE-OPEN-HOUSE/11002233/2022-10-26T00
Title: Wed, Oct 26 @12:00amTroy University Virtual Worldwide Open HouseTroy University

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SUDDUTH-PARK-RIBBON-CUTTING-CEREMONY/11037893/2022-10-26T09
Title: Wed, Oct 26 @9:00amSudduth Park Ribbon Cutting CeremonySudduth Ball Field

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/PAINT-NIGHT-850-AT-SMASHED-WINE-BAR/11048228/2022-10-26T18
Title: Wed, Oct 26 @6:00pmPaint Night 850 at Smashed Wine BarSmashed Wine Bar

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/FREE-CLASS-LINE-DANCING/10954835/2022-10-27T18
Title: Thu, Oct 27 @6:30pmFree Class: Line DancingDaffin Clubhouse

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SENIOR-SIP-PAINT/11037901/2022-10-27T10
Title: Thu, Oct 27 @10:00amSenior Sip & PaintOakland Terrace Clubhouse

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SEXUAL-ASSAULT-AWARENESS/10794434/2022-10-27T12
Title: Thu, Oct 27 @12:30pmSexual Assault AwarenessGulf Coast State College

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/KARAOKE-WITH-DJ-NATALIE/10373268/2022-10-28T21
Title: Fri, Oct 28 @9:00pmKaraoke with DJ NatalieLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/HOUSE-OF-TERROR-3-HALLOWEEN-HAUNT-NIGHT/10908375/2022-10-28T00
Title: Fri, Oct 28 House of Terror 3 - Halloween Haunt NightPanama City Beach, FL

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/FAMILY-MOVIE-NIGHT/10743106/2022-10-28T19
Title: Fri, Oct 28 @7:00pmFamily Movie NightMcKenzie Park

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/TODD-HERENDEEN-TRIBUTE-TO-THE-LEGENDS-SHOW/10214922/2022-10-29T17
Title: Sat, Oct 29 @5:30pmTodd Herendeen Tribute to the Legends ShowTodd Herendeen Theatre

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/STICKY-TEA/10032512/2022-10-29T18
Title: Sat, Oct 29 @6:00pmSticky TeaPapa Joes

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/SUNDAY-POOL-TOURNAMENT/10203554/2022-10-30T16
Title: Sun, Oct 30 @4:00pmSunday Pool TournamentLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/THAI-TASTE-FOOD-TRUCK/10528767/2022-10-30T13
Title: Sun, Oct 30 @1:00pmThai taste food truckLookout Lounge & Package

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/#!/details/GUIDED-NATURE-HIKE/10700248/2022-11-03T10
Title: Thu, Nov 03 @10:00amGuided Nature HikeCamp Helen State Park

Search URL Search Domain Scan URL

URL: https://wpgxfox28.com/Calendar/
Title: See All Events

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/wpgx
Title: Add Your Event

Search URL Search Domain Scan URL

URL: https://www.grittv.com/

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/f4b156ea-c928-f9a6-ba22-df643d46b5e0/f87646e8-978d-4c35-86b4-bd31e4ee10ca.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WPGX
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.franklymedia.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXc3Bp4pnxXK1MVPCG_yWc&google_cver=1

Request Chain 118

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iF.YQybYAN1Vcka0gFQwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHm8HFHhOQjZNuPMvTaW5NE&google_cver=1

Request Chain 120

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXc3Bp4pnxXK1MVPCG_yWc&google_cver=1

Request Chain 122

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iF.YQybYAN1Vcka0gFQwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHm8HFHhOQjZNuPMvTaW5NE&google_cver=1

Request Chain 124

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1

Request Chain 184

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_m_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1

Request Chain 204

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iF.YQybYAN1Vcka0gFQwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBgTRcYISJ6mD8hq11n5_jg&google_cver=1

Request Chain 206

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1

255 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.wpgxfox28.com/ 1 MB
135 KB 296ms
165ms Document
text/html 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce3258fae4dee842bd067d34dc9a7b166e5451fb21139b3920fc0df351350c5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=120
cf-cache-status: HIT
cf-ray: 75ff3ce66a5d9c10-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 00:57:26 GMT
expires: Wed, 26 Oct 2022 00:59:26 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-response-time: 338ms
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 131ms
46ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 10962124
cdn-cachedat: 02/17/2022 20:27:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f624089c65f12185e79925bc5a7fc42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 441a5c346e6138207e493340368ec0b9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75ff3ce82f1f92b7-FRA
cdn-requestpullsuccess: True

GET
H2 200 app-880153a8c78c9ac87b50.css
ngw-static.franklyinc.com/assets/10763/ 306 KB
49 KB 169ms
54ms Stylesheet
text/css 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 572A5GENXQFR4J4N
age: 2316
etag: W/"e58a5be0290fe66e326bf427d75c83fe"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff3ce858af9219-FRA
x-amz-id-2: HrhZdW0xvFnyvhu6q1GyiCPuk15P5ZaNDq8XVFTmM5YyZMvd9hmgt3UAim6/2tkvz8w3xVwI/hw=
expires: Thu, 26 Oct 2023 00:57:27 GMT

GET
H2 200 custom-global-breaking-template.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 6 KB
2 KB 162ms
47ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/custom-global-breaking-template.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 13:40:44 GMT
server: cloudflare
x-amz-request-id: 4PRKD2KRDC45M7R2
age: 44
etag: W/"4b357b45b8d5b6f57aefc58b78723684"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff3ce85e44913c-FRA
x-amz-id-2: XUxX7mfJIzaym+hW1DIFoiBqQ3n7kWIDW6t7YSN68jbrfYWyVpcTKACPoX2snBUwUkmvfEJD+lk=
expires: Wed, 26 Oct 2022 01:02:27 GMT

GET
H2 200 logo.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 3 KB
1 KB 263ms
149ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 19:27:28 GMT
server: cloudflare
x-amz-request-id: 6CG8YAW8Z3RGTRPH
etag: W/"498e7c8c50bbb38d5b281f7ad6edd08c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff3ce85e45913c-FRA
x-amz-id-2: ne+NamAKtiWfPNjsf0ocBPAhr0crVTmvlJ/yA8d4qa1JWj7hUglTr0SrxCUf1v3gy85KNZxpOHY=
expires: Wed, 26 Oct 2022 01:02:27 GMT

GET
H2 403 Derrick.css
ftpcontent6.worldnow.com/wrde/ 0
0 148ms
45ms Stylesheet
text/html 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 wrde_ngw.css
ftpcontent.worldnow.com/professionalservices/clients/wrde/ 5 KB
2 KB 166ms
52ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/clients/wrde/wrde_ngw.css
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Jul 2020 14:00:46 GMT
server: cloudflare
x-amz-request-id: 20GX1W25DSAXWHVW
age: 44
etag: W/"8d5d25c637f71dec04c5a416682b6a1a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff3ce85e47913c-FRA
x-amz-id-2: TMe3azvAi0miq/k9lWxz3bydyMFHsmlQQNz3HOXpMVUAwMUE6pfy3n4yoY3fPCA/QA/MUj0qdTg=
expires: Wed, 26 Oct 2022 01:02:27 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 133ms
39ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e55"
vary: Accept-Encoding
x-hw: 1666745847.dop204.fr8.t,1666745847.cds273.fr8.hn,1666745847.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 127ms
43ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 23642112
cdn-cachedat: 2021-06-02 08:01:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8ff74073ea4785eb8286bc82811c608d
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 75ff3ce82f2092b7-FRA
cdn-requestpullsuccess: True

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/ 13 KB
5 KB 120ms
42ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/iframeResizer.contentWindow.min.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 5374496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4430
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-349a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ff3cea98779966-FRA
expires: Mon, 16 Oct 2023 00:57:27 GMT

GET
H2 200 WNVideo.js Show response
wpgx.images.worldnow.com/interface/js/ 2 KB
1 KB 163ms
57ms Script
application/javascript 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 607fb035cd784740222458bcb31a47cdc7a2031cd8029d7c827d34ca92cc45c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Jan 2020 11:52:00 GMT
server: cloudflare
age: 7002
x-amz-request-id: WRM32EQHN9TJGQ7M
etag: W/"de080488d59236a814a1bdb6ac4fa03e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ff3ce84f5c927a-FRA
x-amz-id-2: EvIPVz3OM+4XPtk0e30xA47g+WshAmQakM1X4A9kGMC4d6p5Px4RGnHt0864aVZvQpX1j/uTqn8=
expires: Wed, 26 Oct 2022 04:57:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 148ms
57ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L9W7PFFC9X

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efa15e6d834cf5624f598a7d729c9ab85c36795ae2da297ce3f17db150ac9e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76690
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Oct 2022 00:57:27 GMT

GET
H2 200 19479465_G.png
wpgx.images.worldnow.com/images/ 302 B
738 B 151ms
151ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479465_G.png

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 302
cf-resized: internal=ok/h q=0 n=6 c=1 v=2022.9.7 l=302
last-modified: Tue, 09 Jun 2020 17:04:02 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfudRiID9HZPpqAadNHuqGmA:914cc4da7fcd377c33ea25b5d22256d5"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3ced7c0d927a-FRA

GET
H2 200 19479460_G.jpeg
wpgx.images.worldnow.com/images/ 11 KB
11 KB 159ms
159ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479460_G.jpeg

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e49738dac457f1c0b1b906c96da239b5b2361e4318a31b401487ac1dd89077

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 11269
cf-resized: internal=ok/h q=0 n=6 c=0+19 v=2022.10.3 l=11269
last-modified: Tue, 09 Jun 2020 17:58:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf7tgFhPuSNiUXYpyHvrpWpw:e94adaf046579cda47b24541deb31cbe"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cee2ca4927a-FRA

GET
H2 200 19479467_G.png
wpgx.images.worldnow.com/images/ 6 KB
6 KB 161ms
159ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479467_G.png

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7584acdcb0fd7e3be17c0558206be07649635809195eb398eb82d656521deb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5742
cf-resized: internal=ok/h q=0 n=15 c=0+8 v=2022.10.3 l=5742
last-modified: Tue, 09 Jun 2020 17:12:34 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfWVhWyVmVBPe5A455fSQTtQ:ede722c2a1893f8f3917828a7cbcd94a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cee8cfc927a-FRA

GET
H2 200 email-decode.min.js Show response
www.wpgxfox28.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 51ms
50ms Script
application/javascript 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Oct 2022 15:26:52 GMT
server: cloudflare
etag: W/"634ec5bc-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 75ff3ce8cce19c10-FRA
expires: Fri, 28 Oct 2022 00:57:27 GMT

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 159ms
41ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB9) /
Resource Hash: 948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: gzip
content-md5: DgH26NwpVpUJ7mY3mCxUbA==
age: 521186
x-cache: HIT
content-length: 919
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 14:25:32 GMT
server: ECAcc (frc/4CB9)
etag: "0x8D7F2927FD84964+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 89709640-201e-0011-2b18-e462b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14

GET
H2 200 app-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 4 MB
1 MB 58ms
58ms Script
application/javascript 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
x-amz-request-id: NPNVAF57W19CE3VX
age: 2316
etag: W/"44626e575a5558bfc9f91d067b4272e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff3ce9198f9219-FRA
x-amz-id-2: GPmy52xBLNc09P/6QbqKKS2mRr6A2rcouTt7G1KG3JA7JA1+8M/8Nc3Y75GNljI3puO9JxKi+i4=
expires: Thu, 26 Oct 2023 00:57:27 GMT

GET
H2 200 ccpa.js Show response
ftpcontent.worldnow.com/professionalservices/globalcss/ 1 KB
737 B 48ms
48ms Script
application/javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/ccpa.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 18:52:15 GMT
server: cloudflare
x-amz-request-id: 2XMHPSMXS0PP7X9N
age: 11
etag: W/"0ee412381eea4aba59e8a80ef1b33cb2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 75ff3ce94f1e913c-FRA
x-amz-id-2: /cI1fFpx/yFAwa7eZo2eFqdFyTHRopv7GgL5MScxNaol4/DwftTB5KSwyK0anr262GLNv7jVicY=
expires: Wed, 26 Oct 2022 01:02:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 132ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ftpcontent.worldnow.com
URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ftpcontent.worldnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 23:43:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 00:57:27 GMT

GET
H2 200 off-platform.min.css
content.worldnow.com/global/css/_pub/ 89 KB
27 KB 162ms
51ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/css/_pub/off-platform.min.css?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM02
server: cloudflare
age: 42556
etag: "0297a4baad2d81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff3ceade9690ee-FRA
content-length: 27881
expires: Wed, 26 Oct 2022 04:57:27 GMT

GET
H2 200 wpgx.config.js Show response
content.worldnow.com/global/js/_pub/ 12 KB
4 KB 635ms
524ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/wpgx.config.js?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 16:12:54 GMT
wn: IISCOM01
server: cloudflare
age: 42556
etag: W/"0c7fc894caad71:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ff3ceade9890ee-FRA
expires: Wed, 26 Oct 2022 04:57:27 GMT

GET
H2 200 wnaffiliateconfig.js Show response
wpgx.images.worldnow.com/interface/js/ 39 KB
7 KB 56ms
54ms Script
application/x-javascript 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wpgx.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 784cf734171b1a5c9adb298caeeaf3a4f254e6811a9ee3d52489604e4c8e9222

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 14:36:50 GMT
server: cloudflare
age: 7002
x-amz-request-id: R45SHDFPFSE5APQ8
etag: W/"f9ddd498d435ef391a37dc11d1773590"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ff3cea393d927a-FRA
x-amz-id-2: 1gx+PcEOezSpX+vuwi37lbZFjUyMM9lSRb+KqIvzMAaqVLozlZRopa7931JClmGJrUmXXGMZi5c=
expires: Wed, 26 Oct 2022 04:57:27 GMT

GET
H2 200 off-platform.min.js Show response
content.worldnow.com/global/js/_pub/ 2 MB
472 KB 175ms
65ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Requested by: Host: wpgx.images.worldnow.com
URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 00:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM01
server: cloudflare
age: 42556
etag: W/"0297a4baad2d81:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ff3ceade9990ee-FRA
expires: Wed, 26 Oct 2022 04:57:27 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 380 KB
127 KB 54ms
46ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129663
x-xss-protection: 0
expires: Wed, 26 Oct 2022 00:57:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
53 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

640df844e66ad8f2c4d75663b116f8215e878ac03e6be793dac3354126178377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53808
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:11:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 00:57:28 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 2iO5YNY.woff2
ngw-static.franklyinc.com/assets/10763/ 75 KB
76 KB 290ms
211ms Font
font/woff2 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/2iO5YNY.woff2
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 3GXW8ZQ0HCX2HK2S
content-length: 77160
x-amz-id-2: +jVrh9aSLCHmom4KfWNG34zPkvqUfJO6MQpyNb2jId5yBsKNS98v4gk70EuB0w2IMklCfjwYK+M=
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff3cef0d9068ec-FRA
expires: Thu, 26 Oct 2023 00:57:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 135ms
46ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 115956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 124ms
37ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:03:58 GMT
x-content-type-options: nosniff
age: 14010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 21:03:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 130ms
43ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L9W7PFFC9X&gtm=2oeao0&_p=868040230&cid=414358824.1666745848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666745848&sct=1&seg=0&dl=https%3A%2F%2Fwww.wpgxfox28.com%2F&dt=WPGX%20-%20Fox28&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L9W7PFFC9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3A8MZF4.png
ngw-static.franklyinc.com/assets/10763/ 145 B
396 B 158ms
156ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3A8MZF4.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
x-amz-request-id: 8XZ5YTHRWXKNDSE2
etag: "3a5fb08143e931aded1e59fa39c3d8ca"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff3ceecf229219-FRA
content-length: 145
x-amz-id-2: 76fZ+/j8Agn6OrH87i8JpEb9oinv4f+5qr4frKr7Hk4qZnJUscdNuhi76OuAk47bN9z/4Mc1ff8=
expires: Thu, 26 Oct 2023 00:57:28 GMT

GET
H2 200 3sX1XaI.png
ngw-static.franklyinc.com/assets/10763/ 302 B
472 B 159ms
157ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3sX1XaI.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: WG6XQYE6RSV04GDA
etag: "21eed4c20a1e748a1637cf53696520c2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff3ceecf259219-FRA
content-length: 302
x-amz-id-2: Y+oowV0pZeOgXsyu5xjsQMs/ZIk2RHl6k5hr9APX2ByPGt72xZkBQPGgBNFh/o4WBgUZnDTkGmM=
expires: Thu, 26 Oct 2023 00:57:28 GMT

GET
H2 200 4-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 145 B
313 B 166ms
165ms Script
application/javascript 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/4-a708c222c663fd6ca8a3.js
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 2X6WG17SSX6D2GMY
etag: W/"c0729cee8a75fb948963d73ab873a79b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff3cefa8189219-FRA
x-amz-id-2: cv8YcQUVQ4w5EHXKYtIucydRREmd2zr1XZwp9IDhl9kI+WFKiJFdHB/94OVYt6h2yV2SAk1dyb0=
expires: Thu, 26 Oct 2023 00:57:28 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 162ms
46ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b613f403ca62b0729393cfd263745974a7fa73bafbda405040fde013fc328656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27323
x-xss-protection: 0
server: sffe
etag: "1374 / 531 of 1000 / last-modified: 1666735637"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Oct 2022 00:57:28 GMT

GET
H2 200 videojs.ima.1.5.1-3.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 85 KB
17 KB 148ms
148ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/videojs.ima.1.5.1-3.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: 3BQKNHY0FZPGEWC5
etag: W/"8adaa86214cf79d9c87e21aed1384592"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ff3cf03ecd913c-FRA
x-amz-id-2: 2xmw7PNaPH+9A0Twms3LWFkTq24yfvp5jaw9Y8Pv7N4fwJWUY8hP8fQA2jpZsyudPOhjZkmw9QU=
expires: Wed, 26 Oct 2022 01:02:28 GMT

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 47 KB
14 KB 589ms
192ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9921&callback=jsonp1666746047789
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 915da5b2f0f11472fc284d35eac066568eebb34f9694c5b6ea1e9d54dea64ca2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 00:57:27 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
36ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 23:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6930
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 01:01:58 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/routes[0].body[1].cols[1].components[0],/ 56 KB
7 KB 157ms
157ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/routes[0].body[1].cols[1].components[0],/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a39078ccddc328c92e86ea3e06adcaab13d44000cd011045703ca1a90449943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 6585
x-xss-protection: 1; mode=block
x-response-time: 228ms
server: cloudflare
etag: W/"e171-RVtDBXS9c9O0v59wiyt4lLu9zBU"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff3cf20e849c10-FRA
expires: Wed, 26 Oct 2022 01:00:28 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/ 854 B
566 B 160ms
160ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

723a8b16cf027418311ce29c1b50817a2f8b2af0161d50332a730bdd3e1beaf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 463
x-xss-protection: 1; mode=block
x-response-time: 116ms
server: cloudflare
etag: W/"356-XgkYzoG2fSPsPjx8Zh89o2i+hnk"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff3cf21e999c10-FRA
expires: Wed, 26 Oct 2022 01:00:28 GMT

GET
H2 200 19469665_G.jpg
wpgx.images.worldnow.com/images/ 10 KB
10 KB 197ms
193ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19469665_G.jpg?auto=webp&disable=upscale&dpr=2&height=70&fit=bounds

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

180f707c73f1687a2da87466d7497c011fceaec6bca87a884eb9077e1b63465f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 10057
cf-resized: internal=ok/h q=0 n=17 c=2+34 v=2022.10.4 l=10057
last-modified: Fri, 05 Jun 2020 14:05:01 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfQZeLdB42AVWBONlySX7VpQ:ac14a8ca3f744097b2c95d8b4513b4d4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf23840927a-FRA

GET
H2 200 19479410_G.png
wpgx.images.worldnow.com/images/ 452 KB
453 KB 158ms
155ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479410_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

865d512b0631d33b932cc8a563cb738bcddab918ef1d66057bbbab948e7e33fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 463273
cf-resized: internal=ok/h q=0 n=21 c=161 v=2022.5.3 l=463273
last-modified: Tue, 09 Jun 2020 16:42:17 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf2B3sDozGfvrPwxk9ZvyS0w:7abf5cdf363221b3d278ec7ee87b4195"
vary: Accept, Accept-Encoding
warning: cf-images 299 "Format 'auto' ignored"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf23842927a-FRA

GET
H2 200 23544118_G.jpg
stacker.images.worldnow.com/images/ 5 KB
5 KB 198ms
173ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23544118_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666638602000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 4757
cf-resized: internal=ok/h q=0 n=13 c=3+14 v=2022.10.4 l=4757
last-modified: Mon, 24 Oct 2022 23:10:03 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf0cukACYdowFpMf7eFJKr2w:cbdc4aa9bf6c123a6f765b53e3b21bf4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf25865927a-FRA

GET
H2 200 23535717_G.png
stacker.images.worldnow.com/images/ 16 KB
16 KB 197ms
172ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23535717_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666366693000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16557
cf-resized: internal=ok/h q=0 n=70 c=36+48 v=2022.10.4 l=16557
last-modified: Fri, 21 Oct 2022 19:38:14 GMT
cf-bgj: imgq:93,h2pri
server: cloudflare
etag: "cfSrOfD8OJYofZplFf9qNJog:93fa08b38e1552714c8aceab6fb55489"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf25862927a-FRA

GET
H2 200 23521831_G.png
prsubmitpresslifestyle.images.worldnow.com/images/ 5 KB
6 KB 233ms
197ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prsubmitpresslifestyle.images.worldnow.com/images/23521831_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666184022000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a975ed5a70fb131883fd1ec66ed577c5e07b8e2cd14bdc540d4abc7ab879019e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5526
cf-resized: internal=ok/h q=0 n=12 c=11+34 v=2022.10.4 l=5526
last-modified: Wed, 19 Oct 2022 16:53:43 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfon1frnZmrn7l6OAn0CT9bA:168ac186cdf747f0126f0f3cb5ab5c5a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf26874927a-FRA

GET
H2 200 23544648_G.png
cntsyncont.images.worldnow.com/images/ 17 KB
17 KB 196ms
171ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23544648_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666665299000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 17435
cf-resized: internal=ok/h q=0 n=9 c=6+23 v=2022.10.4 l=17435
last-modified: Tue, 25 Oct 2022 06:35:01 GMT
cf-bgj: imgq:95,h2pri
server: cloudflare
etag: "cfmlSA0QMXQQ-5qNtfkg2BPw:c6d3858b98ebb0ee4ac9425ba2679d78"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf25867927a-FRA

GET
H2 200 23536586_G.jpg
cntsyncont.images.worldnow.com/images/ 5 KB
5 KB 197ms
172ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536586_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398869000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5303
cf-resized: internal=ok/h q=0 n=7 c=5+9 v=2022.10.4 l=5303
last-modified: Sat, 22 Oct 2022 04:34:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf2LFFhWyHgJ5snIxwnE3UbA:7ac48e8abecaa038cf18299156ee229f"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf25868927a-FRA

GET
H2 200 23523184_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
6 KB 197ms
172ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23523184_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666222385000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5835
cf-resized: internal=ok/h q=0 n=7 c=9+17 v=2022.10.4 l=5835
last-modified: Thu, 20 Oct 2022 03:33:06 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ9BPHPHgNrAsWnWX4LWOng:b2c2c149e547d11af91a460af1bf2d50"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf25869927a-FRA

GET
H2 200 19479532_G.jpg
wpgx.images.worldnow.com/images/ 10 KB
10 KB 196ms
194ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479532_G.jpg?auto=webp&disable=upscale&width=300

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 10183
cf-resized: internal=ok/h q=0 n=5 c=21 v=2022.9.7 l=10183
last-modified: Tue, 09 Jun 2020 17:31:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cflewqR2tbqOQFqX-MrlzVdA:e9d429ee90f3d05de4962461e425af56"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf23843927a-FRA

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 47 KB
14 KB 469ms
192ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9921&callback=jsonp1666746785174
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: af786559cb35f6df97b4609c621c4a12104b13b7ac348b23ba90ed59fa168f83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 00:57:28 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 can-autoplay.3.0.0-1.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 8 KB
2 KB 149ms
148ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/can-autoplay.3.0.0-1.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: FB0H2PH7309S8JR4
etag: W/"cee92fb89ab4f849569bd1354aeb4618"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ff3cf2391f913c-FRA
x-amz-id-2: B8RpHVnMYWc8iqHCtbEqkYpYcZgBkDfPyfG7UH+4UlUKEVmkU8dk/w2Je5vGn3tsBXtmflG6ZWE=
expires: Wed, 26 Oct 2022 01:02:28 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 116ms
40ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Oct 2022 01:12:11 GMT

GET
H2 200 pubads_impl_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 160ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130516
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Oct 2023 21:04:57 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
718 B 172ms
51ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wpgxfox28.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d276300072ba9ba3c91c2af4c51b1035dd957da6f6545a94eaf713b67996b47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Wed, 26 Oct 2022 00:57:28 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 148ms
49ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-82494642-223&cid=414358824.1666745848&jid=1796425311&gjid=1782571798&_gid=498489575.1666745849&_u=aChAgUAjAAAAAEACM~&z=518640703

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 00:57:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=868040230&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wpgxfox28.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20-%20WPGX-Fox28%20-%20WPGX%20-%20Fox28&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUAjAAAAAAACM~&jid=1796425311&gjid=1782571798&cid=414358824.1666745848&tid=UA-82494642-223&_gid=498489575.1666745849&gtm=2wgao0WV2QLD&cg1=Homepage&cg2=null&cg3=null&cg4=wpgx&cd1=Lockwood%20Broadcast%20Group&cd2=GTM-WV2QLD&cd3=59&cd4=&cd5=&cd7=1666745848353&cd8=1666745848353.lc7qojw&cd9=0&cd10=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&cd11=1417&cd12=wpgx&cd13=150&cd22=Homepage&cd32=ResponsiveWeb&z=570680787

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 01:26:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84663
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 29_partlycloudy_night.png
ngw-static.franklyinc.com/assets/static/ 2 KB
2 KB 50ms
49ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/static/29_partlycloudy_night.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b83e17e6448f888d6fa1c118494b0d85b60e7072f64a340c46a2bb4d9ca8e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
cf-cache-status: HIT
x-amz-request-id: B945APMQE56SJMMS
age: 1266
content-length: 1965
x-amz-id-2: SLg9hOZA7SUcwb11AU7IUwj5LO2IQLvawYNeobE8zr3fmKdejWlq+v1fGUlL0PC5sLF+puSIkqI=
last-modified: Tue, 03 Mar 2020 16:10:24 GMT
server: cloudflare
etag: "60f42bc1d3ce24349624b79db059a7e3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf31bb99219-FRA
expires: Wed, 26 Oct 2022 04:57:28 GMT

GET
H2 200 1HxTVSN.png
ngw-static.franklyinc.com/assets/10763/ 262 B
452 B 150ms
149ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/1HxTVSN.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:06 GMT
server: cloudflare
x-amz-request-id: 5H3C42FJ7B67KJ6S
etag: "b3275baf43d3a9e28ba8e1856b5b342e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff3cf31bbd9219-FRA
content-length: 262
x-amz-id-2: RAu3cGvazSuqPlERVlGJsvxzzGQXHsGCEyRrSn0nvvqjle0mhNzILekE+LFodM2ETRLVdptTkkw=
expires: Thu, 26 Oct 2023 00:57:28 GMT

GET
H2 200 qX7G0Ix.png
ngw-static.franklyinc.com/assets/10763/ 267 B
489 B 158ms
157ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/qX7G0Ix.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
x-amz-request-id: 5H3F5YE4ZMKDFYJX
etag: "7c93283255679646ceb48b0a09e528ce"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff3cf31bbe9219-FRA
content-length: 267
x-amz-id-2: EizK6kXcnV0q4QzB8LAh2R/VU+zlvtWe2LMX3A/bnJ3jwHMopQJFz6g42NqrGGwDD8zA8VNSpiY=
expires: Thu, 26 Oct 2023 00:57:28 GMT

GET
H2 200 ENmisP2.png
ngw-static.franklyinc.com/assets/10763/ 262 B
432 B 149ms
148ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/ENmisP2.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 5H37Y6HM7RTNJQ11
etag: "2181a1a027aad6f2c0a77442ffe37662"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff3cf31bc09219-FRA
content-length: 262
x-amz-id-2: 3FJXyJR8yD7pZPTsXLUaQRtkdCC+zDGM0DENzIjne3CcFn2EJDGR1zRF+Eoyht3iSP8UJDuuhY8=
expires: Thu, 26 Oct 2023 00:57:28 GMT

GET
H2 200 2LRxrU9.png
ngw-static.franklyinc.com/assets/10763/ 267 B
461 B 147ms
146ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/2LRxrU9.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:07 GMT
server: cloudflare
x-amz-request-id: 5H3DKST0ZEGFDZ49
etag: "3539134c74c2fa207b851387b14bf8db"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff3cf31bc29219-FRA
content-length: 267
x-amz-id-2: ERELp7EeGCnntwEtGGe7GE2l8WDnn9pxoVa44Ayy38vEKBRZQMVznJkspUHYeHceVAPhZDl3PyQ=
expires: Thu, 26 Oct 2023 00:57:28 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 854 B
531 B 165ms
163ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32401

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

723a8b16cf027418311ce29c1b50817a2f8b2af0161d50332a730bdd3e1beaf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 463
x-xss-protection: 1; mode=block
x-response-time: 37ms
server: cloudflare
etag: W/"356-XgkYzoG2fSPsPjx8Zh89o2i+hnk"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff3cf32fbd9c10-FRA
expires: Wed, 26 Oct 2022 01:00:28 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 852 B
567 B 170ms
170ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32403

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60d9b093cca92a3d624ae2021e387e44dd9115cf551cf6734c73c5f8e14610e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 464
x-xss-protection: 1; mode=block
x-response-time: 568ms
server: cloudflare
etag: W/"354-7DWgdwD0aO3PMWr2nuyWk2K1VpI"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff3cf32fbf9c10-FRA
expires: Wed, 26 Oct 2022 01:00:28 GMT

GET
H2 200 one.js Show response
csp.azureedge.net/cdn/OneCol/ 138 KB
61 KB 157ms
40ms Script
application/javascript 2a02:26f0:3400::1702:d13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400::1702:d13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 22:43:11 GMT
server: Microsoft-IIS/10.0
etag: "1d8a39c948c0162"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 61870

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 162ms
72ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&pvsid=4346593077601805&vrg=2022102001&nw_id=43459271%5C%2C22675522417&nslots=6&eid=31068458%2C31061690&pub_url=https%3A%2F%2Fwww.wpgxfox28.com%2F&fc=0&tcfv1=0&tcfv2=0&usp=0&ptt=17

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 129ms
46ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 133ms
48ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 753 B
435 B 374ms
297ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346593077601805&correlator=967581820577293&eid=31068458%2C31061690&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Cweather&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=88x30&ifi=1&adks=3685865167&sfv=1-0-38&prev_scp=wnsz%3D124&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666745848983&lmt=1666745848&dlt=1666745846935&idt=2012&adxs=1382&adys=44&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=88x0&msz=88x0&fws=512&ohw=0&ga_vid=414358824.1666745848&ga_sid=1666745849&ga_hid=868040230&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5da9f07549e9bfd18d14ef0c39293ce33d86633988f80f26b17ccf4fa5ed0155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 405
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 647ms
570ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346593077601805&correlator=967581820577293&eid=31068458%2C31061690&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90&ifi=2&adks=3379187505&sfv=1-0-38&prev_scp=wnsz%3D41&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666745848989&lmt=1666745848&dlt=1666745846935&idt=2012&adxs=84&adys=175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=1432x0&msz=1432x0&fws=0&ohw=0&ga_vid=414358824.1666745848&ga_sid=1666745849&ga_hid=868040230&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bd5f7a7059a3f3d3d0cfd6a985f72ffac27e909a58a5e892f3d5074375b1b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8206
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 90 KB
37 KB 1531ms
1454ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346593077601805&correlator=967581820577293&eid=31068458%2C31061690&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=3&adks=3909097108&sfv=1-0-38&prev_scp=wnsz%3D246&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666745848991&lmt=1666745848&dlt=1666745846935&idt=2012&adxs=84&adys=876&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=1072x20&msz=1072x0&fws=0&ohw=0&ga_vid=414358824.1666745848&ga_sid=1666745849&ga_hid=868040230&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5577a35df0b0c1e8cd1de5d1eeec282274de93d00885381ad7220215a9b9015e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37451
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 1359ms
1282ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346593077601805&correlator=967581820577293&eid=31068458%2C31061690&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=4&adks=1302924173&sfv=1-0-38&prev_scp=wnsz%3D43&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666745848995&lmt=1666745848&dlt=1666745846935&idt=2012&adxs=1164&adys=1007&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=352x0&msz=352x0&fws=0&ohw=0&ga_vid=414358824.1666745848&ga_sid=1666745849&ga_hid=868040230&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f768e9797e689aea399df681a52a5a9a4538ddcba9b46007b4e5e7c6b6a22f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10649
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
13 KB 978ms
902ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346593077601805&correlator=967581820577293&eid=31068458%2C31061690&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600%7C300x250&ifi=5&adks=578825613&sfv=1-0-38&prev_scp=wnsz%3D52&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666745848997&lmt=1666745848&dlt=1666745846935&idt=2012&adxs=1164&adys=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=352x0&msz=352x0&fws=0&ohw=0&ga_vid=414358824.1666745848&ga_sid=1666745849&ga_hid=868040230&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d6379f7feb5dbbc12c0e5c31640b6c3ab156cd333fb5dae0163e5deaeb9dc1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13093
x-xss-protection: 0
google-lineitem-id: 6084843041
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400723568
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 640 B
360 B 1707ms
1631ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346593077601805&correlator=967581820577293&eid=31068458%2C31061690&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cloc-desktop%2Cwpgx%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=6&adks=2761786973&sfv=1-0-38&prev_scp=wnsz%3D346&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666745849000&lmt=1666745849&dlt=1666745846935&idt=2012&adxs=84&adys=2176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=1072x0&msz=1072x0&fws=0&ohw=0&ga_vid=414358824.1666745848&ga_sid=1666745849&ga_hid=868040230&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffd2548a51d91757c87731d2e2ac256b9bd31da24f985228af6b8318b36d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE3E 6 KB
4 KB 191ms
45ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 00:57:29 GMT
expires: Thu, 26 Oct 2023 00:57:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 19733943_G.jpg
wpgx.images.worldnow.com/images/ 7 KB
8 KB 169ms
167ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19733943_G.jpg?auto=webp&disable=upscale&width=180

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d99171489f4050fea6a4c2440c9d0337f8ae8b2bedb7116587687621d85d7261

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7429
cf-resized: internal=ok/h q=0 n=8 c=0+7 v=2022.10.4 l=7429
last-modified: Fri, 17 Jul 2020 13:21:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfmYfVqSzcBOhU94WJ1kJq2Q:c686b109d4ccfcc5ff29e506b8c7be00"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf4eb04927a-FRA

GET
H2 200 23538527_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 223ms
221ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23538527_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666492378000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7925
cf-resized: internal=ok/r q=0 n=49 c=4+16 v=2022.10.4 l=7925
last-modified: Sun, 23 Oct 2022 06:32:59 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ_UGDutcYHj9sD2OctrBFQ:3735f9c74f0aa70c7cc6eecd73299060"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf4eb09927a-FRA

GET
H2 200 23536579_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 161ms
159ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536579_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398803000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8261
cf-resized: internal=ok/h q=0 n=7 c=17+16 v=2022.10.4 l=8261
last-modified: Sat, 22 Oct 2022 04:33:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf1ABno7LG6Qr_JeP26kPOFw:7a1752c7bd1d57fe09ae93db6b958529"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf4eb0b927a-FRA

GET
H2 200 23522285_G.png
stacker.images.worldnow.com/images/ 16 KB
17 KB 154ms
153ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23522285_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666195627000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16690
cf-resized: internal=ok/h q=0 n=27 c=7+42 v=2022.10.4 l=16690
last-modified: Wed, 19 Oct 2022 20:07:09 GMT
cf-bgj: imgq:92,h2pri
server: cloudflare
etag: "cfqnnKfSXPbaZ3ZNp7zJULGA:10c7a9722e59986b3c276aaf52070a55"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf4eb0c927a-FRA

GET
H2 200 23538179_G.png
prsubmitpresslifestyle.images.worldnow.com/images/ 3 KB
3 KB 147ms
146ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prsubmitpresslifestyle.images.worldnow.com/images/23538179_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666483844000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbbfef54b7356d5976be2578760874b170b4fcbed606288da533c60e173e2e2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2982
cf-resized: internal=ok/h q=0 n=5 c=0+5 v=2022.10.4 l=2982
last-modified: Sun, 23 Oct 2022 04:10:45 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf4R9LQ5AS8QKZciMw8KCd5g:debdd5a5a82a34479fa2e0bc61fa293a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf4eb0d927a-FRA

GET
H2 200 23542395_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
7 KB 150ms
149ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23542395_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666607710000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6643
cf-resized: internal=ok/h q=0 n=14 c=8+33 v=2022.10.4 l=6643
last-modified: Mon, 24 Oct 2022 14:35:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfEknHVv2yFvHvZ81xMXuaHg:81c46f16217054073f3a98e771975693"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf4eb0e927a-FRA

GET
H2 200 23499493_G.jpg
cntsyncont.images.worldnow.com/images/ 9 KB
9 KB 161ms
160ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23499493_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665797531000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9362
cf-resized: internal=ok/h q=1 n=12 c=8+14 v=2022.10.4 l=9362
last-modified: Sat, 15 Oct 2022 05:32:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfprW84uaruG_N6C6EyJ11_A:cdaf8cf9639796b81112c0342c38b503"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf4eb0f927a-FRA

GET
H2 200 23498073_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 148ms
147ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23498073_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665747135000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7340
cf-resized: internal=ok/h q=0 n=32 c=17+22 v=2022.10.4 l=7340
last-modified: Fri, 14 Oct 2022 15:32:17 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfSoNXPw48_6-id_E4wAAVAg:1e1f8085f5e6f7827db91f1eaa0453f2"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf4eb10927a-FRA

GET
H2 200 23485935_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 166ms
165ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23485935_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665624698000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8024
cf-resized: internal=ok/r q=0 n=17 c=19+22 v=2022.10.3 l=8024
last-modified: Thu, 13 Oct 2022 05:31:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfkJbhmwlGYa8rFfywoAQS3A:d4a1bf597d0d1fc965c42753151f335c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf52b5b927a-FRA

GET
H3 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 2 KB
938 B 85ms
45ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 3129305
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ff3cf56a869a17-FRA
expires: Mon, 16 Oct 2023 00:57:29 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 124ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 23:39:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 00:57:29 GMT

GET
H/1.1 200
OK CKs1Ze673kaCA84Zzv-_WA.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 209 KB
210 KB 787ms
190ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/CKs1Ze673kaCA84Zzv-_WA.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 57a62640952523260df08a98c8d7f794e2e9cb17d6d81f4a10cf3958237b628e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:29 GMT
Last-Modified: Fri, 02 Sep 2022 07:12:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: i8csDHyRslEC5Umo4ZED7Q==
ETag: 0x8DA8CB27070DBC5
Content-Type: application/octet-stream
x-ms-request-id: 34f29118-f01e-0062-69d5-e8ff96000000
x-ms-version: 2009-09-19
Content-Length: 214406

GET
H/1.1 200
OK _YfKGuHIKkiwkdb2sw6AqQ.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 305 KB
306 KB 862ms
261ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/_YfKGuHIKkiwkdb2sw6AqQ.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a0bdc9652a3f823098b617c27d451d7ac0653b09fe03b6da9fbf893594a9d0e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:29 GMT
Last-Modified: Sat, 03 Sep 2022 02:52:06 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: OXqqPy+3v2pj+PZcP51rkg==
ETag: 0x8DA8D5749F2E2C7
Content-Type: application/octet-stream
x-ms-request-id: e64941cc-e01e-0051-45d5-e8a03d000000
x-ms-version: 2009-09-19
Content-Length: 312751

GET
H/1.1 200
OK Hotn_cDH4E22YaA4Rj5Yfw.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 312 KB
312 KB 784ms
200ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/Hotn_cDH4E22YaA4Rj5Yfw.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9269e1d00da11f333cedf8d2a21a22c6475e377ae0bb2f03d99b94a2e1cded2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:29 GMT
Last-Modified: Mon, 05 Sep 2022 22:27:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: uMduQJ8tYHVhkT9z6oo62A==
ETag: 0x8DA8F8DD6BA05C5
Content-Type: application/octet-stream
x-ms-request-id: 926a02da-901e-0080-1fd5-e8c2b7000000
x-ms-version: 2009-09-19
Content-Length: 319428

GET
H/1.1 200
OK 1efa76c5-14c5-401b-95ee-47289b0c66b6.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 26 KB
27 KB 774ms
189ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1efa76c5-14c5-401b-95ee-47289b0c66b6.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: aa07d80aec8be3bb2ab5e5872b20e5cb3d480c890e05546c57d2d48042977d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:29 GMT
Last-Modified: Tue, 09 Dec 2014 04:15:39 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: atyYYxf/sQyR2QVl65rvUg==
ETag: 0x8D1E17DEC7DC56F
Content-Type: image/png
x-ms-request-id: aa585e04-601e-003d-80d5-e84baa000000
x-ms-version: 2009-09-19
Content-Length: 27011

GET
H/1.1 200
OK ef6bb37e-4ae8-4cf5-a1c6-0c22f722a472.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 30 KB
31 KB 790ms
195ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ef6bb37e-4ae8-4cf5-a1c6-0c22f722a472.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7c31a7b0990af81a279b26ca80b9c39f73e1ade39f7fd9117950b1d558e52e2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:28 GMT
Last-Modified: Fri, 03 Apr 2015 05:38:58 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: rtZXUYNiaxrCEFeBW1DXWw==
ETag: 0x8D23BE79DFFD983
Content-Type: image/png
x-ms-request-id: 2fc4d034-901e-0074-4ed5-e80941000000
x-ms-version: 2009-09-19
Content-Length: 31188

GET
H/1.1 200
OK d184b3a3-2a3e-49fd-af9d-6db083e5f410.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 65 KB
65 KB 791ms
195ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/d184b3a3-2a3e-49fd-af9d-6db083e5f410.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4156f57c3080b420ebef3ed8d5919f91359e998ee9a1aeadce9aa5f3f53a5d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:29 GMT
Last-Modified: Sun, 22 Mar 2015 07:11:54 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ymM9dXB/2ls4uWGdleukDw==
ETag: 0x8D232869C670564
Content-Type: image/png
x-ms-request-id: 573debd6-001e-002b-6ad5-e8bd7d000000
x-ms-version: 2009-09-19
Content-Length: 66309

GET
H/1.1 200
OK 03a52b11-7bc8-4e56-8e11-db9f8b53297a.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 19 KB
19 KB 190ms
190ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/03a52b11-7bc8-4e56-8e11-db9f8b53297a.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c2c16cae7de7a79ac3a5404b76dabb5ba25708562ce7767a6113f08d17c70f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:29 GMT
Last-Modified: Tue, 23 Oct 2018 05:43:35 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: EJR7a59P0jco4ERkSEgdEw==
ETag: 0x8D638AA79B3BF4A
Content-Type: application/octet-stream
x-ms-request-id: aa585e9c-601e-003d-0ad5-e84baa000000
x-ms-version: 2009-09-19
Content-Length: 19350

GET
H/1.1 200
OK bY236gUZxkmixor8zhKIug.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 30 KB
31 KB 194ms
194ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/bY236gUZxkmixor8zhKIug.medium.jpg
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0adda642d06c3b2804a96604c9edef761749138422b773baddb31afbe7ce4d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:29 GMT
Last-Modified: Tue, 11 Oct 2022 19:05:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: kpESG9ebQVObO2u0Y7MUmw==
ETag: 0x8DAABBB95B3E256
Content-Type: application/octet-stream
x-ms-request-id: 2fc4d173-901e-0074-7cd5-e80941000000
x-ms-version: 2009-09-19
Content-Length: 31089

GET
H/1.1 200
OK 1Yja2ooc4UOhjTq7uHSEJw.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 50 KB
51 KB 193ms
193ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1Yja2ooc4UOhjTq7uHSEJw.medium.jpg
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 48918968dd9a4892fb71a9f6fd0d25826f727dd379406cf755174e30cd13d81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:30 GMT
Last-Modified: Sun, 23 Oct 2022 14:34:55 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 88U7r0K6ACnM72rQGiax3g==
ETag: 0x8DAB503C0E94A08
Content-Type: application/octet-stream
x-ms-request-id: aa585ee9-601e-003d-50d5-e84baa000000
x-ms-version: 2009-09-19
Content-Length: 51568

GET
H/1.1 200
OK NA8dTSpbhEOJ1JkszAKXnw.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 44 KB
45 KB 196ms
195ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/NA8dTSpbhEOJ1JkszAKXnw.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d860e91242b6b2dbc46a04b545ddbcc4a53a01d7343dcb9d011bf8853a441a7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:30 GMT
Last-Modified: Thu, 22 Sep 2022 07:21:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: uJsFjNZRq5/pUE4wNsKSfw==
ETag: 0x8DA9C6B12B39EC1
Content-Type: application/octet-stream
x-ms-request-id: 573dee14-001e-002b-7ad5-e8bd7d000000
x-ms-version: 2009-09-19
Content-Length: 45522

GET
H/1.1 200
OK 2pnBOQJvBEe2oB55pRCyRA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 40 KB
41 KB 194ms
193ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/2pnBOQJvBEe2oB55pRCyRA.medium.jpg
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 199e5795b09dda994fd37e7c1c711a4385628fceb25dfbaebc19d0d587e80040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:29 GMT
Last-Modified: Wed, 20 Apr 2022 09:16:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: XhZAjb7ZUf6bKcguKdbK7Q==
ETag: 0x8DA22AE730EED66
Content-Type: application/octet-stream
x-ms-request-id: 2fc4d228-901e-0074-29d5-e80941000000
x-ms-version: 2009-09-19
Content-Length: 41447

GET
H/1.1 200
OK 7567e009-f61f-4e1c-8c34-242486fea66f.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 41 KB
41 KB 241ms
240ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/7567e009-f61f-4e1c-8c34-242486fea66f.medium.png
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 98818d35d4c98fa17afc5b59d080fefa902ea8c8ca10601591eca13b65f6c2d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:30 GMT
Last-Modified: Thu, 06 Sep 2018 10:40:29 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: To0fuhJLweIrSpXMhl/zoQ==
ETag: 0x8D613E52A15A6F8
Content-Type: image/png
x-ms-request-id: 34f29339-f01e-0062-5dd5-e8ff96000000
x-ms-version: 2009-09-19
Content-Length: 41756

GET
H/1.1 200
OK a3723c61-266e-4cf4-9883-4fa777a6455d.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 32 KB
32 KB 190ms
190ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/a3723c61-266e-4cf4-9883-4fa777a6455d.medium.PNG
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6a644bae263fe0b6f0db2237db0dd4341f43b107e3ea4b99d1f0b1f615267cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 00:57:30 GMT
Last-Modified: Sat, 01 Dec 2018 06:53:40 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ZdupdJtvRt7oZncVZtHUYQ==
ETag: 0x8D65759BA579F00
Content-Type: image/png
x-ms-request-id: aa585f34-601e-003d-17d5-e84baa000000
x-ms-version: 2009-09-19
Content-Length: 32468

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 123ms
46ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 123ms
46ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wpgxfox28.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 321ms
321ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346593077601805&correlator=718047392266411&eid=31068458%2C31061690&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22675522417%2Cnat-external%2Ceviesays%2Cfrankly%2Cwpgx&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=7&adks=589688313&sfv=1-0-38&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wpgxfox28.com&sc=1&cookie_enabled=1&abxe=1&dt=1666745849196&lmt=1666745849&dlt=1666745846935&idt=2012&adxs=1190&adys=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wpgxfox28.com%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=414358824.1666745848&ga_sid=1666745849&ga_hid=868040230&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97d7da45c22f28dcd7603dfaadd0fec6a24f7a82c69555f3d1de086593f4c5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wpgxfox28.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 114ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wpgxfox28.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 108425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:50:24 GMT

GET
H2 200 23477333_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 147ms
146ms Image
image/jpeg 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23477333_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665509457000

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6885
cf-resized: internal=ok/h q=0 n=31 c=9+13 v=2022.10.3 l=6885
last-modified: Tue, 11 Oct 2022 21:30:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfsBOyQENXpj7YsNb7nr2T6Q:055cf492e00f3b5a5ef8e21cee83618d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3cf6ccf2927a-FRA

GET
H3 200 container.html Show response
5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B8BA 6 KB
3 KB 113ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 00:57:29 GMT
expires: Thu, 26 Oct 2023 00:57:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C841 6 KB
3 KB 37ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 00:57:29 GMT
expires: Thu, 26 Oct 2023 00:57:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AA1E 624 B
559 B 137ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjdy4-_ATAB&v=APEucNU0x9JTsZxuWRD7EiAfpTv-B_vGGLpEDpxum5gOxq3CTUM-KFYeh1jj-NGoT5LxD2RmCxlaTcdDXRQ9aLkJs5kOMkCY8OWEsjK5V6chpwYCqbsineg0LoHwg_LSFkCCoop7lWJN0YQ4JQdbH52RywsRZT8pyDP1AZmdAcoqe6LFY5ERGxg

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 00:57:29 GMT
expires: Wed, 26 Oct 2022 00:57:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B8BA 80 KB
34 KB 158ms
75ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyAJM5eUkYAwar6UVcYvdX8kI2xndF8L5pKX7mfYjm8bEgtyPWO9cZ8CZdzRT60unjwgwC4iW4xALlmQ1zyRO9l1E__g&cry=1&dbm_d=AKAmf-CX7quYOONjlyrJyyE6CHtwDxxrVnNYf45cN3lf2sFhEQmWxFGe85Slyp9MZC8h32YaY-wVg5oHHea-OOOCDT2oA2PoStcxp-z5rtUiA6Tsin-Rby5jejy-FrzU1Od4SluurcdhBIKOX2lvMUiwto7iUrE3-cdNLbEss0YNxJIrFUT3nFjY5c6h7kLf7Ca5Bik2q4qpiOXGotpch8txEFokLHaf2HlW5DEjkLsaRAk26MyAfgyV_ydaemHul0i8I2VvbrlIBpO0CiS4otdieW2Fl8EpMqAlsC7JyuKXh1AykT0Zck0sCqJwHU1LKHHiL2oyCvmaVKltSazXb7fqLGh0BQzDh1bI3m1nap2ODT3RGO-aqR3cr5NRi515XiO5tComFTS-DzHa9rhlJ-sRS8fGrLl5CnHWWVDNKVe6Cy6J2xHU8nYxVmFiAHFvR2P97ckZZYQYq2n6-anWqxSRp3vfRXeOfxMZaeVn24u6NwwekVxgasqn5z3_EMVm2YgCHEnMQ9F5vmjdihrZL4QKUcyvQfzvyR5yc2k_RSpWqoosMOVljS4UfVxRflSNUG2hyQ3o78cqga5k6zAwJwc9b20GYE90R6hmiYYAhbKhXVYZKpkh_whr0NMZyPerXJyfOjmIpWiBF6zdpjfz4T_JVxRdPAFJca9vs4OIAm3PBrhmvk4GQWnNRTRcrQ9rM8ERbhniNRcgt8S2jQT6HDibn54om54v_XFU6lxrhZ5f71u5sev4egJ6dPMR1ZxPWsw97jSZsNDRHhEpe9LVV4vfjzPx5WZBbKJd3BZQTQU7svMlOzmDf0eOWe9b5sZWlugLahyviZBufZSQ1EF5vRGSUO9wp-z8cs0br_mBuHqTNOIRPys2CYPOBpkXjX7Y4MqokjF7VzTNI9JPO_-geKw2E7kxrx2ifWF6f-jePWvu0ICcOpG5C9aQR7mp3Q_o8jg8Kn4JWQYYnidHZXHY_CIqcX436Y8DFARzUiCABD4EbPLtR6i6n1vIbX1YFCgAFj30uUZxrUvqSMHKvFdl4XRg2HTnZlNde3PPxTOoSKjQNampV6Hyvl_ozPch0QYDUhD5IIolNKqTIE35ti2MXdxD29J6HRRqHVlu8Dyhy1eQDqCCFY8hnSOBgPZYyfNkiaA9eD-zgRVg-iWV2Ur9aCk3oTrEp31pQntsz6OAT1mdDXJG4jdkOpxS6VJEcTxwwxqaYg-c7xD6IPNCdvmuN8q5lCkXxZgMaU-D7lDXLOBC3Bw-QPGdd7a3rEUL8DVGoB1sTekpR1hE4wNewML4LiO3nP6RU8U9pwF6HmA30Z8dMAdleoUHE5iJIHdWqFDa9fkw760mt-mU_OctoKZ64kHvCVaTwfCvApHVtpnaL9ODjoicKdCLqkUnp-n16xizPER-TVed_yGYp-9ckluxyrsPU0DPf0AokzA29495QwYA3haZv1cFJh83qUHyXFuggoX0U3ZWqDmD6HFqv2D--Oymg2lnE7oLvkivNwXSlCwJC0EV2y7yFg94FgRxWL7b7ihWShaYI6gfkUJMCOuFyLsYxaEPozhMDtu3EPJZ0h2QuM1N3dOhzuPcka9aDvcH_3FTX16N2y0qZCfWjeJF5OalY_arUOBChAQzISzKqM2sD4nIRGKBA4WVPuo14_aUbj3H2NBluDLLm-E1o4CW4xTn47QWRXU5DpCU51JoF7bZg8cP1xUFNM4GfxK8aaw1843HzhouAu5hZab0og6SSTN-Q-kQFKYavV_slJUR9gokiWhb1mVojrYN6V_M_BhwMARBDryrZuQSxWTO8ZPUptuM3gTMS0y8UopJong2V6Doq_HhrErIIBBVzabnCYu4xg76IklHwMDUL4QplyKytv7TGfpwaQkXKanCDL9-JwQ0EgNRESNwPMJY-9rFbD7Al47SuaPcVta35EWPQ7Tf6Pzrfx50VdJIkjtEsjRngkgnxerCYxGQ7KugQMw4pEY14KjXVuIeYB8slO-9OQbk-HBNFeFg-M_pYSDsLjPYX0qYiPptugdy1DFrSgXRqhQU7oZVHpKiraVtJAWggvSCIHSzMeeIl3s6ZxSfrlqKr0ZZOPbFlPeEvjBBcaCujEga5BB-tE1KCOMh-AIad13XSNsC-OO7dxzlLkXu8mzRJpek4aD8t8SGTyHFeDkhwQaadpBaRu3TeOpc8LtqfEQrsph_zyrCrdugjIl-mlMAEEl59YEpCujW9X7sjggMcmSHJoBxA8P_hntFT0RdxmaPF_qtiw5NtI2ffMKWxwbbry9FK7yoQHgYaGzik_XfmOiS9LIgREIeefOzUZCGSWa_xAHErMdunZwL_HnP2Aq-s7eROQ7odaH7K0uUlJ65cDayzkcYzepKccgPk9t4pOWJ2hVvIAkKiOoDcR4o_pp-h5OkkN2t2jA8BexzlVX2vjsyEWVId_zufDw6kgDWVZhuIrCvPGF2QPmoyRIr5nfE5SkkTqq0hoEydRxYFryrqEXByN5hWSmtuR9ONDYQ3XeL2DKvy2L-wkG-yhCJ-zIpzlqa3E5fqGoYJBR80dwEfoCAkPDdafGkLYfTSFgyt_NBw5J8TVIn351MPpvRC6pkgL_bdOx2Qh2EoKwscjQXkQLGvfDxK90_Ex6OQa0kYXVmUdVVWvxVwapSO5daaDqBDRhH8fOFAG6avnEWPm6pAp7HXts89FNcWflMYJLIuCbGpJvwt0yKkyyWi5f2W-9g4CZNfiT02zNFhjatefwFslcg2KjGP8FdqoVLJWgHZSv_Q1-rw-lEr-vm9qtWxHnhfItanRwUw-2Yu0k0FsukAh-NyTO2QTmZR-Y2-tlMAJJPjdV2B6La3XnJYH3g1hiHTXyJljLi6p7vjaG43pABKb3y-2QHPPJQfNTFc4Q3QkqZeP1EWHMytc3asT9378uEgoUvffeT7W8DJxV2ucRJH2omriAZiZQjqxvZrQO-03aF1zDqicBiF8_PRb7iRnv7tl52tt2hr0gHpsYvbRdXC3mrDAbPHXyjIBQbMnqqEcnwyShz8c0bSgNjwhEfMwyXTLWI4kioWzAYiG6eXGi5EvvgSgl3dHuM1hRwdpl1awyGC_fefRSyR8Z39PNvat55YalPNP26hNSQqtU4MDemyhxV74zmZSIWoF4iB1Kj0_EH7wYLE7gGZiztNLX_VZxQAiQUWH37jTUSur7XjPpkquSvY5M3wVQ1M1ooXgTbrMqan7I6u9_-z8HwzQ0coLW7KVQWfw6vc7RMYyfioLCY3dUfErgeoph0fZlpEDftEMbOzGLGnvJcnN0ao9-V5bx6zjiP9SR0eRm62GFIAA4polBXF1yF9GBlapXAe7OB4VhSVZfvT4CUujuDrjhGd9UU1rJbPdkCbnWrcyA&cid=CAASKORo4KF4qS2uVOigSTqTvnieFaahoAaqGv6CA1q_ZUXaPMRAOgjOPcc&rfl=1%2Chttps%253A%252F%252Fwww.wpgxfox28.com%252F%240

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

614456975ac06eccd652989051d3ac67d52a942828862158ffd0f1d029c304c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34538
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8BA 42 B
63 B 147ms
72ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BOqplQBtCNkG1QF9le2rPcs2eRydwfAi_X6v29hrpRv5GZ2_UJZt3chkfiEOjuMZCCv-xONQTH-m-wrjU_LtBOXwRh1bBvThl2ARYO7wHdEPShx2M

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame B8BA 3 KB
1 KB 149ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame B8BA 17 KB
8 KB 139ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8BA 152 KB
46 KB 136ms
59ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 00:57:29 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C553 624 B
976 B 91ms
51ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNUE6uAfzOkZvfj4CPxLR64ktZ0ildx4paux5bE9N6RGm3UAgI1QTS6oVJmXhmqbOwYIdiTYl6OtAW1rWOquBrYGzXrAHix3lhmDS0KlWsw1JIG0zsgyd8TjQVG-_3X_GP_ceiTEQESoZSob4OcY0CCvTV__BwyIllks1zhE8H8wqH9fNeI

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 00:57:29 GMT
expires: Wed, 26 Oct 2022 00:57:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C841 82 KB
34 KB 150ms
111ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtWgQIdZPcABIiVZ7DSXrfjvEgZkfP3Bo8kJ6vfXfAKRrID44RqJwyVT1mZcrp7ZC49sL0C3bZGtc3qQAq1pItHKMaUA&cry=1&dbm_d=AKAmf-DqlYXg2aBEMkAY5UcMBsarzgMOD5Gx_Vpb-lBbImuRu2vcqne-xibe4KPPnZOaq1hEtEmdwcYyd5R7h_vz3mGRE_WD_DW2jUrUg0BwnDBkVCcqPhJn-FKh9g_cvVFQYSqpDL02iot1aY7AbdD9rKhyBRzCmuXDSBj2JM1aygmBMa_pVZqDUWhPhvRWjt6QpcoY2To2MEfdr5lHR6_t9SN3WfyWC6c-MFBXYpg3WCiWTDswJFmvZxHY0S6L2xhoS8-YDbGZV2ijxr4mbeseYO41SNluqChdOwWRmadve6hZrfkNahi5L7ZzO_zUqeKw7C6MelIjrh0SYVjCZXhe0tv2w5h1y5KD-8XrxYDswD9zlLMRewejvfijBLGN-utWVXSvLw2nWXhFfxxEy_ZsfsYPmSXSMoS4FHMyYPJWfcgyT5G3DDfRTqoDueAf1uVHbVxGISEI_9qaIkeXKAUEasOENFy3yUsQBzhwHOFbCXkUfKfprEjGsWANslgiGzZ18lggfOUeRD4e-wHOu4EnafAXZzs-9eH_GKPRdchX9sC1gP37ATwQjhOeOEpYPembhBt7PdaN5JzxXQK6QEe7nsizeOwjs17EyZrP1L9Mm7mIMd9f7n2DSGH3V8bykJNUgGZ9QqDFAEmwl3JPADIW5j1BxYL8lAdeg4oNo025DcaU-F68UEhRUCM410UBbZsDE9mU7D4liqLVGQ5gprd_gQWWp5kTmcScqPwstrZpewISdBUDjMjhKo08R6ReUirVW5ip2lOof_WbVBDr8jv_GKUYz--7HqrNeVPKUKD7VQjl_wtXQj4O_26XOM_VAukkWPSv4Y9DEVQXzqEIOTzY3zmHx7IIxcWySwJW6gbhbaM_U-pXI5-Hqbj1-NtD7U_dOcQ54Dwzuo_NYuVdtiDomiZbp0mHXW_TB2H8N5KVpH5lXUdVKZ1Ny6iAj5D7UfJlDQRIWiguAVvN2dFGhjIvZ9nCqQBx9umeuJIY70jWCPj-z-c-WbZ5ZdEwGuom91RbPVi0RoQO_FzBTgbbTA2qrHnzdXQYEmpiIEudpbrEBNE3IoeUsSQu-hufWFsjQWZgXQ8pQccBT95PO9LePV6MZrLRA7H8EuRMy3hgaVyAHOqsUdNWX8q8jM_q4hKZd_Eei2ryJhmCT29fU2gpehjJffZ3L1Tf1RHxXtH_yKc96jWCS7gLSVSL8SR_yUQQ6FK4x7mID5GU1yNa9klIo_6W6_w5WH67j8ZCoVigO_WhM8WO4jlN5f_yzbJ47ugQ192uCs7nfLn0VqAehyHRj8gTyTeryTCsopd72Rx-RX5iLaVcVrTFDg55PsFUgUZYwd6cdeAmFNqSUSKiBUzSZX1ibK3LNaw9PrCSO7AZmQKk7OSGq71E1qDclfJ257_9HbOE02Z2-622jQozWHkJ6fmcZR5zQbc8axi6FvaiQBnYInDadQv2hh7DB3GmhaUiu_WZ3LUY-xk9ITjGHG4Vtg1NmyqtM7-uKQrAigwg6gcDj-QeboUungyGl-dK5S2P8NTZYO5FKYgQls-OOfQ3ieYZdwfzTvHGFNJ06eP7LqFyQcko-xsBKr4uEXA5JYcoxYIy4i1uo3AeES0sPfh7L7Z8NV1t-dlVlYcMjupX8yrTb8CBeTtEceA4j0kU1S3WGeN49mUPgIsUJznettgQQmjoHX-eomRPWXCexXJ7zCLcLIU5tlErNgaqskwHbs8sX4nEn8oLMBKiqY77TjEYk4u_dGuY57h_7M3tch0XsH7I8TVf8RlBB8ygYO4Slr4RDjiHrBUyG8NAdrOb4a0Ndn4dV_LF3pDrXCn9j_4Z4Dwsj17K_yhi_IYvZ5AyFMGWqhWYtoG5eNM3o9UZP5d1EK7NCYaHdA7JnD1CmKmsioykoS-vf_GIKvXAJJViVI-lDQx4O9d_7AMmaOrSkLP3mvAbQOzYNgK6gSnguQP33uvsVpTrn0oHwuo7fjfbTfTQkWd3_5xIsme8S5bNusqaj61qHsHvct-iCubvA544uxjIAYDkM-6KhN0mUx3FmctgWW7wT2rnCgX8CeqotGnflTg14vxkkKdNmfT75Dnl-OGqWBX1z9fvWOo-iATGR5vI3hOhpaQ-dCStyvWuPfIA3E4alsNn-L8XRMddzCEkJxuvJ_kwItxcLJu1IXjB_gu4yODPF0N6dR5Vgdj519rvgNgWA3azuBDhDLDpUqvZ4t3WOehSS68MfIV161dKEA9jVAYtMubVYGg4KwjDEN4SBhFddHSiMp6CY-qr99R6HnsHexpUyjEj2vwuvdjkl6015vLP9ga0HIwVoFfLcLErZroksbzj8_y-18OKwUUIvChpteIDzD6ang0W17yKTkCWghnIlFK2MqHGQ78TilUrtNnWJ29rm_XiQeWlAF_AijUrFd1fm4IF69cxCZlhj7sup8563v0XvUwVa7fNcvFMvC4VoK52WD7bqS1oaRnMOlYJfFcmZw9BUo07C_JL_pO8UtHWp7vNCDPvV3jdoLmGrMylJZpH7NEl-UCjgiiBebpczD3Z7MjtIITbTGE9aIzRrM4BakWinAgw7KRlqeucM07oZJ85UN-iFMxfNOMe_pr_5F7EyXB8hAzihLtouMSxjRRPLuyWDXeto6MB8X5y1hFQ2qtgQwmqiBhdLdNO9kTysTyI3j8pG8gGPcPMs-tI0nWNWOlxqGo56WYFiGipFIii7yMjxYYe0uIWY7X3IXgYQYTrD3bUUDByWXYNBwyhG81fT7nAW9bqOMzj8e2DOtFpa05_GnWySBJAEfrRe6r2BrpOR9it8EzZFFJMSBwVeHCCinnqLVd-QYTwonAVvOpY7h6mq4BMvCb6E1YmGu4l002q6P8dKlOeaVaCpjL6sgIKD--L2zjvGSuX_NY2t521UnytcP7qvmWnSpfs5EpCPUmMpZgsJ0eRrRN58n_PZ0UINvIxkQkz58t0wbbWp4Rl8GX6j4qJW1MjVM-KyYJdyZRlvRgHcsd_MpqNMmxisn2Ii8DVQnK2E7MX2BVRaxGA24VhIVfpiRL4_OmBfeW9WhLqjxgLl18U8cuVlv88WS1_eXnCv9d77tnkxxqXMcTmVlxKWubPIWlzTCAvUwqVZZ7aSjwB1wPRLZWy-AeaWIAuOuwBDGX1j-559Fdni5C3Q8qyfwkTIeK1i-RIdEtsOqTNY_DHirfBDxZCXifADilO-VqiYcVTlkk-waIx0ynSOz_cSlxwCUy0-AZE2JACTWL_-cPodSv-v2mjw5jqWLr9Llg055_P1-ax0ppToxwBjG9AxW2EOSl3JWHXXu7-taxkZMzPtPNjpqgoaNE3VmaZFCENlQG_XIBFhIU-67ojh5oQc07Jpzp-yP_P-_z5Jfsyh-z73e4&cid=CAASJ-Ro4QqAsCoSmZClYGwEw6Uniwbxl43UDzbINQl7uEgloYTJB4Zpbg&rfl=1%2Chttps%253A%252F%252Fwww.wpgxfox28.com%252F%240

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2e284b8df919540739cfe32297bdb2d9d07ccdd3f7a22a6dac0a81c5253ee6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34486
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C841 42 B
63 B 104ms
72ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-bNe6gqJRWCoyHfVjU_NxohNBWI8OyfZFHNFldLTB5ao8Cgu5oYqj6DhMWQOY6bo6lJOUgeSMAYsp7W_m5jl4GdvBGhZ-x96NU6mqpphjqJ6WmUI

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame C841 3 KB
1 KB 106ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame C841 17 KB
7 KB 100ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C841 0
0 132ms
48ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0a1rd8zpZXOKdLOA8BE2vQtsihdHKs3bXDkGwQHL5sGWYnqM0U9tujvjwpu9jpBNKEhBTAHTwZy4jrNfU8EvubYfhWQ
Requested by: Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C841 152 KB
46 KB 110ms
77ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 00:57:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C553
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXc3Bp4pnxXK1MVPCG_yWc&google_cver=1

43 B
766 B

76ms
38ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXc3Bp4pnxXK1MVPCG_yWc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNUE6uAfzOkZvfj4CPxLR64ktZ0ildx4paux5bE9N6RGm3UAgI1QTS6oVJmXhmqbOwYIdiTYl6OtAW1rWOquBrYGzXrAHix3lhmDS0KlWsw1JIG0zsgyd8TjQVG-_3X_GP_ceiTEQESoZSob4OcY0CCvTV__BwyIllks1zhE8H8wqH9fNeI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXc3Bp4pnxXK1MVPCG_yWc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C553
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iF.YQybYAN1Vcka0gFQwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2

43 B
766 B

38ms
37ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNUE6uAfzOkZvfj4CPxLR64ktZ0ildx4paux5bE9N6RGm3UAgI1QTS6oVJmXhmqbOwYIdiTYl6OtAW1rWOquBrYGzXrAHix3lhmDS0KlWsw1JIG0zsgyd8TjQVG-_3X_GP_ceiTEQESoZSob4OcY0CCvTV__BwyIllks1zhE8H8wqH9fNeI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C553
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHm8HFHhOQjZNuPMvTaW5NE&google_cver=1

43 B
1013 B

100ms
43ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHm8HFHhOQjZNuPMvTaW5NE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNUE6uAfzOkZvfj4CPxLR64ktZ0ildx4paux5bE9N6RGm3UAgI1QTS6oVJmXhmqbOwYIdiTYl6OtAW1rWOquBrYGzXrAHix3lhmDS0KlWsw1JIG0zsgyd8TjQVG-_3X_GP_ceiTEQESoZSob4OcY0CCvTV__BwyIllks1zhE8H8wqH9fNeI

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
AN-X-Request-Uuid: eefcb48d-d194-4521-bdc4-676eee087f0f
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHm8HFHhOQjZNuPMvTaW5NE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C553
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1

170 B
188 B

111ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
AN-X-Request-Uuid: ddfdaa27-9f18-4409-8618-029402d2d093
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AA1E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXc3Bp4pnxXK1MVPCG_yWc&google_cver=1

43 B
766 B

77ms
38ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXc3Bp4pnxXK1MVPCG_yWc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjdy4-_ATAB&v=APEucNU0x9JTsZxuWRD7EiAfpTv-B_vGGLpEDpxum5gOxq3CTUM-KFYeh1jj-NGoT5LxD2RmCxlaTcdDXRQ9aLkJs5kOMkCY8OWEsjK5V6chpwYCqbsineg0LoHwg_LSFkCCoop7lWJN0YQ4JQdbH52RywsRZT8pyDP1AZmdAcoqe6LFY5ERGxg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXc3Bp4pnxXK1MVPCG_yWc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AA1E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iF.YQybYAN1Vcka0gFQwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2

43 B
894 B

39ms
38ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjdy4-_ATAB&v=APEucNU0x9JTsZxuWRD7EiAfpTv-B_vGGLpEDpxum5gOxq3CTUM-KFYeh1jj-NGoT5LxD2RmCxlaTcdDXRQ9aLkJs5kOMkCY8OWEsjK5V6chpwYCqbsineg0LoHwg_LSFkCCoop7lWJN0YQ4JQdbH52RywsRZT8pyDP1AZmdAcoqe6LFY5ERGxg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame AA1E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHm8HFHhOQjZNuPMvTaW5NE&google_cver=1

43 B
1013 B

101ms
44ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHm8HFHhOQjZNuPMvTaW5NE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARjdy4-_ATAB&v=APEucNU0x9JTsZxuWRD7EiAfpTv-B_vGGLpEDpxum5gOxq3CTUM-KFYeh1jj-NGoT5LxD2RmCxlaTcdDXRQ9aLkJs5kOMkCY8OWEsjK5V6chpwYCqbsineg0LoHwg_LSFkCCoop7lWJN0YQ4JQdbH52RywsRZT8pyDP1AZmdAcoqe6LFY5ERGxg

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
AN-X-Request-Uuid: f23c2c45-3d51-4eb0-a622-70fec189f138
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHm8HFHhOQjZNuPMvTaW5NE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA1E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1

170 B
188 B

120ms
61ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
AN-X-Request-Uuid: 3a0805e0-d27a-417f-9a62-b1b3392da83d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B8BA 170 KB
59 KB 150ms
41ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Origin: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame B8BA 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyAJM5eUkYAwar6UVcYvdX8kI2xndF8L5pKX7mfYjm8bEgtyPWO9cZ8CZdzRT60unjwgwC4iW4xALlmQ1zyRO9l1E__g&cry=1&dbm_d=AKAmf-CX7quYOONjlyrJyyE6CHtwDxxrVnNYf45cN3lf2sFhEQmWxFGe85Slyp9MZC8h32YaY-wVg5oHHea-OOOCDT2oA2PoStcxp-z5rtUiA6Tsin-Rby5jejy-FrzU1Od4SluurcdhBIKOX2lvMUiwto7iUrE3-cdNLbEss0YNxJIrFUT3nFjY5c6h7kLf7Ca5Bik2q4qpiOXGotpch8txEFokLHaf2HlW5DEjkLsaRAk26MyAfgyV_ydaemHul0i8I2VvbrlIBpO0CiS4otdieW2Fl8EpMqAlsC7JyuKXh1AykT0Zck0sCqJwHU1LKHHiL2oyCvmaVKltSazXb7fqLGh0BQzDh1bI3m1nap2ODT3RGO-aqR3cr5NRi515XiO5tComFTS-DzHa9rhlJ-sRS8fGrLl5CnHWWVDNKVe6Cy6J2xHU8nYxVmFiAHFvR2P97ckZZYQYq2n6-anWqxSRp3vfRXeOfxMZaeVn24u6NwwekVxgasqn5z3_EMVm2YgCHEnMQ9F5vmjdihrZL4QKUcyvQfzvyR5yc2k_RSpWqoosMOVljS4UfVxRflSNUG2hyQ3o78cqga5k6zAwJwc9b20GYE90R6hmiYYAhbKhXVYZKpkh_whr0NMZyPerXJyfOjmIpWiBF6zdpjfz4T_JVxRdPAFJca9vs4OIAm3PBrhmvk4GQWnNRTRcrQ9rM8ERbhniNRcgt8S2jQT6HDibn54om54v_XFU6lxrhZ5f71u5sev4egJ6dPMR1ZxPWsw97jSZsNDRHhEpe9LVV4vfjzPx5WZBbKJd3BZQTQU7svMlOzmDf0eOWe9b5sZWlugLahyviZBufZSQ1EF5vRGSUO9wp-z8cs0br_mBuHqTNOIRPys2CYPOBpkXjX7Y4MqokjF7VzTNI9JPO_-geKw2E7kxrx2ifWF6f-jePWvu0ICcOpG5C9aQR7mp3Q_o8jg8Kn4JWQYYnidHZXHY_CIqcX436Y8DFARzUiCABD4EbPLtR6i6n1vIbX1YFCgAFj30uUZxrUvqSMHKvFdl4XRg2HTnZlNde3PPxTOoSKjQNampV6Hyvl_ozPch0QYDUhD5IIolNKqTIE35ti2MXdxD29J6HRRqHVlu8Dyhy1eQDqCCFY8hnSOBgPZYyfNkiaA9eD-zgRVg-iWV2Ur9aCk3oTrEp31pQntsz6OAT1mdDXJG4jdkOpxS6VJEcTxwwxqaYg-c7xD6IPNCdvmuN8q5lCkXxZgMaU-D7lDXLOBC3Bw-QPGdd7a3rEUL8DVGoB1sTekpR1hE4wNewML4LiO3nP6RU8U9pwF6HmA30Z8dMAdleoUHE5iJIHdWqFDa9fkw760mt-mU_OctoKZ64kHvCVaTwfCvApHVtpnaL9ODjoicKdCLqkUnp-n16xizPER-TVed_yGYp-9ckluxyrsPU0DPf0AokzA29495QwYA3haZv1cFJh83qUHyXFuggoX0U3ZWqDmD6HFqv2D--Oymg2lnE7oLvkivNwXSlCwJC0EV2y7yFg94FgRxWL7b7ihWShaYI6gfkUJMCOuFyLsYxaEPozhMDtu3EPJZ0h2QuM1N3dOhzuPcka9aDvcH_3FTX16N2y0qZCfWjeJF5OalY_arUOBChAQzISzKqM2sD4nIRGKBA4WVPuo14_aUbj3H2NBluDLLm-E1o4CW4xTn47QWRXU5DpCU51JoF7bZg8cP1xUFNM4GfxK8aaw1843HzhouAu5hZab0og6SSTN-Q-kQFKYavV_slJUR9gokiWhb1mVojrYN6V_M_BhwMARBDryrZuQSxWTO8ZPUptuM3gTMS0y8UopJong2V6Doq_HhrErIIBBVzabnCYu4xg76IklHwMDUL4QplyKytv7TGfpwaQkXKanCDL9-JwQ0EgNRESNwPMJY-9rFbD7Al47SuaPcVta35EWPQ7Tf6Pzrfx50VdJIkjtEsjRngkgnxerCYxGQ7KugQMw4pEY14KjXVuIeYB8slO-9OQbk-HBNFeFg-M_pYSDsLjPYX0qYiPptugdy1DFrSgXRqhQU7oZVHpKiraVtJAWggvSCIHSzMeeIl3s6ZxSfrlqKr0ZZOPbFlPeEvjBBcaCujEga5BB-tE1KCOMh-AIad13XSNsC-OO7dxzlLkXu8mzRJpek4aD8t8SGTyHFeDkhwQaadpBaRu3TeOpc8LtqfEQrsph_zyrCrdugjIl-mlMAEEl59YEpCujW9X7sjggMcmSHJoBxA8P_hntFT0RdxmaPF_qtiw5NtI2ffMKWxwbbry9FK7yoQHgYaGzik_XfmOiS9LIgREIeefOzUZCGSWa_xAHErMdunZwL_HnP2Aq-s7eROQ7odaH7K0uUlJ65cDayzkcYzepKccgPk9t4pOWJ2hVvIAkKiOoDcR4o_pp-h5OkkN2t2jA8BexzlVX2vjsyEWVId_zufDw6kgDWVZhuIrCvPGF2QPmoyRIr5nfE5SkkTqq0hoEydRxYFryrqEXByN5hWSmtuR9ONDYQ3XeL2DKvy2L-wkG-yhCJ-zIpzlqa3E5fqGoYJBR80dwEfoCAkPDdafGkLYfTSFgyt_NBw5J8TVIn351MPpvRC6pkgL_bdOx2Qh2EoKwscjQXkQLGvfDxK90_Ex6OQa0kYXVmUdVVWvxVwapSO5daaDqBDRhH8fOFAG6avnEWPm6pAp7HXts89FNcWflMYJLIuCbGpJvwt0yKkyyWi5f2W-9g4CZNfiT02zNFhjatefwFslcg2KjGP8FdqoVLJWgHZSv_Q1-rw-lEr-vm9qtWxHnhfItanRwUw-2Yu0k0FsukAh-NyTO2QTmZR-Y2-tlMAJJPjdV2B6La3XnJYH3g1hiHTXyJljLi6p7vjaG43pABKb3y-2QHPPJQfNTFc4Q3QkqZeP1EWHMytc3asT9378uEgoUvffeT7W8DJxV2ucRJH2omriAZiZQjqxvZrQO-03aF1zDqicBiF8_PRb7iRnv7tl52tt2hr0gHpsYvbRdXC3mrDAbPHXyjIBQbMnqqEcnwyShz8c0bSgNjwhEfMwyXTLWI4kioWzAYiG6eXGi5EvvgSgl3dHuM1hRwdpl1awyGC_fefRSyR8Z39PNvat55YalPNP26hNSQqtU4MDemyhxV74zmZSIWoF4iB1Kj0_EH7wYLE7gGZiztNLX_VZxQAiQUWH37jTUSur7XjPpkquSvY5M3wVQ1M1ooXgTbrMqan7I6u9_-z8HwzQ0coLW7KVQWfw6vc7RMYyfioLCY3dUfErgeoph0fZlpEDftEMbOzGLGnvJcnN0ao9-V5bx6zjiP9SR0eRm62GFIAA4polBXF1yF9GBlapXAe7OB4VhSVZfvT4CUujuDrjhGd9UU1rJbPdkCbnWrcyA&cid=CAASKORo4KF4qS2uVOigSTqTvnieFaahoAaqGv6CA1q_ZUXaPMRAOgjOPcc&rfl=1%2Chttps%253A%252F%252Fwww.wpgxfox28.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:20:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame B8BA 30 KB
11 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:21:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C841 106 KB
37 KB 200ms
114ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Origin: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 10:24:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame C841 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtWgQIdZPcABIiVZ7DSXrfjvEgZkfP3Bo8kJ6vfXfAKRrID44RqJwyVT1mZcrp7ZC49sL0C3bZGtc3qQAq1pItHKMaUA&cry=1&dbm_d=AKAmf-DqlYXg2aBEMkAY5UcMBsarzgMOD5Gx_Vpb-lBbImuRu2vcqne-xibe4KPPnZOaq1hEtEmdwcYyd5R7h_vz3mGRE_WD_DW2jUrUg0BwnDBkVCcqPhJn-FKh9g_cvVFQYSqpDL02iot1aY7AbdD9rKhyBRzCmuXDSBj2JM1aygmBMa_pVZqDUWhPhvRWjt6QpcoY2To2MEfdr5lHR6_t9SN3WfyWC6c-MFBXYpg3WCiWTDswJFmvZxHY0S6L2xhoS8-YDbGZV2ijxr4mbeseYO41SNluqChdOwWRmadve6hZrfkNahi5L7ZzO_zUqeKw7C6MelIjrh0SYVjCZXhe0tv2w5h1y5KD-8XrxYDswD9zlLMRewejvfijBLGN-utWVXSvLw2nWXhFfxxEy_ZsfsYPmSXSMoS4FHMyYPJWfcgyT5G3DDfRTqoDueAf1uVHbVxGISEI_9qaIkeXKAUEasOENFy3yUsQBzhwHOFbCXkUfKfprEjGsWANslgiGzZ18lggfOUeRD4e-wHOu4EnafAXZzs-9eH_GKPRdchX9sC1gP37ATwQjhOeOEpYPembhBt7PdaN5JzxXQK6QEe7nsizeOwjs17EyZrP1L9Mm7mIMd9f7n2DSGH3V8bykJNUgGZ9QqDFAEmwl3JPADIW5j1BxYL8lAdeg4oNo025DcaU-F68UEhRUCM410UBbZsDE9mU7D4liqLVGQ5gprd_gQWWp5kTmcScqPwstrZpewISdBUDjMjhKo08R6ReUirVW5ip2lOof_WbVBDr8jv_GKUYz--7HqrNeVPKUKD7VQjl_wtXQj4O_26XOM_VAukkWPSv4Y9DEVQXzqEIOTzY3zmHx7IIxcWySwJW6gbhbaM_U-pXI5-Hqbj1-NtD7U_dOcQ54Dwzuo_NYuVdtiDomiZbp0mHXW_TB2H8N5KVpH5lXUdVKZ1Ny6iAj5D7UfJlDQRIWiguAVvN2dFGhjIvZ9nCqQBx9umeuJIY70jWCPj-z-c-WbZ5ZdEwGuom91RbPVi0RoQO_FzBTgbbTA2qrHnzdXQYEmpiIEudpbrEBNE3IoeUsSQu-hufWFsjQWZgXQ8pQccBT95PO9LePV6MZrLRA7H8EuRMy3hgaVyAHOqsUdNWX8q8jM_q4hKZd_Eei2ryJhmCT29fU2gpehjJffZ3L1Tf1RHxXtH_yKc96jWCS7gLSVSL8SR_yUQQ6FK4x7mID5GU1yNa9klIo_6W6_w5WH67j8ZCoVigO_WhM8WO4jlN5f_yzbJ47ugQ192uCs7nfLn0VqAehyHRj8gTyTeryTCsopd72Rx-RX5iLaVcVrTFDg55PsFUgUZYwd6cdeAmFNqSUSKiBUzSZX1ibK3LNaw9PrCSO7AZmQKk7OSGq71E1qDclfJ257_9HbOE02Z2-622jQozWHkJ6fmcZR5zQbc8axi6FvaiQBnYInDadQv2hh7DB3GmhaUiu_WZ3LUY-xk9ITjGHG4Vtg1NmyqtM7-uKQrAigwg6gcDj-QeboUungyGl-dK5S2P8NTZYO5FKYgQls-OOfQ3ieYZdwfzTvHGFNJ06eP7LqFyQcko-xsBKr4uEXA5JYcoxYIy4i1uo3AeES0sPfh7L7Z8NV1t-dlVlYcMjupX8yrTb8CBeTtEceA4j0kU1S3WGeN49mUPgIsUJznettgQQmjoHX-eomRPWXCexXJ7zCLcLIU5tlErNgaqskwHbs8sX4nEn8oLMBKiqY77TjEYk4u_dGuY57h_7M3tch0XsH7I8TVf8RlBB8ygYO4Slr4RDjiHrBUyG8NAdrOb4a0Ndn4dV_LF3pDrXCn9j_4Z4Dwsj17K_yhi_IYvZ5AyFMGWqhWYtoG5eNM3o9UZP5d1EK7NCYaHdA7JnD1CmKmsioykoS-vf_GIKvXAJJViVI-lDQx4O9d_7AMmaOrSkLP3mvAbQOzYNgK6gSnguQP33uvsVpTrn0oHwuo7fjfbTfTQkWd3_5xIsme8S5bNusqaj61qHsHvct-iCubvA544uxjIAYDkM-6KhN0mUx3FmctgWW7wT2rnCgX8CeqotGnflTg14vxkkKdNmfT75Dnl-OGqWBX1z9fvWOo-iATGR5vI3hOhpaQ-dCStyvWuPfIA3E4alsNn-L8XRMddzCEkJxuvJ_kwItxcLJu1IXjB_gu4yODPF0N6dR5Vgdj519rvgNgWA3azuBDhDLDpUqvZ4t3WOehSS68MfIV161dKEA9jVAYtMubVYGg4KwjDEN4SBhFddHSiMp6CY-qr99R6HnsHexpUyjEj2vwuvdjkl6015vLP9ga0HIwVoFfLcLErZroksbzj8_y-18OKwUUIvChpteIDzD6ang0W17yKTkCWghnIlFK2MqHGQ78TilUrtNnWJ29rm_XiQeWlAF_AijUrFd1fm4IF69cxCZlhj7sup8563v0XvUwVa7fNcvFMvC4VoK52WD7bqS1oaRnMOlYJfFcmZw9BUo07C_JL_pO8UtHWp7vNCDPvV3jdoLmGrMylJZpH7NEl-UCjgiiBebpczD3Z7MjtIITbTGE9aIzRrM4BakWinAgw7KRlqeucM07oZJ85UN-iFMxfNOMe_pr_5F7EyXB8hAzihLtouMSxjRRPLuyWDXeto6MB8X5y1hFQ2qtgQwmqiBhdLdNO9kTysTyI3j8pG8gGPcPMs-tI0nWNWOlxqGo56WYFiGipFIii7yMjxYYe0uIWY7X3IXgYQYTrD3bUUDByWXYNBwyhG81fT7nAW9bqOMzj8e2DOtFpa05_GnWySBJAEfrRe6r2BrpOR9it8EzZFFJMSBwVeHCCinnqLVd-QYTwonAVvOpY7h6mq4BMvCb6E1YmGu4l002q6P8dKlOeaVaCpjL6sgIKD--L2zjvGSuX_NY2t521UnytcP7qvmWnSpfs5EpCPUmMpZgsJ0eRrRN58n_PZ0UINvIxkQkz58t0wbbWp4Rl8GX6j4qJW1MjVM-KyYJdyZRlvRgHcsd_MpqNMmxisn2Ii8DVQnK2E7MX2BVRaxGA24VhIVfpiRL4_OmBfeW9WhLqjxgLl18U8cuVlv88WS1_eXnCv9d77tnkxxqXMcTmVlxKWubPIWlzTCAvUwqVZZ7aSjwB1wPRLZWy-AeaWIAuOuwBDGX1j-559Fdni5C3Q8qyfwkTIeK1i-RIdEtsOqTNY_DHirfBDxZCXifADilO-VqiYcVTlkk-waIx0ynSOz_cSlxwCUy0-AZE2JACTWL_-cPodSv-v2mjw5jqWLr9Llg055_P1-ax0ppToxwBjG9AxW2EOSl3JWHXXu7-taxkZMzPtPNjpqgoaNE3VmaZFCENlQG_XIBFhIU-67ojh5oQc07Jpzp-yP_P-_z5Jfsyh-z73e4&cid=CAASJ-Ro4QqAsCoSmZClYGwEw6Uniwbxl43UDzbINQl7uEgloYTJB4Zpbg&rfl=1%2Chttps%253A%252F%252Fwww.wpgxfox28.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:20:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame C841 30 KB
11 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:21:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B8BA 41 KB
15 KB 246ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7072
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
DATA 200
OK truncated
/ Frame B8BA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 163698cf1459a288c891aacca7071b4ae250795571e69e7edcc87c23db592256

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C841 41 KB
15 KB 385ms
213ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7072
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
DATA 200
OK truncated
/ Frame C841 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b15e6b39848fdecac7a7645b853ce1d6f457cfd2662e25fffb09ada5ebc7d4d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BE7 0
0 77ms
75ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSRWcmfOIaw-5Cllvymrhbo5AzGZJK7p8UCSvI4YQ0KLiPVda7VVk4iHkiqlNuod5DHo5PK6radU8837Fo6ZDkXMl13nlsu9cLgZnOVrioiDtuYzlf7FmdiYu6Poj974CvcCO9MlxmcvBNcvtXSDbk65MGyufLGaeEZa5fxdMn7REPPvVxU_ID6pVXeElv3PHI4rM7H-7bpUOb6vvcWZvesuzPZYtV2W3WJHygvmKFYjfJdvV-1mC9eDgZPldyWFB36gHi6shMwuOUd_YC8o37ofMMEp1aV_CsrWH9iq0kKAHxMo3l9AkRbiyMNAfwqtmqw-BQUNpha4pqfBszt9wuruRdo3Iuoc6A2F8elNAjo0WV&sai=AMfl-YTTABZmzTK9gNml8XuWZtGUe1_IQEDY4q9IV0YYMEzpLK6asD3ulkr5GAUgt-6Is8wr_cLMzFDvK5Od2-6AAViPM2q1XqdMuWQFlw7FDhp7CXeOSIQgDJ7sc5OUZPmqVKaZHw&sig=Cg0ArKJSzOsIsZFYbLnMEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 5BE7 3 KB
1 KB 342ms
214ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BE7 152 KB
46 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 00:57:30 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 5BE7 8 KB
4 KB 278ms
37ms Script
application/javascript 2a02:26f0:1700:6::17d5:a191
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138400723568&splc=/43459271/loc-desktop/wpgx/web/homepage&adu=21957163323&unit=300x250&btreg=6084843041138400723568&btadsrv=6084843041138400723568&ctx=19955922&cmp=DV451308
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:6::17d5:a191 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 00:57:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 14:24:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80e87b37ebe6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 7195015848585121557
tpc.googlesyndication.com/simgad/ Frame 5BE7 461 KB
462 KB 165ms
39ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7195015848585121557

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

263fe17941fdb86c0b01303a036e725a175c9907ba49d6f8850071a3c7fa6ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:06:26 GMT
x-content-type-options: nosniff
age: 543064
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 472491
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 13:44:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Oct 2023 18:06:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5BE7 0
0 175ms
48ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_Om9jBO6tUTaoaNFZi4qbvW3_2hCcQ9OhQMZj6CCxD_fQAYhA83l8gteS260KRE8f-WWKlrrIgB-4qluGOFxraIRF4A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5BE7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c433928e8bfe929f7b4a60d812e5d0d8c353c5243c77247a3cd4f32b9157ae0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2784116164253232531/ Frame BD64 4 KB
1 KB 121ms
45ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2784116164253232531/index.html?e=69&leftOffset=0&topOffset=0&c=zWdyilyflp&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d49ae0401867a02ea6b892861cd0004bd0b5b548d30816e9d828dd4657b69e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1131
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 00:57:30 GMT
expires: Thu, 26 Oct 2023 00:57:30 GMT
last-modified: Wed, 19 Oct 2022 09:25:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B8BA 0
64 B 175ms
84ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvudq5OY03AKpT8d67wLYA_cJna6zeP42WKAQYpDmpllCs9eTtQvrFMMR2ieSOypVM87vuw5Pm3cJCByJjO678vwVkp4O7mgg00AG-xTwoJI4v91vY3Zx1wt_3Yj_IESo7_WxJv9T8bB0JDo0qcd3DxzVmFni1Bb_S1-3n3hHwVxm4fhkfhERXglWREPTYw4xHe7KrSoBFuKI1mPBLLAaTcZVF-o_2FghkHk163DJY_sSXceeq4tVxQvo4jf7xiAySjIbIqeOPFfNd0rFsZcU6ARSrkLUh-48Cj9P0hmGWKDhoU-noEpBiAGTkFDlODNwlDYiO07kwDyIbKy6bY2wIxdDdwCfijHIuTOKeY2bg8gfF1z2JFUCjEa8qgJVrNtwVg3FHl9lNI7eJy_buZmFP6mtN_yYHfIBfvPjNhNbjZ-f5ddXAr0aEa1YGWqR4_5gYDPgtXGVerQiApXwKHILeA2-2cvDvf3k0fTQxNjQs8gDRZGUxqb_BXxhNkwpkmiTcBKJWqcaj1FEDdheWr3HkMgR2Rh8GiczRO-UIM7IhaqUbgFZRMVLMnVjgcW8zofnVzuaGdGd46KeO8ltCUkniItq3aEA33KGmZj7FhkAw0V0oHZWPYFUfGbXP62TfBQ0k6StG2Rru3ts6jv74Lwrd_edZT9FIN2nq3h0HLO8-j9VX5om7HGZTjl9RITZbskRkNqgj6bKon0KqXJL9jrpoRafkpozI8zg-d4uhFmUrri5Txyu1unMhHnI-2wLrOeX1ToxkKZbw17dOTKSVqU8_tSd4hzYr_ZvRhJDvtZub4w0X2D2ZJO7Uyx0RDQXKsYVTyctcUEWidO9CUgccS7e3UUmQ1Crrl6bNdYNjY_OccjAvVfj_rCmdkOmvd8y-INfV85CWIM0fvn-5FGYxJ5cXdwZqc1M-7sbavJYC9WzP_GjTTDvr9dhJgRHNFyloq5k7U-dwnEcf_-u_dGChDCVl_C5-ppur6hhPHClysaJLuC33-Rx2-0OSFqNqv9j7fHW46ABkADty_dzaBnOcPbmf0CoqDG3ttZ2WW3HaFbrA2fRxR-JUa8com5NFpzb0CV4AACGqGUwQ1Yh-MIxIs4DuaYtAB92cmbzGXWosdetLUbYIqDogwRfy82T-y1vUDhXcuv0iJK1OTSx01T-qELgSn4Myt-hPSIKCF1Mwsh8cvTEFjU7AC1zjzBqkLQ6e6DDOmx2ymqJ25FbYxQa2iyambrNMKxSgXA3f91qxR78xPEyB-tNUd7C47UVqGBxfwX-5VlbBvawmgymCTFEUVK1S2kXmw&sai=AMfl-YR9bRFXHtqunTsskAYyHAKB8DZeAGYGPGdjYaF_DtRRtTSRNn9_Hj8M_Y2P-_iEz8AZm-606-MtmJjj7eFyaF_cEHIiBaxSkSESQWnv9YyT9McdMaHshYfVy1f2pHBZqRD_I_WnJ0asZirx1fWV2V-xok4tvnyI5uP92C9B7kMClt3gEFBSOC5qJWMEtX5kIrOVNDyxpTJ4UuGr4PX79OQkCnqQCawkFpxiuVk&sig=Cg0ArKJSzOVWQJRGODgfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=244&cbvp=1&cstd=239&cisv=r20221020.73524&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 00:57:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/ Frame 4936 6 KB
2 KB 113ms
37ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22947163b9b9ad637680638f412b4f356f77c159281bf9da45afbf07b79f26dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 434404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1926
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Oct 2022 00:17:26 GMT
expires: Sat, 21 Oct 2023 00:17:26 GMT
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C841 0
622 B 165ms
84ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBm0H9QhRjfgfXbWI0ZdpKF0w__I5zO9jdU5y2px20PrdLjTRllOGgJ3w9QaZiUi8x3_Upeu50U8iRgWMZeDOjmEYxX-tl145TO2-1d7Mezekv7qgUo_lZjatqQrejWgWGem1xmkrJG6fi_mx2JR2ymDRSb9FMfqmn3WZFGPNFQpps7HitUIKYbzsp64uL7HMf3fuHfsYUZo5iRuwrd_4qTGw0PEMwx660P7XGr-EELb_tf1GSKNaOrjMHCkjDDCpXzkVFK3jZau9tvfInjrBH3BSStK3jZnd83fEcvNmq_fQarjmhBlHpCk8VKd33QZR-CSpR4Tmcek9fpMUxygPy9GD2jYi-HA02NJX2kKVMPLz_sCG_y1hTz2lioWSpQggxs6rsdTr1MH9UgOughkLikDQKr5SH109WdoOev7UyqGxGE9TfeEcB1KaxgnAKYrevNHnFj_lejQD0up3H4JIk0rxB1YvwzDiF5QjULR-l4NyVZcukHVsY1Cmnzj9caC4pJE4avy11roVZ80qHlWjVxhACQopBnoEwNtrx82iedXYM-zE3DLtEojYdcyBVKZhkweiseffgkGJbV5fEcMzpvHBQYJlXqnfL_IYSEoaJ0ofdZeKFPavaQgB4fTzSDDjCP1yEGXthP4fhKYHeJ8s3B1b487kknJFNXtHyQm69qWkTC0AvMTwejG2gzlJDzmUfN3Yqpma3V3q7rZxi34P38BlmRwAWDKnMRnkTl1604KXX3VeiUNqoD6EmJAQhW8cicEgFHai8cQE9_XA3LWRYxW8fImm7Y8yGBJ_YoSTM4EDqhm5qErmeCBeSdt2iTmvCLF6DgXWT6dq7lX84Xm4NQkfg7lEcRkKOBCGUfMFoyDZdpPrr1lKZkLQEp_8LluKFMoGA7YcYiVCZgnDUhvens6egAJdk2U5iVBFO5IJO_8XUDB_tLpiZKkGcJ7hZJZPJgpqGLdncR7o8uuBoLa_lkayZdGvud59UjveNXCA0mocVU6t6FOlXg2d4UNrgix6-YoorcRS3GskYYOVsEFKWD2O1FhUbZBG0FkmGidLhE0RAIVfC8vDI7t6p0mzUXn7KyT4P0MmrQUy813AfNDeyu_Y6I_rhKKAFBlqWXgx1SNFDH42cUz0Gpk9bAUsyblx-KHRs6zn4UIkFrzqBhJvdxIWPBthGIkKCxE_rKe5tgxySI8X0UTSEo3-p72RErw2XgnyALZyN2eHs6i7klpUKj5lp3-1Qc4TeByYek9xxXu6jhP55WJPzo5okD9vY4TQ2cfM1rzwgEOm8BSkjkNhNY1XPvgWzUYhiPOazcsiI&sai=AMfl-YSbnv-BL5FbVcIgF6gQVcC2iNNb-fX02RL67_at3r9fXqP5_CUQ3XMzlnCz1xXsQP3kcEF_78YFcFVhPkPZon-tpswgA4TfGYlLdx4j__ozvQUQVkEKCt4L2X6fcigYRDL2Vk4E-Gm8AuEG4a6hUIDCu4YroZALJPpClUaoEYqvxyEfdthDnkUezY3FafJVG6Ik6K3bJJorahtTecbzcYo9SC79AvFRZ4-7&sig=Cg0ArKJSzHGzXCm9ulHwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=230&cbvp=1&cstd=227&cisv=r20221020.53984&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 00:57:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4936 60 KB
24 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 00:57:30 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/js/ Frame 4936 2 KB
781 B 39ms
38ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5100861fd6684233f69a0869bc6cdc8890357945fef4efdac9c176748da0af9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 752
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 08:00:43 GMT

GET
H3 200 hp_styles.css
s0.2mdn.net/sadbundle/2784116164253232531/ Frame BD64 3 KB
845 B 41ms
39ms Stylesheet
text/css 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2784116164253232531/index.html?e=69&leftOffset=0&topOffset=0&c=zWdyilyflp&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

577e95c032b936497700daecc8dd065ebe23e8916c36a55bc73b2fe2df806eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2784116164253232531/index.html?e=69&leftOffset=0&topOffset=0&c=zWdyilyflp&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47946
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 816
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 09:25:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 11:38:24 GMT

GET
H3 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BD64 113 KB
39 KB 94ms
92ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2784116164253232531/index.html?e=69&leftOffset=0&topOffset=0&c=zWdyilyflp&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2784116164253232531/index.html?e=69&leftOffset=0&topOffset=0&c=zWdyilyflp&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 00:57:30 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame BD64 118 KB
40 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2784116164253232531/index.html?e=69&leftOffset=0&topOffset=0&c=zWdyilyflp&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2784116164253232531/index.html?e=69&leftOffset=0&topOffset=0&c=zWdyilyflp&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 11:10:17 GMT

GET
H3 200 hp_main.js Show response
s0.2mdn.net/sadbundle/2784116164253232531/ Frame BD64 5 KB
965 B 57ms
55ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2784116164253232531/hp_main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2784116164253232531/index.html?e=69&leftOffset=0&topOffset=0&c=zWdyilyflp&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcd06efa61ab767d11222b9503e891898dbc00d2db2507f06ef242c108a313cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2784116164253232531/index.html?e=69&leftOffset=0&topOffset=0&c=zWdyilyflp&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47946
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 936
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 09:25:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 11:38:24 GMT

GET
H/1.1 200
OK dv-measurements3130.js Show response
cdn.doubleverify.com/ Frame 8622 545 KB
105 KB 40ms
40ms Script
application/javascript 2a02:26f0:1700:6::17d5:a191
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3130.js
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:6::17d5:a191 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 00:57:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 11:48:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e9d655d5e6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106973

GET
H3 200 container.html Show response
5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FE78 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 00:57:29 GMT
expires: Thu, 26 Oct 2023 00:57:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C841 0
26 B 161ms
78ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBm0H9QhRjfgfXbWI0ZdpKF0w__I5zO9jdU5y2px20PrdLjTRllOGgJ3w9QaZiUi8x3_Upeu50U8iRgWMZeDOjmEYxX-tl145TO2-1d7Mezekv7qgUo_lZjatqQrejWgWGem1xmkrJG6fi_mx2JR2ymDRSb9FMfqmn3WZFGPNFQpps7HitUIKYbzsp64uL7HMf3fuHfsYUZo5iRuwrd_4qTGw0PEMwx660P7XGr-EELb_tf1GSKNaOrjMHCkjDDCpXzkVFK3jZau9tvfInjrBH3BSStK3jZnd83fEcvNmq_fQarjmhBlHpCk8VKd33QZR-CSpR4Tmcek9fpMUxygPy9GD2jYi-HA02NJX2kKVMPLz_sCG_y1hTz2lioWSpQggxs6rsdTr1MH9UgOughkLikDQKr5SH109WdoOev7UyqGxGE9TfeEcB1KaxgnAKYrevNHnFj_lejQD0up3H4JIk0rxB1YvwzDiF5QjULR-l4NyVZcukHVsY1Cmnzj9caC4pJE4avy11roVZ80qHlWjVxhACQopBnoEwNtrx82iedXYM-zE3DLtEojYdcyBVKZhkweiseffgkGJbV5fEcMzpvHBQYJlXqnfL_IYSEoaJ0ofdZeKFPavaQgB4fTzSDDjCP1yEGXthP4fhKYHeJ8s3B1b487kknJFNXtHyQm69qWkTC0AvMTwejG2gzlJDzmUfN3Yqpma3V3q7rZxi34P38BlmRwAWDKnMRnkTl1604KXX3VeiUNqoD6EmJAQhW8cicEgFHai8cQE9_XA3LWRYxW8fImm7Y8yGBJ_YoSTM4EDqhm5qErmeCBeSdt2iTmvCLF6DgXWT6dq7lX84Xm4NQkfg7lEcRkKOBCGUfMFoyDZdpPrr1lKZkLQEp_8LluKFMoGA7YcYiVCZgnDUhvens6egAJdk2U5iVBFO5IJO_8XUDB_tLpiZKkGcJ7hZJZPJgpqGLdncR7o8uuBoLa_lkayZdGvud59UjveNXCA0mocVU6t6FOlXg2d4UNrgix6-YoorcRS3GskYYOVsEFKWD2O1FhUbZBG0FkmGidLhE0RAIVfC8vDI7t6p0mzUXn7KyT4P0MmrQUy813AfNDeyu_Y6I_rhKKAFBlqWXgx1SNFDH42cUz0Gpk9bAUsyblx-KHRs6zn4UIkFrzqBhJvdxIWPBthGIkKCxE_rKe5tgxySI8X0UTSEo3-p72RErw2XgnyALZyN2eHs6i7klpUKj5lp3-1Qc4TeByYek9xxXu6jhP55WJPzo5okD9vY4TQ2cfM1rzwgEOm8BSkjkNhNY1XPvgWzUYhiPOazcsiI&sai=AMfl-YSbnv-BL5FbVcIgF6gQVcC2iNNb-fX02RL67_at3r9fXqP5_CUQ3XMzlnCz1xXsQP3kcEF_78YFcFVhPkPZon-tpswgA4TfGYlLdx4j__ozvQUQVkEKCt4L2X6fcigYRDL2Vk4E-Gm8AuEG4a6hUIDCu4YroZALJPpClUaoEYqvxyEfdthDnkUezY3FafJVG6Ik6K3bJJorahtTecbzcYo9SC79AvFRZ4-7&sig=Cg0ArKJSzHGzXCm9ulHwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=499&vt=11&dtpt=269&dett=3&cstd=227&cisv=r20221020.53984&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BE7 0
0 154ms
76ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujpMqYzEKPWAS1LHb_Ny_VbP9XpZjfoDNi7RY5lUFt2NYmwbWDdi9JWxRelgLh9xjZQzwegN7BnbnmjylgWvmiZ5usii4n31PILOxsIIHJYkb45OXv-PlyP7owbqZDofVwRnWhef6Q3Nc7K7j5Sr9ixLsX_QWmkt1W-e0RL65mcshIe4pbTdUf3Ca1lx9FmGITTWuXWdYNlIsSA1xMbiMFwi4HvCgCdukSgRyFQ1xFVd9qpmb2SO2T0LP_lmFCWsHMLZs8HdFpZdVG-XfRC2pzX0Ofo0GYJB5KtHPPRbY_rOSRK8HY0VM2BO-2kHRDh9OLX1LBUbc3us4rhNzypfirqajzNsYV&sai=AMfl-YQV4r3Vl4XByRhg9wYHgHw0kwJbdDT7Sz8cWE76N1qIatwt7YHWdQKY87-8crN0xP5zyrQ7cS4l7pkHxkHnf-BWSrVtLv1O6tG_-evOonHRBIFpscdqh9USmgUNw5OB2mYYtw&sig=Cg0ArKJSzFKLS3kB0m6BEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 00:57:30 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4B3D 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 70551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 289B 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 70551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 txt1@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 4936 3 KB
3 KB 38ms
37ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt1@2x.png

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4468223874313a873a77cc4df05012c88768cba0c577f9962e162bbf014d7e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:00:43 GMT
x-content-type-options: nosniff
age: 493007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2563
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 08:00:43 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 4936 2 KB
1 KB 39ms
38ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/logo.svg

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 09:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401931
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 09:18:39 GMT

GET
H3 200 bg1@2x.jpg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 4936 33 KB
33 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/bg1@2x.jpg

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e722aa73c0477c0c2bcd367c93dfdf7338e70e62b9e6acc4ed1cdd804e61108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:00:43 GMT
x-content-type-options: nosniff
age: 493007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33919
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 08:00:43 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/ Frame FE78 261 KB
68 KB 219ms
104ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp4ads-v0.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d4afa0a24169b3e5bdda3d225f34733bd60896b31c5e52673df646bd35bfdf0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 00:57:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69282
x-xss-protection: 0
server: sffe
etag: "7a6773b71095fb5e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Oct 2022 00:57:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FE78 6 KB
672 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 00:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 23:38:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 00:57:30 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/v0/ Frame FE78 19 KB
8 KB 159ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-exit-0.1.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

347c2c24c363703d235017e248660e4def4455dbfcda3f52c1ed6cc16fdfec36

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 00:57:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6621
x-xss-protection: 0
server: sffe
etag: "3ce2369f582c10e9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Oct 2022 00:57:30 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame FE78 109 KB
31 KB 186ms
72ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a8014be2573ce560209a78fe2804b55f842c366f3de407fb85a56ae70f737fd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 00:57:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31959
x-xss-protection: 0
server: sffe
etag: "4e6c8ca7bdbf4727"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Oct 2022 00:57:30 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ Frame FE78 49 KB
15 KB 163ms
49ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a353068500fab1b39e616d29977da5f178861bc068eaab953e0a7d084e2299e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 00:57:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14958
x-xss-protection: 0
server: sffe
etag: "aabec04417d45c1c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Oct 2022 00:57:30 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/v0/ Frame FE78 7 KB
3 KB 200ms
87ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-fit-text-0.1.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eefe24ed707481bab58e40772003877fbad3b6776a384ec3b34c0a8ee1ca96c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 00:57:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2507
x-xss-protection: 0
server: sffe
etag: "0a9ebf5354169be2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Oct 2022 00:57:30 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B8BA 0
26 B 107ms
78ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvudq5OY03AKpT8d67wLYA_cJna6zeP42WKAQYpDmpllCs9eTtQvrFMMR2ieSOypVM87vuw5Pm3cJCByJjO678vwVkp4O7mgg00AG-xTwoJI4v91vY3Zx1wt_3Yj_IESo7_WxJv9T8bB0JDo0qcd3DxzVmFni1Bb_S1-3n3hHwVxm4fhkfhERXglWREPTYw4xHe7KrSoBFuKI1mPBLLAaTcZVF-o_2FghkHk163DJY_sSXceeq4tVxQvo4jf7xiAySjIbIqeOPFfNd0rFsZcU6ARSrkLUh-48Cj9P0hmGWKDhoU-noEpBiAGTkFDlODNwlDYiO07kwDyIbKy6bY2wIxdDdwCfijHIuTOKeY2bg8gfF1z2JFUCjEa8qgJVrNtwVg3FHl9lNI7eJy_buZmFP6mtN_yYHfIBfvPjNhNbjZ-f5ddXAr0aEa1YGWqR4_5gYDPgtXGVerQiApXwKHILeA2-2cvDvf3k0fTQxNjQs8gDRZGUxqb_BXxhNkwpkmiTcBKJWqcaj1FEDdheWr3HkMgR2Rh8GiczRO-UIM7IhaqUbgFZRMVLMnVjgcW8zofnVzuaGdGd46KeO8ltCUkniItq3aEA33KGmZj7FhkAw0V0oHZWPYFUfGbXP62TfBQ0k6StG2Rru3ts6jv74Lwrd_edZT9FIN2nq3h0HLO8-j9VX5om7HGZTjl9RITZbskRkNqgj6bKon0KqXJL9jrpoRafkpozI8zg-d4uhFmUrri5Txyu1unMhHnI-2wLrOeX1ToxkKZbw17dOTKSVqU8_tSd4hzYr_ZvRhJDvtZub4w0X2D2ZJO7Uyx0RDQXKsYVTyctcUEWidO9CUgccS7e3UUmQ1Crrl6bNdYNjY_OccjAvVfj_rCmdkOmvd8y-INfV85CWIM0fvn-5FGYxJ5cXdwZqc1M-7sbavJYC9WzP_GjTTDvr9dhJgRHNFyloq5k7U-dwnEcf_-u_dGChDCVl_C5-ppur6hhPHClysaJLuC33-Rx2-0OSFqNqv9j7fHW46ABkADty_dzaBnOcPbmf0CoqDG3ttZ2WW3HaFbrA2fRxR-JUa8com5NFpzb0CV4AACGqGUwQ1Yh-MIxIs4DuaYtAB92cmbzGXWosdetLUbYIqDogwRfy82T-y1vUDhXcuv0iJK1OTSx01T-qELgSn4Myt-hPSIKCF1Mwsh8cvTEFjU7AC1zjzBqkLQ6e6DDOmx2ymqJ25FbYxQa2iyambrNMKxSgXA3f91qxR78xPEyB-tNUd7C47UVqGBxfwX-5VlbBvawmgymCTFEUVK1S2kXmw&sai=AMfl-YR9bRFXHtqunTsskAYyHAKB8DZeAGYGPGdjYaF_DtRRtTSRNn9_Hj8M_Y2P-_iEz8AZm-606-MtmJjj7eFyaF_cEHIiBaxSkSESQWnv9YyT9McdMaHshYfVy1f2pHBZqRD_I_WnJ0asZirx1fWV2V-xok4tvnyI5uP92C9B7kMClt3gEFBSOC5qJWMEtX5kIrOVNDyxpTJ4UuGr4PX79OQkCnqQCawkFpxiuVk&sig=Cg0ArKJSzOVWQJRGODgfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=576&vt=11&dtpt=332&dett=3&cstd=239&cisv=r20221020.73524&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 8622 694 B
702 B 216ms
44ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=112&ttfrms=24&brid=3&brver=106.0.5249.119&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DHA8I7%40Iag%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DHA8I7%40Iag%5D4%40%3ETar9EEADTbpTauTauHHH%5DHA8I7%40Iag%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=14&ddur=280&uid=1666745850466701&jsCallback=dvCallback_1666745850466990&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.wpgxfox28.com%2F&fwc=0&fcl=440&flt=50&fec=1127&fcifrms=5&brh=2&sdf=2&dvp_epl=154&noc=4&nav_pltfrm=Win32&ctx=19955922&cmp=DV451308&btreg=6084843041138400723568&btadsrv=6084843041138400723568&adsrv=104&unit=300x250&seltag=1&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138400723568&splc=/43459271/loc-desktop/wpgx/web/homepage&adu=21957163323&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=20386493095.23025&dvp_tukv=207632120061.5851&dvp_uuid=46395103267.558586&dvp_tuid=149347594432
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 073eb481c88290e44e8898b70c5231a4ab978aeab0f0c79c3ba3c00d83d867c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/25/2022 00:57:30

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/9792639194664857595/ Frame FE78 13 KB
13 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9792639194664857595/2076313506083323656

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74689bad3b4f480bc6f076adb9927c63e872f5a1b9c675a92be9a13f9d3cf349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 22:12:30 GMT
x-content-type-options: nosniff
age: 182700
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13576
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 10:45:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 22:12:30 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5944018362684700163/ Frame FE78 2 KB
2 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5944018362684700163/downsize_200k_v1?w=100&h=100

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fcf1ec7d15f923a2bd8f1fa404dab3fbd0fefa2853662de2756feafa26b53d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:27:13 GMT
x-content-type-options: nosniff
age: 48617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2256
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 10:28:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 11:27:13 GMT

GET
DATA 200
OK truncated
/ Frame FE78 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FE78 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1d7aead3cf67e348ecb43be187baf91641cbd15974c2c58c314be2a2f58b3cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FE78 15 KB
16 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 115958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FE78 15 KB
15 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 361006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 20:40:44 GMT

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B3D 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:34:37 GMT

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 289B 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:34:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BD64 7 KB
6 KB 130ms
51ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1ca936be9fa069cec3e11e672a7aae97fee9487ecf5b3e7251cde7504f1caed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5620
x-xss-protection: 0

GET
H3 200 container.html Show response
5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A666 6 KB
3 KB 37ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 00:57:29 GMT
expires: Thu, 26 Oct 2023 00:57:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E935 624 B
299 B 131ms
54ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjjhpmxATAB&v=APEucNXrPV4GIyedPvz_j-GywNNC24BNiZeU5qgJXAEGc4UejYgs7JGJdttXC5cccGa-CIfVlLbS_fiwcO9VSzcs8DS0QLj4RQq3VwWzxZG_ED1WDljX7CjR8X8XqXE8YxVSgp2vjYxN2SCS3IPhRcniOFjy2HI4P0knh_pH1nrzSZOlJ6mh0DY

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 00:57:30 GMT
expires: Wed, 26 Oct 2022 00:57:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A666 106 KB
37 KB 114ms
38ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Origin: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 10:24:42 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame A666 6 KB
2 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2484
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 07:50:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame A666 23 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:33:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A666 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALX-G91eR1kwy37b19_G1pM2adol73YhYBT4a7JWON-sERBQWpkaBEa_zAfr2RNzTm0moO_0rSsoSD94RpNnJyLQvjZqJ8mjM81JhJrpraohHQ6A0

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame A666
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_m_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

40ms
39ms

Image
image/gif

3.122.30.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 3.122.30.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-30-254.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 00:57:30 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Wed, 26 Oct 2022 00:57:30 GMT
Last-Modified: Wed, 26 Oct 2022 00:57:30 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame A666 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame A666 17 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A666 0
0 49ms
48ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHfYc6QvUPo5G-S7nWqARTzr1S3NK-16NJqIN6PAxyVrA5Qm2xXAlI04gAlHRYI5IPou9XtE0FiKRrKYokDC-dLAjFRQ
Requested by: Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A666 152 KB
46 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 00:57:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BD64 17 KB
6 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 00:57:30 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE78 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 52872
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 26 Oct 2022 10:16:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE78 295 B
319 B 38ms
38ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:12:30 GMT
x-content-type-options: nosniff
server: cafe
age: 49500
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 26 Oct 2022 11:12:30 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FE78 0
0 83ms
83ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvZ_i-YVYY9qJOo7r3gP2tpnQDtnalJteroGZgd0Lg-2m__YaEAEguoj7JWCVuq2CtAegAdjR3tkDyAEJqQK17J-Vj7ewPuACAKgDAcgDCqoE-wFP0KQgAss9lLLvLyqeNzVAF27PMuQiw1caXGF-vlHg39OL2PV-mzm4L8nAjae4UPxGtWTjgXqsUiAhnvMpPcksiBy7biUSawPisV4RTE0plM3kSImxC7ivMdN7mHtvna1rta_jCFM0SARMNyN2hSGOGHYJ_glJPUoWvX1QTwi5KL-U0levL9EI6p2OnUspQ3CDQLgR5LzOAJaCfOFmeKP8vNFEYCcMtzbuGocBOC4XqIjHU06fpLHYdEG-ILB9ECWbV1NCTsbgZPO7orld9ZJQ2X5azvzjUrPhicSjRg46siBHQvHnMvWAWXVMUmVLI1lRhULO-UopwF1vvMAExL_wxKED4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5CuoSaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDD8jHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTA5MTc5NTQ2NzE2OTUwM4AKA8gLAbgT5APYEw6IFAjQFQGAFwGyFx4KHAgAEhRwdWItNjA0MjM3Mzk1MTIzNzUwMhiv-hY&sigh=iVO3Cpi2TqU&uach_m=[]&template_id=484
Requested by: Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A666 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
URL: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7072
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
DATA 200
OK truncated
/ Frame A666 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 385d1622c1a6ca44f69f77fc991fc399521b81d5e38e314304f9ad0f890a0ca2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rtl-logo.png
s0.2mdn.net/sadbundle/2784116164253232531/ Frame BD64 5 KB
5 KB 38ms
38ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2784116164253232531/rtl-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4564805d189fc95dc858228fda9bb4a8ff5f9b8a89bf3ef017a3454b6f22d0d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:23:41 GMT
x-content-type-options: nosniff
age: 56029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4935
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 09:25:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:23:41 GMT

GET
H3 200 bgImg1.jpg
s0.2mdn.net/sadbundle/2784116164253232531/ Frame BD64 41 KB
41 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2784116164253232531/bgImg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf2d222219f0fa8143293c4382346a2e0209ea8625cca06affa5e57499c3774e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:23:41 GMT
x-content-type-options: nosniff
age: 56029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41693
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 09:25:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:23:41 GMT

GET
H3 200 txt_sprite.png
s0.2mdn.net/sadbundle/2784116164253232531/ Frame BD64 7 KB
7 KB 40ms
39ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2784116164253232531/txt_sprite.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96d64925502b87c8ccf116c373e7000ca513558cfdc155e49cbfd82915174591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:23:41 GMT
x-content-type-options: nosniff
age: 56029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7415
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 09:25:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:23:41 GMT

GET
H3 200 cta_01.png
s0.2mdn.net/sadbundle/2784116164253232531/ Frame BD64 8 KB
8 KB 39ms
38ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2784116164253232531/cta_01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7326f98d6da41a92310756f5a65d902e038e75fd4da578191bcca1dd9f414c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:23:41 GMT
x-content-type-options: nosniff
age: 56029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8636
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 09:25:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:23:41 GMT

GET
H3 200 cta_02.png
s0.2mdn.net/sadbundle/2784116164253232531/ Frame BD64 8 KB
8 KB 48ms
47ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2784116164253232531/cta_02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd860f4dfb90fbae48ce9ef6e3cc624599fbf223402d398a41f5488ffbe19c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:23:41 GMT
x-content-type-options: nosniff
age: 56029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8652
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 09:25:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:23:41 GMT

GET
H3 200 gg_logo.png
s0.2mdn.net/sadbundle/2784116164253232531/ Frame BD64 4 KB
4 KB 49ms
48ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2784116164253232531/gg_logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bace81af5d322ed83165faf028303bfcc5553d0b05457727b590cabac3c3428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:23:41 GMT
x-content-type-options: nosniff
age: 56029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4361
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 09:25:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:23:41 GMT

GET
H3 200 logo_ende.png
s0.2mdn.net/sadbundle/2784116164253232531/ Frame BD64 3 KB
3 KB 47ms
46ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2784116164253232531/logo_ende.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42f89c5e64bfc044c763cfd3cee1dab2afe34c2995abdd2030760b1097c15bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2784116164253232531/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:23:41 GMT
x-content-type-options: nosniff
age: 56029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2703
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 09:25:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 09:23:41 GMT

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame A095 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:34:37 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E935
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1

43 B
766 B

38ms
38ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjjhpmxATAB&v=APEucNXrPV4GIyedPvz_j-GywNNC24BNiZeU5qgJXAEGc4UejYgs7JGJdttXC5cccGa-CIfVlLbS_fiwcO9VSzcs8DS0QLj4RQq3VwWzxZG_ED1WDljX7CjR8X8XqXE8YxVSgp2vjYxN2SCS3IPhRcniOFjy2HI4P0knh_pH1nrzSZOlJ6mh0DY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E935
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iF.YQybYAN1Vcka0gFQwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2

43 B
766 B

38ms
38ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjjhpmxATAB&v=APEucNXrPV4GIyedPvz_j-GywNNC24BNiZeU5qgJXAEGc4UejYgs7JGJdttXC5cccGa-CIfVlLbS_fiwcO9VSzcs8DS0QLj4RQq3VwWzxZG_ED1WDljX7CjR8X8XqXE8YxVSgp2vjYxN2SCS3IPhRcniOFjy2HI4P0knh_pH1nrzSZOlJ6mh0DY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFUUlBBmKF8po0gtCTGUdOs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E935
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBgTRcYISJ6mD8hq11n5_jg&google_cver=1

43 B
1013 B

45ms
44ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBgTRcYISJ6mD8hq11n5_jg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjjhpmxATAB&v=APEucNXrPV4GIyedPvz_j-GywNNC24BNiZeU5qgJXAEGc4UejYgs7JGJdttXC5cccGa-CIfVlLbS_fiwcO9VSzcs8DS0QLj4RQq3VwWzxZG_ED1WDljX7CjR8X8XqXE8YxVSgp2vjYxN2SCS3IPhRcniOFjy2HI4P0knh_pH1nrzSZOlJ6mh0DY

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
AN-X-Request-Uuid: 38a50d34-b789-44a3-bce9-16e6d1f701bd
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBgTRcYISJ6mD8hq11n5_jg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E935
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:30 GMT
AN-X-Request-Uuid: 4624c233-da33-4209-b17b-50d0a171fb97
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1ODQ0NDk4MDE4NjY0Nzk1
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4510298486328660194/ Frame 8FEB 43 KB
6 KB 38ms
37ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5994215d3ce922494a8427a68393a72e2b9ffce3b525f03b780d480fedc92ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 435783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 6036
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 23:54:27 GMT
expires: Fri, 20 Oct 2023 23:54:27 GMT
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A666 0
27 B 87ms
86ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstzw-yXSR9qf5YUM1FM0J1Vy7wh_xih-Pk-jChwm7HJZ1K2CUNK6XYWPvr-TDkAZCA28QXUraR1kTejKW_JXbS9LeXP59BvtmRBLOAkBIFcxpUoJ0b0_xEzMNGQvNME2zhcxtlnp0OiJuCuLiP7i_iON7fZGLnyk8-4SdzDGgvEb-zCQo9qNKRi3v5QLcYrWgzqcNdsYb23lsMxrB-1CQd7nQFxjo1oFA0GbY4w8UgiTjnmCO5cRENaKVMERUTg_cx2t_fSl7YhLyQ6uo3-Z4MtfI0iZY3mOQ251-csGfo7Lq64PQVofxctWCzQwW1-M388qYxfrTSEYRLJDT2_f06gaL8xS1zDDo2fdwF3GZeKg1KRPoGtVep2Qphzc3jwPmOT0wQ3RjIbH8zgFnnVEjTmg_YZDWniMIIOrKjCsF6OctB-v686SuoVnFPtrSuu3v-JnkJumD4stO8XkW9dIEFGZmGSxGO6YmdTEdUX4MRGmRIWGlKnMaoVlh4osWka0tqtFK0DBcAJXzdqMhEWayxvrRKVqpUQeVcF2Olx3fYmRZAP23XPyhkzgDR985Pprw5yTrTfMGAlOJVawCuMIfaHnTT7l_tb2qw3oej3MBtwv-dxoAbrkLp4R0m5jf9OHJSVo5j5TDj-NeV694edEXfiV5qglAZSFkKTpG8cz_SrUCkQyoa-ubiMMZsaRqE20ch755YI21U4iWmAySKvuVExCHkP82rtUz4PmDAA--o1fXpAaJIMcIO7v1DpWfPwenzDd2nKG-QYnp9EPeiWbA81hsfH8wXeKhSk9Hc9dfEXfpw12zSdonbNRz2qumynZ7XOgD6Ib3hAUCucNg19ErXHrBjTPhgZnyhVAIua28sD3uFNVi2DLuW0RW8_k8ZkdrkfjKovjcaDOk-z6PcjCJ3eu_CpyvJEX6-cBWoMFDsWctIMBdNKRndz0F5zroef2P8pofw7jPbmMOrZlibG61W6iQ1GN3J0tx0O_Izm1ZMvrU8juQLnv1w9bN6HYQDou7p9waE0LDsnK7hEfpk5BZsvV8wJHflvZONC4cKEOO9lPGzRg5fpqGzfCkE9P2zD5re4IdStiZeexItuPhUIqHLicNp3jejfpO2os2QsA-mNOIARG5MAu28IeaQyJt6cHhobXh3L5hBXqCK-doSWM0Mq6DLH2EGPkom7Y_ksUSU_mOasIB2mMPqVvnrhd9-64rUfNYER6NJxgHJCkRjVwxXSYfStKMgheUfLvxxovTnwynFTchPd0DvqNoY&sai=AMfl-YTgoDI9z7Z8b-mOPbRF3AXJC43hXtF5TyQXYVGeadC_hAtcyIdBqvGRA_LRnYJTQ91Qfejx5fuHNFLNlJewSddySNbgbNsimfuK6TV_1RzLdxpuiWTmKwNLfN3CpZTuooC26Os0EfbjWTiGNAovcbE5f3M4_8UZA8LzQwtQBot7gnCla1SlYtc4w7RQzZUcgRfifxMbtDtkfDo5_BRHI8FEJ2nJTuQicsEWKKAld7TN22CTXjG-zXgceptHX8HC5IWQ_huZCjXBkQxYQlDIt0tsIHdp_vepFntk_fSAAPwxyDH3D-3LStqoTHxirys_sAExtX7N_i8FeX30u52fUu5mMXHwl09VibWi3yFUTYi-oSbmJoANO8-LslfDG9CiZdquuf__RVI1ZkNtchrkT_dDlE6T&sig=Cg0ArKJSzFlJHsT8RwMiEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=202&cbvp=1&cstd=200&cisv=r20221020.78632&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 00:57:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2890 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 70551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 25d643d4b8750bdc341b34f7c06486a7.js Show response
s0.2mdn.net/sadbundle/4510298486328660194/ Frame 8FEB 65 KB
17 KB 37ms
37ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/25d643d4b8750bdc341b34f7c06486a7.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ea394861b4fa43c3b873a418272ddc3f5844d2b179cb74ee55ae2b15561d8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 16:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17306
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Oct 2023 16:18:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B3D 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZQqO-YVYY5jfL42g9u8P3ce-uAMAAAAAOAHgBAI&bg=!MzClMHTNAAaaxvStusY7ACkAdvg8WtTaHy2vZQs9IA-2vChxfz8GmFqlw-F1VNhxlwGKCFpfrJfXNgIAAAExUgAAAAJoAQcKAHPDUtDORRJZ2nR34FDcYabhL_QoNRTlAFEiH0pi9AHiGxUwXl_v5vKJBcjk1BApxRRRdvKjAa0j_UD7r_DZxAnrGlB2oOd80IqUdf5FBFS-43Pz7riE25Q60ax6-5s44VhGBreprmk_Jrh_JC8S2YY3iFBWmQLsho0JVzIE4TRQQ1LPt7tsvl2p1doIQGvToNwvgi-j3hyRtWggENwoXMPX6Dpdt9A1FcQg4bsUZnDiAaGuMpVWq9RCeGq4n-szb3y_fsESOhpDUGlot7734eqHJAIH-Ln0qPRaRsfUpgL4tLZkXdb0aPePOQsj8x4eVkgPGy1S2eVVnP5hNotq0w1TiWpL0kT7LHEf_wiVwckkW7VckZKbK3GiJ4HdQwquH0rg-Jyq8LEWnOlwyAM_1koDBWKTqaOY-U_jquVIBeI-duwuMlpSENfDC64es2Wz_yzSew_GrB0K9E6OJdGujRBypCLdur1g3oiOeWvt9NdIkEqk6F0xi_I-l6GSZxaKpjIc5qJfsm3Wx5xiWHqwIPzhSekOzZWrHPgFu63QytXOb-SGRUHMk8e8ywmEV6AyP1ouIdHUv5l-DHl_58hIF5lQAz5J48ryQXqhjpBb4YTBydTEtgxRgALnz18ienQExoJ33PdUKhWhaaTK5VcCKpmaFvyeE0LkeagzDvnSwH74R-FSsF_P_YaR0Xv3DA6UN4Nv1q9VHVtrTFURSZdqmTFztdufT_1ATVrhDuCfcQtW7kbbzFG_9wiDy4dqEOvi_ra5hyR04mMvtsRi1jiAlneBIPPJhzFVrIFPclgLUo2r6hpxouSJJ356A5jm5Gu3FTq5n7b_ZKx46SB4jrdjczpTx7UeGMv94i6Ko8eFekBLR5GTuB6exh9vxRHIVNzvbBQp9j25tkgHit5BtKpXzZnItNGKhp_hWDg9al8bv8X1bxVn8Ny-cJSrsyPteX5sKuWSjrVqEvX7N9F53ud3czKDc2mIpX9Q8g6d-AnAUlVe07JUIm41tGbcfupxorP_jfnzzVhFGDc0QxDcse_7uamOZRgKERbbaj7WQAOn1vUfEBPTc9DZCy6xX4JkFCowGzZWa1RWd5Imu4K4kjohX6OZMaTaxWHsRcfShuEGaaCoqDEYpd47BAwSbRbotvRyN6HNLQ

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 289B 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsheS-YVYY8qlMLu89u8PyJqq4A0AAAAAOAHgBAI&bg=!goGlgcXNAAaaxvStusY7ACkAdvg8WjgzQURgNlSMInJG0-Ut4zzcUPqSPCmumLQGk-sKkUECH4Y4nAIAAAEqUgAAAAFoAQcKAFrwA1ujuJylqQ6tdfxd2YGXgOtuwX7MpPj3_IlHmmUmMuUi7-tBcnmlu0SYU9jGfOCqTuGHGFzXzBn7_HI3OA0fWXKx9agXa44MFpZWVhRqb0te8di6iIlVY22ZAu4UJGRR-CHIiA3vmGH9q0KR6F320WzygrlQht26Ua7iig_M9MJryYFHM__oDK7bnMmbGxdUvFZAc2WZJzjYaMFiDTq4w-oJgPcLIFAuohaOC2mo99c2nbw3CEvecK7oJgCTmG9SQLbSfz7aedQZY4DY4DBBmfszIci4NQ83W4suShiyC50w7b6s68wldq0nYejFXQRKnNmEXD0__xpTTWHI7mM69bPWKp2HL2TlRTIX24i2DPJ_KXFPOhlJuzBst51cpBIn1kA0Tp3U6zlV4zCgemYYZaZUKykB7RQjeYS8U2D-EQERo5uKlH1Zr2HIiiteZncQp3ci2H5pH7sebqolZfDOACyqRv-XVJU6NcktMFzvhxRGoPb1KTBI8aR0R6XOXw332YUmo0RP5doOwSTpJYi6rhqf7AuVAdTaZah32R0U9-MFqWE3JPkrZHwyPeVIFeh8b4dfarudDBwBxj08czj8IALi-tEXuyQcznuwcpTMiiVeUz8Ik17h6ZyYc6BVOcWwNrN47vX3kZ4xLr6YLXO9ZWzbpS3QrPOV7qvzEreF3AmZ_6WD4kj25ShLmEmvD2zZ8xuuaSzycZsNkof5zBG8puUWAeP8KRB99JjQx2A4kK3WW5-zxCun-hVxf_zQNwD69j8W9AAN7DHiliSrpBOJrQPKYPQUZRKzwx6pwoyttLCQAuDXLlcGwnW5-vRJdyzXJAj4xk-EF5Gnr972yajjvuVpWqXswSfXZi50quCX208YCDNKA-NnraZORkjwWbo9PzBqciwFgWdRZNV1i-TnBwkyvXHq37F_YEKB78ghipyQWXt-ORUCVlQ2bP-TJ-EPLDIafaUrca2IxoOeca_O_hnPTghtGNotsDXzI6YP7YBQzQtEPIGmLUWp0HywMpi0qNRoFUBNtE-P1LYxsH7VdSO6d6JILs98S_hlS7j_jiL7WdZbFDa76KiuC_LUwS-XhokXSMF_41P7PjT44lxaxvOalChEWtV3EEY

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 2890 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:34:37 GMT

GET
H3 200 d75c353bc94b9456a0ce22058f1aec3a.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 3 KB
1004 B 38ms
37ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/d75c353bc94b9456a0ce22058f1aec3a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b30cce057de74fed13268b871654f8eb37ab0a1b8cd2a0bb3cb4429b773fb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 968
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 21:04:08 GMT

GET
H3 200 cd146b9f541a4bb242933d337e045691.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 2 KB
758 B 44ms
40ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/cd146b9f541a4bb242933d337e045691.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

971e07373632d9069a454ed1df5ba4ca1fc498c71e8671efc703c4a1c629a658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 16:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Oct 2023 16:18:37 GMT

GET
H3 200 8a02fb99c4d46def425df2a059744d54.jpg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 5 KB
6 KB 45ms
41ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/8a02fb99c4d46def425df2a059744d54.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8fbc5a9caec37d18b906c89b9a26f99abc3a1f680536a4dd8de4e10dc1a5844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:53:45 GMT
x-content-type-options: nosniff
age: 57826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5631
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 08:53:45 GMT

GET
H3 200 d53c5beccc161ce0d8d820dabd473915.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 5 KB
2 KB 46ms
42ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/d53c5beccc161ce0d8d820dabd473915.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0443cfa5ac5756bc2aebd73590af9f24cdab4d5d4534cc2ff61c990076e9e024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 23:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91774
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1643
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 23:27:57 GMT

GET
H3 200 60e58b4dcb814e224a5748e8fa30e571.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 1 KB
539 B 46ms
43ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/60e58b4dcb814e224a5748e8fa30e571.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab421e53d473899e77d33cdba4374960b10d0e89ea7cb8c8c961c7c25ecd9b42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 16:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 502
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Oct 2023 16:18:37 GMT

GET
H3 200 e68a1d219dd1fc92e2a7acca1b077bb6.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 4 KB
1 KB 51ms
48ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/e68a1d219dd1fc92e2a7acca1b077bb6.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c78ab7bd16597971a5f828e35fe7e2433759a71db0474617aec3e0b13860981b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1429
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 08:00:41 GMT

GET
H3 200 a01de4256526fa25b5a4f8ef982c863c.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 1 KB
612 B 49ms
46ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/a01de4256526fa25b5a4f8ef982c863c.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6986324e5703b8e839b81e2b221214f286ae020bf5d4125fd0ad81b395d5e924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 575
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 21:04:11 GMT

GET
H3 200 20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 8 KB
2 KB 46ms
43ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/20cd3c9c87a3dcad42074ff89b4391e0.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 21:04:08 GMT

GET
H3 200 8fe2b4994050fedde07fd3a0ae1eaaa5.png
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 2 KB
2 KB 51ms
48ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/8fe2b4994050fedde07fd3a0ae1eaaa5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cf90fe7c9ee9bf8b341652cbe30c2565cc2457cb1fced28c0c73a4116ecfc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:46 GMT
x-content-type-options: nosniff
age: 115965
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1761
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 16:44:46 GMT

GET
H3 200 d4759bcbd6e2fc771310419f7fc638e2.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 921 B
431 B 48ms
45ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/d4759bcbd6e2fc771310419f7fc638e2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf6723bc6fdabc360afa8360ff6fa68bbaf5678344c2ef5367019c1c68f9e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 394
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 16:45:07 GMT

GET
H3 200 be2b5c351419b2f7c03f69e7ec92ff4d.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 765 B
460 B 48ms
45ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/be2b5c351419b2f7c03f69e7ec92ff4d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5747c3811adc4308396178b6d5133ba0a3d1fbf75cb34408516070f334328020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 16:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 423
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Oct 2023 16:18:37 GMT

GET
H3 200 563d35e070b536fe99ac6f90cc143021.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 262 B
227 B 49ms
46ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/563d35e070b536fe99ac6f90cc143021.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f824255471c27fa4d1711fb3dc95cd1abb01d4267cddb88a80da9de0ad9e568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 17:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 17:43:21 GMT

GET
H3 200 73988a98035f294ce561ac3c6488f805.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 92 B
139 B 49ms
47ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/73988a98035f294ce561ac3c6488f805.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dd9a76ff0add20fe040cd2b9872bbb785772e2feed27e23827ae453cde16095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 23:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 23:27:58 GMT

GET
H3 200 e0b5ed40951c443f4f8181ef6b82db67.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 3 KB
1 KB 46ms
44ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/e0b5ed40951c443f4f8181ef6b82db67.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e024155111f5d48fb4953f9369af6afb3a16555e041365fb4003ceca6beeef8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1249
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 21:04:08 GMT

GET
H3 200 d306cc2e632a2c293a449b2cc2ba23c3.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 768 B
444 B 52ms
49ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/d306cc2e632a2c293a449b2cc2ba23c3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23ec91eed6b7384c279d885718b3bcb51a0d3a8d8d888359cbe146ea12094212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 406
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 21:04:08 GMT

GET
H3 200 7b078ae01737273e0d52d33c33c12a7c.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 586 B
386 B 51ms
48ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/7b078ae01737273e0d52d33c33c12a7c.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02327771952d4f6507fed23540dcfadd6288000cbca2af5f1d7d793c8909b304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 348
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 21:04:08 GMT

GET
H3 200 0cde5efc0567bcab21474422961ea657.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 904 B
409 B 50ms
48ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/0cde5efc0567bcab21474422961ea657.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce4076cd760ba035ee9d326f3a1bf9157dfeac50fb058a9aedfe53b2fd10ad91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 371
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 22:14:26 GMT

GET
H3 200 e2b684e2986ea6141e36de2511a816c1.svg
s0.2mdn.net/sadbundle/4510298486328660194/media/ Frame 8FEB 1 KB
636 B 51ms
49ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4510298486328660194/media/e2b684e2986ea6141e36de2511a816c1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aca9d549981e9a27a786545ba75fed3bc70738752aa299e95af6669f199464a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4510298486328660194/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96629
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 598
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:10:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 22:07:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C841 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufSZwLEHnKW7WvyP6erp9Rc4c-QisM5Ti-mMNxlJF5YOeA8tA_vMPD3oY9116tNHJ31phxbtODKrFxc5OFF4mIx8ovxhXTypgsfunDHoGv-RW8ohbSbgu6M8d4zRwNQIRcrTDaeoo&sai=AMfl-YRHQ1qGy_NeJBqyB7r4dVywIbySG9iJ7wmdcmNovTgNGXBZgdzSkDQSkdPAS3Y6XA0dS78FuQQLipMHBmc2HiymGWB9lUT8POhrhXn6r3Bkj-lC4Xgq-sIaaftW-QXcHQ&sig=Cg0ArKJSzCk5mUjpkqbyEAE&cid=CAASJ-Ro4QqAsCoSmZClYGwEw6Uniwbxl43UDzbINQl7uEgloYTJB4Zpbg&id=lidar2&mcvt=1022&p=160,436,250,1164&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3379187505&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666745849662&rpt=367&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A666 0
26 B 76ms
75ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstzw-yXSR9qf5YUM1FM0J1Vy7wh_xih-Pk-jChwm7HJZ1K2CUNK6XYWPvr-TDkAZCA28QXUraR1kTejKW_JXbS9LeXP59BvtmRBLOAkBIFcxpUoJ0b0_xEzMNGQvNME2zhcxtlnp0OiJuCuLiP7i_iON7fZGLnyk8-4SdzDGgvEb-zCQo9qNKRi3v5QLcYrWgzqcNdsYb23lsMxrB-1CQd7nQFxjo1oFA0GbY4w8UgiTjnmCO5cRENaKVMERUTg_cx2t_fSl7YhLyQ6uo3-Z4MtfI0iZY3mOQ251-csGfo7Lq64PQVofxctWCzQwW1-M388qYxfrTSEYRLJDT2_f06gaL8xS1zDDo2fdwF3GZeKg1KRPoGtVep2Qphzc3jwPmOT0wQ3RjIbH8zgFnnVEjTmg_YZDWniMIIOrKjCsF6OctB-v686SuoVnFPtrSuu3v-JnkJumD4stO8XkW9dIEFGZmGSxGO6YmdTEdUX4MRGmRIWGlKnMaoVlh4osWka0tqtFK0DBcAJXzdqMhEWayxvrRKVqpUQeVcF2Olx3fYmRZAP23XPyhkzgDR985Pprw5yTrTfMGAlOJVawCuMIfaHnTT7l_tb2qw3oej3MBtwv-dxoAbrkLp4R0m5jf9OHJSVo5j5TDj-NeV694edEXfiV5qglAZSFkKTpG8cz_SrUCkQyoa-ubiMMZsaRqE20ch755YI21U4iWmAySKvuVExCHkP82rtUz4PmDAA--o1fXpAaJIMcIO7v1DpWfPwenzDd2nKG-QYnp9EPeiWbA81hsfH8wXeKhSk9Hc9dfEXfpw12zSdonbNRz2qumynZ7XOgD6Ib3hAUCucNg19ErXHrBjTPhgZnyhVAIua28sD3uFNVi2DLuW0RW8_k8ZkdrkfjKovjcaDOk-z6PcjCJ3eu_CpyvJEX6-cBWoMFDsWctIMBdNKRndz0F5zroef2P8pofw7jPbmMOrZlibG61W6iQ1GN3J0tx0O_Izm1ZMvrU8juQLnv1w9bN6HYQDou7p9waE0LDsnK7hEfpk5BZsvV8wJHflvZONC4cKEOO9lPGzRg5fpqGzfCkE9P2zD5re4IdStiZeexItuPhUIqHLicNp3jejfpO2os2QsA-mNOIARG5MAu28IeaQyJt6cHhobXh3L5hBXqCK-doSWM0Mq6DLH2EGPkom7Y_ksUSU_mOasIB2mMPqVvnrhd9-64rUfNYER6NJxgHJCkRjVwxXSYfStKMgheUfLvxxovTnwynFTchPd0DvqNoY&sai=AMfl-YTgoDI9z7Z8b-mOPbRF3AXJC43hXtF5TyQXYVGeadC_hAtcyIdBqvGRA_LRnYJTQ91Qfejx5fuHNFLNlJewSddySNbgbNsimfuK6TV_1RzLdxpuiWTmKwNLfN3CpZTuooC26Os0EfbjWTiGNAovcbE5f3M4_8UZA8LzQwtQBot7gnCla1SlYtc4w7RQzZUcgRfifxMbtDtkfDo5_BRHI8FEJ2nJTuQicsEWKKAld7TN22CTXjG-zXgceptHX8HC5IWQ_huZCjXBkQxYQlDIt0tsIHdp_vepFntk_fSAAPwxyDH3D-3LStqoTHxirys_sAExtX7N_i8FeX30u52fUu5mMXHwl09VibWi3yFUTYi-oSbmJoANO8-LslfDG9CiZdquuf__RVI1ZkNtchrkT_dDlE6T&sig=Cg0ArKJSzFlJHsT8RwMiEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=425&vt=11&dtpt=223&dett=3&cstd=200&cisv=r20221020.78632&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 56ms
56ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d72f81101878074af5566ad510135a533f9fa172a29e64417616e29eee34724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11164
x-xss-protection: 0

GET
H2 200 19479410_G.png
wpgx.images.worldnow.com/images/ 66 KB
66 KB 203ms
202ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479410_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c1ee10292e6328c4e0a9e64c0eefc31456b216fe58e7bf94ce347a3d35e8db6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 67760
cf-resized: internal=ok/h q=0 n=9 c=45 v=2022.9.6 l=67760
last-modified: Tue, 09 Jun 2020 16:42:17 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfcosGtvoE6i9NUW2HILfiRA:7abf5cdf363221b3d278ec7ee87b4195"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3d018f24927a-FRA

GET
H2 200 19479412_G.png
wpgx.images.worldnow.com/images/ 144 KB
145 KB 154ms
153ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479412_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bb7ee02a42c7e43c2b4bd98eb5a1f03bee61cc33da050507ee2251724670766

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 147923
cf-resized: internal=ok/h q=0 n=10 c=27 v=2022.9.7 l=147923
last-modified: Tue, 09 Jun 2020 16:42:21 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfdPuZ5iiPsQcELZibU3OTVQ:0d8c7c54f779e2c0c8f4dfdf98327c4d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3d018f25927a-FRA

GET
H2 200 22945412_G.png
wpgx.images.worldnow.com/images/ 91 KB
91 KB 173ms
172ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/22945412_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a34c08596a05648761e7c8ce459c1dfdb8e241d6d29a669e9db29335a8354f9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 93338
cf-resized: internal=ok/h q=0 n=19 c=35 v=2022.9.7 l=93338
last-modified: Tue, 05 Jul 2022 13:20:30 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf2AwkU4yZgVgS6-c5thNXfw:39cc48d078e3bed1c9914ca569d88e23"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3d018f26927a-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 00:57:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2890 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTQwa-oVYY8iHE8OirATF_p0gAAAAADgB4AQC&bg=!S0ilSAzNAAaaxvStusY7ACkAdvg8WrHRZvJiVJ-3Pqz8uSuaCjTq54BJRBaHb6254WEj25P2SKDdxgIAAAB4UgAAAAJoAQcKAHvwLpu4mvF8dOO1CH9co_AJI401RsOgAxgj4TXyB8lLw1MauOc_zoqh5ud5dSLEOmt8eD8izByF9foNX8b4yungGHjgTWT02PQz7WopB3IfKawQVzsCJSqGdq5fXfTOhrOEhkXYChiTF5h0Kn69ZY1t5QMjhKjxfxkKsVCZAvioVtAGj0M_Fv_-2e73UnC7xaPyhn0TRhzT03aC0H8KTpXLbhIeeowswwT0IAXxWqJAxGxhxNlEPncQhmdD_4ujBtrMhojiWVGqCe6AkDNr219zEICV3eBcPgQ1GIFnooRt6EgVwxjGoAUQvqwC-dOvuwiMLwnoBrFVlNjcBG7huFCZzFd1TKON7q3kQ-yyBxN9pa1Dz1IYMvK3ROFn5Sf61ijbp3zq7GKAb8EdrjAvyGM6tRh0jRkONwad3OlD7ocR5OKgSZtYKe1U4zY1oMVaSdcIfwl-QZA-HNkhsrAxW0hq4hPVIqbpbEV-xcQMx-kEfc0yZv6VvvcJBbSLlkMn7ntOxjwvzsfhnhSplPMR_hKs1Y2Hh3yrYItVI8CelIoghkcjW9kWWUPVuODcdF_OXoj8lL8tH6Uz148VgP7gAu9Jc4waNQJ06p7nhA61bK9qG-LGs-GzFVqUX1ZmxFpRznQ9zoWYxeg1I2MSYN9bbHiBT8MsjjK2KrH6vcCIkRDOdCykBSYMGWwEBtce7xOZui85M4iKA8ZLrQoOMpj_nwbDn7FjPxP0ir2z4AI1czEWszirYgRHGxUHCSvuOHbdX0H4e8I70JbWnHU054VGp0Mrt9Zc0MPKATz7de8CC_l4Mj40XxoijL4pp4Gz-pLhSWSmxhnkz3IWDjG36M7PlkzM_QZHiw6vHlSjmJ42aCo0Q1DfA9N4uN7mbg9p3HzeYIE8BD6I_cLzpveRF0Vkbz_DIohkmhzYOwl8m7yq10-mmUcwbsJUV_aCqFDRjvmRS9X3m3wd4WsVvUfL1OgxqBb95hCNP4xDjMNy1Bz1Bj2TMiWjWOf36hF11YezSROAcuvP7O04Mq5bJXUuX8WA6Gpum8CJVDbtxwjGatV0Wkv5JaqXF4sQjvMDWUTjIJicp0LIvylnQ_-iepyyA3_i7TqyC4r20KJPuEcMUuos3LYm1vnA-lLyHcELHFQS_pH0PCfNGqPlBpJbB9R35bWhYUPaGzkXmZlr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ABF8 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 21:08:48 GMT
expires: Wed, 25 Oct 2023 21:08:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1713 783 B
535 B 49ms
48ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

774ea5c187b133d8a16488acbe01773bcf4985a6dec8ca8ad5c536bfd07a5f37

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-86MqSOjlq06oNOKylnquTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wpgxfox28.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-86MqSOjlq06oNOKylnquTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 00:57:31 GMT
expires: Wed, 26 Oct 2022 00:57:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame ABF8 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:34:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1713 0
0 70ms
70ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=4346593077601805&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ABF8 0
11 B 37ms
36ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?a2flJg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 22966020_G.png
wpgx.images.worldnow.com/images/ 68 KB
68 KB 164ms
163ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/22966020_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32650a9b093f28dc490abf5176328505a04ee788c754f3a1b9a73d66fcfe8a8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 69455
cf-resized: internal=ok/h q=0 n=14 c=25 v=2022.9.7 l=69455
last-modified: Fri, 08 Jul 2022 15:50:38 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfG0HvZ5ZIqxyXK5uGSL1asg:ece14f95fdd13fa1b7576bd968937f7f"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3d0348d6927a-FRA

GET
H2 200 23010093_G.png
wpgx.images.worldnow.com/images/ 136 KB
136 KB 152ms
152ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/23010093_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c17985959910799acd222feb28e36d3a95e0c147fe60f84357fd1858258f5d9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 138785
cf-resized: internal=ok/h q=0 n=14 c=28 v=2022.8.4 l=138785
last-modified: Mon, 18 Jul 2022 15:01:52 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfpwFQXbVrUGiq_aIskkweFA:77b69c44ed8ff649c29adf498775d93e"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3d0348d7927a-FRA

GET
H2 200 23424443_G.png
wpgx.images.worldnow.com/images/ 95 KB
95 KB 148ms
148ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/23424443_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc292134380271405ccac0796b2499577265795b812f138812b66c90d7d843a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 97198
cf-resized: internal=ok/h q=0 n=21 c=43 v=2022.9.7 l=97198
last-modified: Fri, 30 Sep 2022 13:00:33 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfEssTN45z398XQQlR17EYiQ:1d5df1c886a6690e38d7e5c953ade88c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3d0348d8927a-FRA

GET
H3 200 style.css
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/ Frame 4936 1 KB
456 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2839f1dce2b8c92dd91e190d455db355178099f3bbbc6d43198f8362c6c7cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 08:00:47 GMT

GET
H3 200 txt2@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 4936 3 KB
3 KB 37ms
37ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f181af14f12dac7a849b77afc979988f505cc0e59a2161efee33c95671a34aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:00:44 GMT
x-content-type-options: nosniff
age: 493007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2605
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 08:00:44 GMT

GET
H3 200 txt3@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 4936 3 KB
3 KB 39ms
38ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt3@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42e6f6a2f5fd69061f40d3b8353e65c29cb1d65caf641255d9ef040865763bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:00:44 GMT
x-content-type-options: nosniff
age: 493007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2903
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 08:00:44 GMT

GET
H3 200 disclaimer@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 4936 2 KB
2 KB 39ms
38ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/disclaimer@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ba3370f00f19c52fae5a7f78df5d6b70dda1e81e7549944bc42a3247d90756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:00:44 GMT
x-content-type-options: nosniff
age: 493007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1713
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 08:00:44 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 4936 2 KB
1 KB 41ms
40ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 08:00:44 GMT

GET
H3 200 bg2@2x.jpg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 4936 32 KB
32 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/bg2@2x.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

075c6e12a4b52e9cb3e68815f5fccdf234062d1b41aae94271547c016572ae79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:00:44 GMT
x-content-type-options: nosniff
age: 493007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32877
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 08:00:44 GMT

GET
H3 200 legals@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 4936 6 KB
6 KB 40ms
39ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/legals@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba64c8489b418d2356b12fd052f0eb0f6a81ae7a3ce9d6ceb55941edafc223d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 08:00:44 GMT
x-content-type-options: nosniff
age: 493007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6340
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 15:58:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 08:00:44 GMT

GET
H2 200 resources Show response
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 852 B
610 B 163ms
163ms XHR
application/json 2606:4700:4400::ac40:9409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32320

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9409 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e7c1de6b2bb9ee948c65a78eb26fba42e3fcbcb2d1795622eafacccb94ebc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wpgxfox28.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-dns-prefetch-control: off
content-length: 460
x-xss-protection: 1; mode=block
x-response-time: 474ms
server: cloudflare
etag: W/"354-PhLy4kJgStLmQ/TRPeS6YWGy8T0"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff3d05ec019c10-FRA
expires: Wed, 26 Oct 2022 01:00:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
74ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=4346593077601805&bg=!4OOl46fNAAaaxvStusY7ACkAdvg8Wselhh5_7nTkOwCah9pAF4ziy1IvIzHj0jFpqIkimD_KXVyJ7wIAAABJUgAAAAJoAQcKAB-XIYetWHUFNHe34zYnsSSOutGyEb2HJhZPsQFx3pZimQKhEcv-lr6p13MA7CsxwQml9-4UzmpAVmB94Dt8ZIl2QUovHajruFyt08RwUHIBZYZkfPa8TCRoTelU7qsxCkVEWw_yKedlOzS6iSi8Ne5_N3tSAcxygDHiJ7L2xbPhSD0swHEjMscwuMwWZKKFrPxoWJIEqgBysIFf2R6n94ivXUUnYvDgUoHGAjMI3YSlxG7vFgjTIMu7a76rNyDgl9SveqJACjkcZQJ53Itr6ka8XzvqHZ0Zwcz57RAhnDUgL9KMyWuJK00FrTQOqX2bJdN8EkQ2aDBfAKcNbhTQeM3nIA4882m0pYk8lNF-kwd_lD9YVD5yKz_MfP4y6WuO74PP_d5I0ucYUGG7uTFfxw2IHdvZTWMBefoA3yGx2wWZZbzP5XtGe0FvYFYTOzJQrDpQmc4wIlOurbryNFvhM4MJhkVFqg4GsQfxIlTALXgSjVWAyrPG5unf7TxO0nc46H1DChkAusXLTOStiDWTuYKgYXyaMP0lhLJ4Il2IgHxhlb_dj1dIRJo1fJKeiAgX83MDHF-DzTOBa8rQE8ugoQw_bR8707Wl9kKTr946TMeTlx0deN_jA3bo5l_hHcIEY4NU3TYB8rLxW4XBIJO2fxU4MghPeC6xd27Xqheu7muUqu8fDfQ1kIOqWU7rAH5tdcM988YNw84EsPdjoW1mhRJJSfnnPipFKFpQ-G4jBviWX2yJetALUX-W7e46u_eapPpqBKgwaLQqSUycikrXV6ekKe0iKNg1bGBnKW3ZwiIQzxXCa5D4iSLawvlsHRD5U3_wkzONkp6iwS3LOTVH0dU-S6wSiTNC5NIiYiYFr6aVUd2-yEZQUKodhZOq2V54e46Is3UCvttb3oWfWGRxp9q3npnE_efOJjIghpi4WimzCv4Zmw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A666 42 B
64 B 81ms
80ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ3i7y7HT7GX-98EPnbXHn1u0kId3oicQq54vW9yQc7SB1I3maJNRz9gkH__G_F9k0eySpK86DJPcEZvF8tD6R-76NXoFQ-N5IwqFN14sD71x1UfPlvxeLJbQCyygw92blKyyC2Ec&sai=AMfl-YRXIkdOpVsKFbD6dH1O1M1AIa58v3tJv0uUJAjyIwviLKrN0OZ_B4GK8gEzUQ4ZgusnQIGAOTMw-yU40e-eDICYttjLowptU6TnaGGmgFuzxVIl6IvMdXEa1vt8wTttsA&sig=Cg0ArKJSzIiFVSNQuyw3EAE&cid=CAASJ-Ro8PA9JlhjFDFsWplyF_iTp7PziRTuaCTr4ShWXTDHOJIousjwAQ&id=lidar2&mcvt=1000&p=990,256,1098,984&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&vu=1&app=0&itpl=20&adk=3909097108&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666745850573&rpt=403&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 00:57:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 19479412_G.png
wpgx.images.worldnow.com/images/ 321 KB
321 KB 163ms
163ms Image
image/png 2606:4700:4400::6812:2776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpgx.images.worldnow.com/images/19479412_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2776 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4b73c055fd5a37e9ab84a5dd3f0e2384d04d6a299e156eacca96c7724599af2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 00:57:33 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 328440
cf-resized: internal=ok/h q=0 n=67 c=6+206 v=2022.10.4 l=328440
last-modified: Tue, 09 Jun 2020 16:42:21 GMT
cf-bgj: imgq:82,h2pri
server: cloudflare
etag: "cfFwhFQ01DS4BM3kxwHNSVQw:0d8c7c54f779e2c0c8f4dfdf98327c4d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff3d115e75927a-FRA

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame 8622 0
229 B 116ms
39ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=b79354d17530431286300a4557f8c1b7&gdpr=&gdpr_consent=&vdur=216&eoid=11&msrjs=3130&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=280&tetms=10&msltms=88&vltms=216&sei=289&vetms=81&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=8648&msrcannum=4&ismms=31&isumms=31&nvr=2&isgmmims=31&isgmv4mims=31&elmtp=3&isbxdms=3031&b0=3152&adhgt=250&adwdth=300&norwdth=300&norhgt=250&dvp_vsosnmr=1&dvp_mvpw=device-width&lftb=3152&sftb=3152&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=30&dvp_hdnAd=0&dvp_dpr=1&ttfurm=3320&cbust=1666745853765446
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wpgxfox28.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 26 Oct 2022 00:57:33 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 10/25/2022 00:57:33

GET resources
www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.wpgxfox28.com
URL: https://www.wpgxfox28.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=32536

Verdicts & Comments Add Verdict or Comment

390 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wpgxfox28.com/	1970-01-20 16:35:05	Name: _ga_L9W7PFFC9X Value: GS1.1.1666745848.1.0.1666745848.0.0.0
.wpgxfox28.com/	1970-01-20 16:35:05	Name: _ga Value: GA1.1.414358824.1666745848
www.wpgxfox28.com/	1970-01-20 16:35:05	Name: _lang Value: en
.wpgxfox28.com/	1970-01-20 16:35:05	Name: _ga_frankly Value: GA1.2.414358824.1666745848
.wpgxfox28.com/	1970-01-20 07:00:32	Name: _ga_frankly_gid Value: GA1.2.498489575.1666745849
.wpgxfox28.com/	1970-01-20 06:59:05	Name: _dc_gtm_UA-82494642-223 Value: 1
www.wpgxfox28.com/	1970-01-20 16:35:05	Name: _ga Value: GA1.1.414358824.1666745848
www.wpgxfox28.com/	1970-01-20 07:00:32	Name: _gid Value: GA1.1.179516290.1666745849
.doubleclick.net/	1970-01-20 16:20:41	Name: IDE Value: AHWqTUkec6e7hFOz0wR3ZhPDDDc83cMJFGLCqz3euVEycvOAvTrgO-8Uy9qEUBIO3So
.casalemedia.com/	1970-01-20 15:44:41	Name: CMID Value: Y1iF.YQybYAN1Vcka0gFQwAA
.casalemedia.com/	1970-01-20 09:08:41	Name: CMPS Value: 5153
.casalemedia.com/	1970-01-20 09:08:41	Name: CMPRO Value: 5153
.adnxs.com/	1970-01-20 09:08:41	Name: uuid2 Value: 435844498018664795
.wpgxfox28.com/	1970-01-20 16:20:41	Name: __gads Value: ID=48ca3706d570a0aa-22548e8f57ce00a2:T=1666745849:S=ALNI_MZPuGSwfJlhPu6PW6JBnqu7pvpHlw
.wpgxfox28.com/	1970-01-20 16:20:41	Name: __gpi Value: UID=00000b786ffea2de:T=1666745849:RT=1666745849:S=ALNI_Mau8LQI_Mn-xt_NhTru_AKLR67q2A
.adtriba.com/	1970-01-20 16:35:05	Name: atbgdid Value: c7ee40aa-ad69-44da-a4a5-44e8ec491489
.adnxs.com/	1970-01-20 09:08:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlbvR:rF!]tbPl1M>e)ZlrFUfJ+tGXxo@L>YpUYmCtzAl!_S:aUQfWs[VUb#pR?<%lmsbpRzqF1`b_te1E6)

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wpgx.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wpgx.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 25) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://wpgx.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wpgx.images.worldnow.com/interface/js/WNVideo.js(Line 26) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://cdn.ampproject.org/v0/amp-ad-exit-0.1.js(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5670624821e1aba90e41def4eeba6006.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
cdn.cityspark.com
cdn.doubleverify.com
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
cntsyncont.images.worldnow.com
code.jquery.com
content.worldnow.com
csp.azureedge.net
d.adtriba.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ftpcontent.worldnow.com
ftpcontent6.worldnow.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
maxcdn.bootstrapcdn.com
ngw-static.franklyinc.com
p.cityspark.com
pagead2.googlesyndication.com
prsubmitpresslifestyle.images.worldnow.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
stacker.images.worldnow.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
wpgx.images.worldnow.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.wpgxfox28.com
www.wpgxfox28.com
142.250.184.226
142.250.186.98
185.80.39.216
185.89.210.20
20.60.81.107
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::6812:2776
2606:4700:4400::6812:2862
2606:4700:4400::ac40:9409
2606:4700:4400::ac40:94e4
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:811::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2006
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9a
2a02:26f0:1700:6::17d5:a191
2a02:26f0:3400::1702:d13
3.122.30.254
34.149.12.213
52.160.40.218
01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7
02327771952d4f6507fed23540dcfadd6288000cbca2af5f1d7d793c8909b304
0443cfa5ac5756bc2aebd73590af9f24cdab4d5d4534cc2ff61c990076e9e024
065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
073eb481c88290e44e8898b70c5231a4ab978aeab0f0c79c3ba3c00d83d867c8
075c6e12a4b52e9cb3e68815f5fccdf234062d1b41aae94271547c016572ae79
0aca9d549981e9a27a786545ba75fed3bc70738752aa299e95af6669f199464a
0adda642d06c3b2804a96604c9edef761749138422b773baddb31afbe7ce4d9d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eefe24ed707481bab58e40772003877fbad3b6776a384ec3b34c0a8ee1ca96c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
163698cf1459a288c891aacca7071b4ae250795571e69e7edcc87c23db592256
16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba
180f707c73f1687a2da87466d7497c011fceaec6bca87a884eb9077e1b63465f
18b30cce057de74fed13268b871654f8eb37ab0a1b8cd2a0bb3cb4429b773fb8
199e5795b09dda994fd37e7c1c711a4385628fceb25dfbaebc19d0d587e80040
1cf6723bc6fdabc360afa8360ff6fa68bbaf5678344c2ef5367019c1c68f9e39
1f7584acdcb0fd7e3be17c0558206be07649635809195eb398eb82d656521deb
22947163b9b9ad637680638f412b4f356f77c159281bf9da45afbf07b79f26dd
23ec91eed6b7384c279d885718b3bcb51a0d3a8d8d888359cbe146ea12094212
2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
263fe17941fdb86c0b01303a036e725a175c9907ba49d6f8850071a3c7fa6ae9
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5
2a353068500fab1b39e616d29977da5f178861bc068eaab953e0a7d084e2299e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bb7ee02a42c7e43c2b4bd98eb5a1f03bee61cc33da050507ee2251724670766
2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71
2d4afa0a24169b3e5bdda3d225f34733bd60896b31c5e52673df646bd35bfdf0
2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f
32650a9b093f28dc490abf5176328505a04ee788c754f3a1b9a73d66fcfe8a8c
340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
347c2c24c363703d235017e248660e4def4455dbfcda3f52c1ed6cc16fdfec36
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
385d1622c1a6ca44f69f77fc991fc399521b81d5e38e314304f9ad0f890a0ca2
3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4
4156f57c3080b420ebef3ed8d5919f91359e998ee9a1aeadce9aa5f3f53a5d4b
4468223874313a873a77cc4df05012c88768cba0c577f9962e162bbf014d7e86
4564805d189fc95dc858228fda9bb4a8ff5f9b8a89bf3ef017a3454b6f22d0d9
48918968dd9a4892fb71a9f6fd0d25826f727dd379406cf755174e30cd13d81b
4a8014be2573ce560209a78fe2804b55f842c366f3de407fb85a56ae70f737fd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1ee10292e6328c4e0a9e64c0eefc31456b216fe58e7bf94ce347a3d35e8db6
4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec
4cf90fe7c9ee9bf8b341652cbe30c2565cc2457cb1fced28c0c73a4116ecfc95
4e722aa73c0477c0c2bcd367c93dfdf7338e70e62b9e6acc4ed1cdd804e61108
4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785
4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167
4f824255471c27fa4d1711fb3dc95cd1abb01d4267cddb88a80da9de0ad9e568
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5100861fd6684233f69a0869bc6cdc8890357945fef4efdac9c176748da0af9d
5577a35df0b0c1e8cd1de5d1eeec282274de93d00885381ad7220215a9b9015e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
5747c3811adc4308396178b6d5133ba0a3d1fbf75cb34408516070f334328020
577e95c032b936497700daecc8dd065ebe23e8916c36a55bc73b2fe2df806eab
57a62640952523260df08a98c8d7f794e2e9cb17d6d81f4a10cf3958237b628e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71
5bace81af5d322ed83165faf028303bfcc5553d0b05457727b590cabac3c3428
5da9f07549e9bfd18d14ef0c39293ce33d86633988f80f26b17ccf4fa5ed0155
5dd9a76ff0add20fe040cd2b9872bbb785772e2feed27e23827ae453cde16095
5fd860f4dfb90fbae48ce9ef6e3cc624599fbf223402d398a41f5488ffbe19c0
607fb035cd784740222458bcb31a47cdc7a2031cd8029d7c827d34ca92cc45c2
60d9b093cca92a3d624ae2021e387e44dd9115cf551cf6734c73c5f8e14610e0
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
614456975ac06eccd652989051d3ac67d52a942828862158ffd0f1d029c304c6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52
640df844e66ad8f2c4d75663b116f8215e878ac03e6be793dac3354126178377
6986324e5703b8e839b81e2b221214f286ae020bf5d4125fd0ad81b395d5e924
6a644bae263fe0b6f0db2237db0dd4341f43b107e3ea4b99d1f0b1f615267cf9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd5f7a7059a3f3d3d0cfd6a985f72ffac27e909a58a5e892f3d5074375b1b8e
6d6379f7feb5dbbc12c0e5c31640b6c3ab156cd333fb5dae0163e5deaeb9dc1b
6e7c1de6b2bb9ee948c65a78eb26fba42e3fcbcb2d1795622eafacccb94ebc95
6fcf1ec7d15f923a2bd8f1fa404dab3fbd0fefa2853662de2756feafa26b53d3
70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2
723a8b16cf027418311ce29c1b50817a2f8b2af0161d50332a730bdd3e1beaf8
74689bad3b4f480bc6f076adb9927c63e872f5a1b9c675a92be9a13f9d3cf349
75ba3370f00f19c52fae5a7f78df5d6b70dda1e81e7549944bc42a3247d90756
774ea5c187b133d8a16488acbe01773bcf4985a6dec8ca8ad5c536bfd07a5f37
784cf734171b1a5c9adb298caeeaf3a4f254e6811a9ee3d52489604e4c8e9222
7c31a7b0990af81a279b26ca80b9c39f73e1ade39f7fd9117950b1d558e52e2c
7c433928e8bfe929f7b4a60d812e5d0d8c353c5243c77247a3cd4f32b9157ae0
7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6
7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4
7d72f81101878074af5566ad510135a533f9fa172a29e64417616e29eee34724
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
865d512b0631d33b932cc8a563cb738bcddab918ef1d66057bbbab948e7e33fc
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a39078ccddc328c92e86ea3e06adcaab13d44000cd011045703ca1a90449943
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
915da5b2f0f11472fc284d35eac066568eebb34f9694c5b6ea1e9d54dea64ca2
9269e1d00da11f333cedf8d2a21a22c6475e377ae0bb2f03d99b94a2e1cded2f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
96d64925502b87c8ccf116c373e7000ca513558cfdc155e49cbfd82915174591
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
971e07373632d9069a454ed1df5ba4ca1fc498c71e8671efc703c4a1c629a658
97d7da45c22f28dcd7603dfaadd0fec6a24f7a82c69555f3d1de086593f4c5d1
98818d35d4c98fa17afc5b59d080fefa902ea8c8ca10601591eca13b65f6c2d2
9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf
9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed
9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0bdc9652a3f823098b617c27d451d7ac0653b09fe03b6da9fbf893594a9d0e4
a34c08596a05648761e7c8ce459c1dfdb8e241d6d29a669e9db29335a8354f9c
a42e6f6a2f5fd69061f40d3b8353e65c29cb1d65caf641255d9ef040865763bf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a975ed5a70fb131883fd1ec66ed577c5e07b8e2cd14bdc540d4abc7ab879019e
a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024
aa07d80aec8be3bb2ab5e5872b20e5cb3d480c890e05546c57d2d48042977d8c
aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1
ab421e53d473899e77d33cdba4374960b10d0e89ea7cb8c8c961c7c25ecd9b42
ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db
ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf
af786559cb35f6df97b4609c621c4a12104b13b7ac348b23ba90ed59fa168f83
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15e6b39848fdecac7a7645b853ce1d6f457cfd2662e25fffb09ada5ebc7d4d1
b2e284b8df919540739cfe32297bdb2d9d07ccdd3f7a22a6dac0a81c5253ee6e
b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b613f403ca62b0729393cfd263745974a7fa73bafbda405040fde013fc328656
ba64c8489b418d2356b12fd052f0eb0f6a81ae7a3ce9d6ceb55941edafc223d7
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca
be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222
bf2d222219f0fa8143293c4382346a2e0209ea8625cca06affa5e57499c3774e
c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f
c17985959910799acd222feb28e36d3a95e0c147fe60f84357fd1858258f5d9b
c1ca936be9fa069cec3e11e672a7aae97fee9487ecf5b3e7251cde7504f1caed
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2c16cae7de7a79ac3a5404b76dabb5ba25708562ce7767a6113f08d17c70f74
c7326f98d6da41a92310756f5a65d902e038e75fd4da578191bcca1dd9f414c0
c78ab7bd16597971a5f828e35fe7e2433759a71db0474617aec3e0b13860981b
c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26
ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167
ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1
ce3258fae4dee842bd067d34dc9a7b166e5451fb21139b3920fc0df351350c5b
ce4076cd760ba035ee9d326f3a1bf9157dfeac50fb058a9aedfe53b2fd10ad91
cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9
d1d7aead3cf67e348ecb43be187baf91641cbd15974c2c58c314be2a2f58b3cf
d276300072ba9ba3c91c2af4c51b1035dd957da6f6545a94eaf713b67996b47f
d2839f1dce2b8c92dd91e190d455db355178099f3bbbc6d43198f8362c6c7cf8
d49ae0401867a02ea6b892861cd0004bd0b5b548d30816e9d828dd4657b69e6c
d860e91242b6b2dbc46a04b545ddbcc4a53a01d7343dcb9d011bf8853a441a7f
d99171489f4050fea6a4c2440c9d0337f8ae8b2bedb7116587687621d85d7261
dc292134380271405ccac0796b2499577265795b812f138812b66c90d7d843a3
e024155111f5d48fb4953f9369af6afb3a16555e041365fb4003ceca6beeef8c
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2ea394861b4fa43c3b873a418272ddc3f5844d2b179cb74ee55ae2b15561d8a
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e42f89c5e64bfc044c763cfd3cee1dab2afe34c2995abdd2030760b1097c15bb
e4b73c055fd5a37e9ab84a5dd3f0e2384d04d6a299e156eacca96c7724599af2
e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31
e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4
e8fbc5a9caec37d18b906c89b9a26f99abc3a1f680536a4dd8de4e10dc1a5844
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa15e6d834cf5624f598a7d729c9ab85c36795ae2da297ce3f17db150ac9e72
f0e49738dac457f1c0b1b906c96da239b5b2361e4318a31b401487ac1dd89077
f181af14f12dac7a849b77afc979988f505cc0e59a2161efee33c95671a34aec
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f5994215d3ce922494a8427a68393a72e2b9ffce3b525f03b780d480fedc92ee
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b83e17e6448f888d6fa1c118494b0d85b60e7072f64a340c46a2bb4d9ca8e6
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f768e9797e689aea399df681a52a5a9a4538ddcba9b46007b4e5e7c6b6a22f6c
fbbfef54b7356d5976be2578760874b170b4fcbed606288da533c60e173e2e2b
fcd06efa61ab767d11222b9503e891898dbc00d2db2507f06ef242c108a313cd
ffd2548a51d91757c87731d2e2ac256b9bd31da24f985228af6b8318b36d6b14

www.wpgxfox28.com Open in urlscan Pro 2606:4700:4400::ac40:9409 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

255 Requests

95 %HTTPS

76 %IPv6

24 Domains

42 Subdomains

34 IPs

5 Countries

7140 kBTransfer

17106 kBSize

17 Cookies

32 Outgoing links

Redirected requests

255 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wpgxfox28.com Open in urlscan Pro
2606:4700:4400::ac40:9409 Public Scan

Screenshot
Live screenshot

Full Image

255
Requests

95 %
HTTPS

76 %
IPv6

24
Domains

42
Subdomains

34
IPs

5
Countries

7140 kB
Transfer

17106 kB
Size

17
Cookies

255 HTTP transactions
7 data transactions