www.rinehartfarm.com Open in urlscan Pro
213.226.126.234 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.rinehartfarm.com/
Submission: On March 17 via api (March 17th 2023, 3:32:51 pm UTC) from PL — Scanned from PL

Summary HTTP 472 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 46 IPs in 11 countries across 40 domains to perform 472 HTTP transactions. The main IP is 213.226.126.234, located in St Petersburg, Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is www.rinehartfarm.com.

This is the only time www.rinehartfarm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
55	213.226.126.234 213.226.126.234	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1 34	87.248.119.252 87.248.119.252	203220 (YAHOO-DEB) (YAHOO-DEB)
15	87.248.119.251 87.248.119.251	203220 (YAHOO-DEB) (YAHOO-DEB)
1	87.248.100.208 87.248.100.208	34010 (YAHOO-IRD) (YAHOO-IRD)
1	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
2	87.248.100.216 87.248.100.216	34010 (YAHOO-IRD) (YAHOO-IRD)
3 13	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
12	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
6	152.199.21.65 152.199.21.65	15133 (EDGECAST) (EDGECAST)
12	192.229.221.24 192.229.221.24	15133 (EDGECAST) (EDGECAST)
22	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
6	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
6	34.243.115.23 34.243.115.23	16509 (AMAZON-02) (AMAZON-02)
25	23.211.10.211 23.211.10.211	16625 (AKAMAI-AS) (AKAMAI-AS)
7	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
51	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
10	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
38	142.250.186.33 142.250.186.33	15169 (GOOGLE) (GOOGLE)
10	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
2	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1 8	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
3	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
10	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
9 26	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.210.74.157 3.210.74.157	14618 (AMAZON-AES) (AMAZON-AES)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
6	65.109.27.133 65.109.27.133	24940 (HETZNER-AS) (HETZNER-AS)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	52.30.219.75 52.30.219.75	16509 (AMAZON-02) (AMAZON-02)
1	54.64.126.195 54.64.126.195	16509 (AMAZON-02) (AMAZON-02)
2 4	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 1	54.164.155.52 54.164.155.52	14618 (AMAZON-AES) (AMAZON-AES)
2 2	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	18.194.168.240 18.194.168.240	16509 (AMAZON-02) (AMAZON-02)
1 1	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
1	64.158.223.137 64.158.223.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	72.34.250.75 72.34.250.75	27630 (AS-XFERNET) (AS-XFERNET)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
44	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
9	162.55.246.95 162.55.246.95	24940 (HETZNER-AS) (HETZNER-AS)
3 6	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	152.199.23.180 152.199.23.180	15133 (EDGECAST) (EDGECAST)
1 1	34.254.81.77 34.254.81.77	16509 (AMAZON-02) (AMAZON-02)
1	54.78.86.90 54.78.86.90	16509 (AMAZON-02) (AMAZON-02)
472	46

55 213.226.126.234 (St Petersburg, Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: vds-cb47696.timeweb.ru

www.rinehartfarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 87.248.119.252 (Meath, Ireland) 1 redirects

ASN203220 (YAHOO-DEB, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edge-mcdn.secure.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
finance.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 87.248.119.251 (Meath, Ireland)

ASN203220 (YAHOO-DEB, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com

5.ras.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
openweb.jac.yahoosandbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.100.208 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-ui71.prod.media.vip.ir2.yahoo.com

embed.fireplace.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.216 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-fp74.prod.media.vip.ir2.yahoo.com

www.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 188.125.72.139 (Dublin, Ireland) 3 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

3p-geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

web-oao.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-central-1-web-oao.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.199.21.65 (United States)

ASN15133 (EDGECAST, US)

aka-cdn.adtechus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.221.24 (United States)

ASN15133 (EDGECAST, US)

o.aolcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

service.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.243.115.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-115-23.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 23.211.10.211 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-10-211.deploy.static.akamaitechnologies.com

apx.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

316a7d8546048e10a2cd990e0c513158.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
793e5fb988953e704349b7bc3946e3d7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.217.18.2 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.153 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.74.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-74-157.compute-1.amazonaws.com

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.109.27.133 (Tuusula, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.133.27.109.65.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.219.75 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-219-75.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.64.126.195 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-126-195.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.251 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.155.52 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-155-52.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.168.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-168-240.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.158.223.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float1.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.173 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 192.229.233.6 (Granada Hills, United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.55.246.95 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.95.246.55.162.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.198 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.180 (United States)

ASN15133 (EDGECAST, US)

opus.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.81.77 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-81-77.eu-west-1.compute.amazonaws.com

guce.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.86.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-86-90.eu-west-1.compute.amazonaws.com

consent.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
99	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 316a7d8546048e10a2cd990e0c513158.safeframe.googlesyndication.com 793e5fb988953e704349b7bc3946e3d7.safeframe.googlesyndication.com 27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 134 f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com	535 KB
61	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 ad.doubleclick.net — Cisco Umbrella Rank: 168	1 MB
59	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6230 cdn.revjet.com — Cisco Umbrella Rank: 5668 pix.revjet.com — Cisco Umbrella Rank: 5960	896 KB
56	yahoo.com query1.finance.yahoo.com Failed guce.yahoo.com — Cisco Umbrella Rank: 2977 Failed embed.fireplace.yahoo.com — Cisco Umbrella Rank: 30317 Failed edge-mcdn.secure.yahoo.com — Cisco Umbrella Rank: 5474 5.ras.yahoo.com — Cisco Umbrella Rank: 3653 udc.yahoo.com Failed www.yahoo.com — Cisco Umbrella Rank: 1487 3p-geo.yahoo.com — Cisco Umbrella Rank: 6218 web-oao.ssp.yahoo.com — Cisco Umbrella Rank: 4745 service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 909 eu-central-1-web-oao.ssp.yahoo.com — Cisco Umbrella Rank: 28097 geo.yahoo.com — Cisco Umbrella Rank: 1586 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439 ups.analytics.yahoo.com — Cisco Umbrella Rank: 271 opus.analytics.yahoo.com — Cisco Umbrella Rank: 5532 finance.yahoo.com — Cisco Umbrella Rank: 3190 consent.yahoo.com — Cisco Umbrella Rank: 41781 csp.yahoo.com — Cisco Umbrella Rank: 16571	32 KB
55	rinehartfarm.com www.rinehartfarm.com	2 MB
31	moatads.com geo.moatads.com — Cisco Umbrella Rank: 724 apx.moatads.com — Cisco Umbrella Rank: 6270	8 KB
26	yimg.com s.yimg.com — Cisco Umbrella Rank: 438	519 KB
14	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	5 KB
12	aolcdn.com o.aolcdn.com — Cisco Umbrella Rank: 3999	13 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 384	218 KB
6	google.pl adservice.google.pl — Cisco Umbrella Rank: 31607	1 KB
6	js7k.com cdn.js7k.com — Cisco Umbrella Rank: 850	97 KB
6	adtechus.com aka-cdn.adtechus.com — Cisco Umbrella Rank: 8847	639 KB
4	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 706	978 B
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 741	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	194 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 420	865 B
3	gstatic.com fonts.gstatic.com	59 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 354	959 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 752 s.tribalfusion.com — Cisco Umbrella Rank: 1848	1 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 515	69 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 575	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1230	344 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 823	411 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1500	173 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2706	104 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1283	450 B
1	avads.net 1 redirects ads.avads.net — Cisco Umbrella Rank: 24924	442 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 635	1000 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 5545	44 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1444	584 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 31897	609 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 333
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	861 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1072	183 B
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 153	264 B
1	yahoosandbox.com openweb.jac.yahoosandbox.com — Cisco Umbrella Rank: 11613	39 KB
472	40

	Domain	Requested by
55	www.rinehartfarm.com	www.rinehartfarm.com
51	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com www.rinehartfarm.com f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
44	cdn.revjet.com	ads.revjet.com srcdoc
38	tpc.googlesyndication.com	securepubads.g.doubleclick.net s.yimg.com tpc.googlesyndication.com 27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com cdn.ampproject.org www.rinehartfarm.com f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com googleads.g.doubleclick.net
26	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
26	s.yimg.com	www.rinehartfarm.com s.yimg.com 27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com
25	apx.moatads.com	s.yimg.com www.rinehartfarm.com
22	securepubads.g.doubleclick.net	web-oao.ssp.yahoo.com securepubads.g.doubleclick.net s.yimg.com 27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com www.googletagservices.com
14	5.ras.yahoo.com	www.rinehartfarm.com
12	o.aolcdn.com	www.rinehartfarm.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	pix.revjet.com	srcdoc
8	www.google.com	1 redirects tpc.googlesyndication.com da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
7	googleads.g.doubleclick.net	www.rinehartfarm.com f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com pagead2.googlesyndication.com
7	3p-geo.yahoo.com	3 redirects www.rinehartfarm.com
6	ad.doubleclick.net	3 redirects srcdoc
6	ads.revjet.com	f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com ads.revjet.com
6	adservice.google.com	securepubads.g.doubleclick.net
6	adservice.google.pl	securepubads.g.doubleclick.net
6	geo.moatads.com	aka-cdn.adtechus.com
6	cdn.js7k.com	web-oao.ssp.yahoo.com
6	eu-central-1-web-oao.ssp.yahoo.com	web-oao.ssp.yahoo.com
6	service.idsync.analytics.yahoo.com	web-oao.ssp.yahoo.com
6	aka-cdn.adtechus.com	www.rinehartfarm.com
6	web-oao.ssp.yahoo.com	www.rinehartfarm.com
5	geo.yahoo.com	www.rinehartfarm.com
4	onetag-sys.com	2 redirects f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	eb2.3lift.com	2 redirects
2	match.sharethrough.com	5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
2	ap.lijit.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.yahoo.com	www.rinehartfarm.com
1	csp.yahoo.com
1	consent.yahoo.com	www.rinehartfarm.com
1	finance.yahoo.com	1 redirects
1	opus.analytics.yahoo.com	openweb.jac.yahoosandbox.com
1	ups.analytics.yahoo.com	1 redirects
1	sync.go.sonobi.com	da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
1	tr.blismedia.com	da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
1	s.tribalfusion.com	da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
1	trace.mediago.io	1 redirects
1	ads.avads.net	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	cc.adingo.jp	f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	px.ads.linkedin.com	f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	793e5fb988953e704349b7bc3946e3d7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	316a7d8546048e10a2cd990e0c513158.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	sb.scorecardresearch.com	www.rinehartfarm.com
1	openweb.jac.yahoosandbox.com	www.rinehartfarm.com
1	edge-mcdn.secure.yahoo.com	www.rinehartfarm.com
1	embed.fireplace.yahoo.com	www.rinehartfarm.com
1	guce.yahoo.com	www.rinehartfarm.com
0	udc.yahoo.com Failed	www.rinehartfarm.com
0	query1.finance.yahoo.com Failed	www.rinehartfarm.com s.yimg.com
472	72

This site contains links to these domains. Also see Links.

Domain
www.coindesk.com
www.facebook.com
twitter.com
ir.btc.com
www.prnewswire.com
finance.yahoo.com

Subject Issuer	Validity	Valid
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-04-19`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-04-19`	2 months	crt.sh
yho.com DigiCert SHA2 High Assurance Server CA	`2023-01-17` - `2023-07-12`	6 months	crt.sh
jp.techcrunch.com DigiCert SHA2 High Assurance Server CA	`2023-01-19` - `2023-04-19`	3 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-06` - `2023-05-31`	6 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
aka-cdn.adtechus.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-27` - `2023-06-02`	a year	crt.sh
o.aolcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-26` - `2023-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.google.pl GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-11`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-03-07` - `2023-09-07`	6 months	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
opus.analytics.yahoo.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-26` - `2023-06-26`	a year	crt.sh
consent.oath.com DigiCert SHA2 High Assurance Server CA	`2023-02-16` - `2023-08-09`	6 months	crt.sh

This page contains 51 frames:

Primary Page: http://www.rinehartfarm.com/
Frame ID: 15E63C7FA7F41A831D30815E83C09431
Requests: 116 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-csc.html
Frame ID: 72B104978698EA83EE6B67C935861704
Requests: 1 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: 936E7B6CEE882F34B515AB52E78ECC47
Requests: 20 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: 7DE467812AFF5D6444997361E5EB599C
Requests: 28 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: 68E913D01ADA129D86DC49DDA3E7CBC9
Requests: 20 HTTP requests in this frame

Frame: https://316a7d8546048e10a2cd990e0c513158.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 68BDA75A4A8CFBE88FECDDB879F3AFBF
Requests: 1 HTTP requests in this frame

Frame: https://793e5fb988953e704349b7bc3946e3d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C6D8171DB7A21054D0E4F54C757FC5C0
Requests: 1 HTTP requests in this frame

Frame: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DEEDFA3842B565DC54F1583D0311A87E
Requests: 1 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: 92E1C008768C9398C874C17F7740E5B9
Requests: 21 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: B99ECA11045A2174DBE354A322B68A1D
Requests: 22 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Frame ID: 7FF6518F5CD29C298DAD9F995D542AC9
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs
Frame ID: 2D8D423826623ABBAB8A6E0762DE991B
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs
Frame ID: 5A386DC8BA7CBE5DA5567DFDBDB6C5E8
Requests: 16 HTTP requests in this frame

Frame: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3CDF2A9B311A3086D635D70D5CAA1FA1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8DAE060D04136F3E6906A26E1AD49BBF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C58C549BBA52BEDA778F8B4F02CE205
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C6B59100AEA4D4F95610825E76C60CBE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD87F1E730067919446D8D965D90A52F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7F2C8D1F2D3AE10873C1757DE6F09ED1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 209A0436FF4963AD91D497FAFC61F997
Requests: 1 HTTP requests in this frame

Frame: https://s.yimg.com/cv/apiv2/default/houseAdsExchange/index.html?geo=uk&size=300x250
Frame ID: ED74DC0C83916845F6C56752E008F380
Requests: 2 HTTP requests in this frame

Frame: https://s.yimg.com/cv/apiv2/default/HouseAds/UK/20200522/HTML/UK_Yahoo_WhiteWineQuestiontime_300x250.html
Frame ID: A04DE2DCC5BC35FD5F0D4FE8CF1C2660
Requests: 2 HTTP requests in this frame

Frame: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5A2B00CD08A067784C8D79FADBE2012E
Requests: 1 HTTP requests in this frame

Frame: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 65CBA1629BBB96E1209815E069144D52
Requests: 1 HTTP requests in this frame

Frame: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D9AF02430AD576DCB7A539A9852BA703
Requests: 1 HTTP requests in this frame

Frame: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 285C363D7BF13352959EABC66D261A7C
Requests: 18 HTTP requests in this frame

Frame: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D5AE5FAD717B37672AB82919208E3AE7
Requests: 17 HTTP requests in this frame

Frame: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 211A80088E7F29C6150F29372C3785E3
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLjm3OMBMAE&v=APEucNVKki-sejuDbZ9jMulpFvouRjttjoGZVEDeGYPWb032Us45m1sXPBtbgpTHmNMn32ViZiDmnJ-0dAtj7zF0vTX1YruJof4RgD5glMQJ82cBa59L2-Y
Frame ID: D60C7BCDF3B6E0980407B8A2F96B7F1D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL7j3OMBMAE&v=APEucNWkQEhcglnHn3s3_MV-8aSkur7NwMzAKdSsDlH-Ft19fcEuaEMR2gKbkkk-MxPVfOtUghsSzKHc_KSTvTPAxfwCcMXikkbwMZwG9Mdf6HGmZ-VoXEs
Frame ID: A798024BEDA57FAC308BA10D702EFD86
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL7j3OMBMAE&v=APEucNWQcPU-u05K52oXQbVld25bSaKKjJT7Y_3mL5kq8Cs8iFlIR5Mv-kaQb0vQxfA_n6fcN_z2u1--sbrS_-q4tnKPgAlMUllFzxBtOvQB1J8LSQcVDCk
Frame ID: 10019E9A3F97E80BF3F1EFD4B760CAC3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 49323511B56F3255F167720D5FDF9BC0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 66BB189198BD776B6F1061D3333C4FCA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21BBF83EEAB8C9D7B7EF0D1F6B39CA8C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 171CC49B575811F35FA59245DF345AD2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B7C71D14D99002E18EE078868654D62A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7B4E2659046C4791A55B58D116578F8C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Ff5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
Frame ID: ED4B9925C5198F43C97E32C7C1830E88
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
Frame ID: B5BC7B3A079E363F9B60FCD5C67A7430
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fda01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
Frame ID: B6672B347EC24B970AF7331C078DC0E6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: CBFD800AAF26DDA9A4F55762DD1C9CC3
Requests: 16 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: E4080AF865CD404335D1ADE7E3D579D1
Requests: 17 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: 6B7C3CA26D3FC1BBEAB0621C5CE2D9D8
Requests: 17 HTTP requests in this frame

Frame: https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=
Frame ID: 995CE1335ACA67B57BC6F9CF5D51F9B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EFB5971900725D03B3912795921FB6E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E56C0992F0C90CDCF9F37D6F4278A48B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FD85C34C324F5DBD2656D344BFAA6A39
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A213D3F94876EEC3F2DC2DCC3E98E724
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 055F6EA73EAAD794004ABBB0A6A7E69A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 62EC7AB60111494D1E8959D61692B1E9
Requests: 1 HTTP requests in this frame

Frame: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_4a281d57-48ab-4081-b330-a131ffe57ec9
Frame ID: 224E17F979951A310CC9378DCEC9D19E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chinese Bitcoin Mining Company Delivers First Machines to Kazakhstan

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Lightbox (JavaScript Libraries) Expand

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

472
Requests

76 %
HTTPS

0 %
IPv6

40
Domains

72
Subdomains

46
IPs

11
Countries

6384 kB
Transfer

18399 kB
Size

33
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.coindesk.com/
Title: CoinDesk

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=458584288257241&link=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%3Fsoc_src%3Dsocial-sh%26soc_trk%3Dfb%26tsrc%3Dfb

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Chinese%20Bitcoin%20Mining%20Company%20Delivers%20First%20Machines%20to%20Kazakhstan&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%3Fsoc_src%3Dsocial-sh%26soc_trk%3Dtw%26tsrc%3Dtwtr&via=YahooFinance

Search URL Search Domain Scan URL

URL: https://ir.btc.com/2021-06-21-BIT-Mining-Successfully-Delivers-Mining-Machines-to-Kazakhstan
Title: said

Search URL Search Domain Scan URL

URL: https://www.prnewswire.com/news-releases/bit-mining-limited-to-invest-in-cryptocurrency-mining-in-kazakhstan-301297680.html
Title: move

Search URL Search Domain Scan URL

URL: https://www.coindesk.com/wp-admin/post.php?post=637593&action=edit
Title: invested

Search URL Search Domain Scan URL

URL: https://www.coindesk.com/bitcoin-unpacking-hashrate-nic-cart-migration
Title: Go West, Bitcoin! Unpacking the Great Hashrate Migration

Search URL Search Domain Scan URL

URL: https://www.coindesk.com/market-wrap-bitcoin-slides-ether-below-2k-china-reiterates-crypto-ban
Title: Market Wrap: Bitcoin Slides to Two-Week Low, Ether to Below $2K as China Reiterates Crypto Ban

Search URL Search Domain Scan URL

URL: https://www.coindesk.com/podcasts/coindesk-podcast-network/de-chinafication-bitcoin-ban
Title: The De-Chinafication of Bitcoin

Search URL Search Domain Scan URL

URL: https://www.coindesk.com/chinese-logistics-firm-airlifting-bitcoin-mining-machines-to-maryland-report
Title: Chinese Logistics Firm Airlifting Bitcoin Mining Machines to Maryland: Report

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/china-committee-debuts-eye-major-052045820.html
Title: New China committee debuts with eye on major policy shifts

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/supreme-court-weighs-biden-student-051041624.html
Title: Supreme Court weighs Biden student loan plan worth billions

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/volkswagen-china-chief-visits-xinjiang-050336782.html
Title: Volkswagen China chief visits Xinjiang plant, sees no sign of forced labour

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/19-billion-derivative-bond-trade-010547766.html
Title: A $19 Billion Derivative Bond Trade in India Will Unwind With Modi’s New Tax

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/ex-kremlins-adviser-soviet-era-045153368.html
Title: Ex-Kremlin's adviser, Soviet-era dissident Pavlovsky dies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

http://3p-geo.yahoo.com/p?s=1183310220&t=PBlXwRfILbbpyiT4,0.6963802396263072&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_ttfb%22%3A1031%2C%22perf_ttfb_rating%22%3A%22needs-improvement%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067145%04_ms%03849%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031 HTTP 301
https://3p-geo.yahoo.com/p?s=1183310220&t=PBlXwRfILbbpyiT4,0.6963802396263072&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_ttfb%22%3A1031%2C%22perf_ttfb_rating%22%3A%22needs-improvement%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067145%04_ms%03849%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Request Chain 110

http://3p-geo.yahoo.com/p?s=1183310220&t=7W4KP4WsNPXqZ44O,0.1488513136381282&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_fcp%22%3A1679%2C%22perf_fcp_rating%22%3A%22good%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067146%04_ms%03118%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031 HTTP 301
https://3p-geo.yahoo.com/p?s=1183310220&t=7W4KP4WsNPXqZ44O,0.1488513136381282&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_fcp%22%3A1679%2C%22perf_fcp_rating%22%3A%22good%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067146%04_ms%03118%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Request Chain 124

http://3p-geo.yahoo.com/p?s=1183310220&t=ORaOlVPbdaa2gzh5,0.0343632301022232&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_pfb%031031%04A_pbp%03150%04A_psr%03488%04A_pdi%032111%04A_pdl%03635%04A_psc%0352%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067146%04_ms%03417%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031 HTTP 301
https://3p-geo.yahoo.com/p?s=1183310220&t=ORaOlVPbdaa2gzh5,0.0343632301022232&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_pfb%031031%04A_pbp%03150%04A_psr%03488%04A_pdi%032111%04A_pdl%03635%04A_psc%0352%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067146%04_ms%03417%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Request Chain 226

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 307

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHCB_4WJOmncR-WuBF9Qao&google_cver=1&gdpr=0

Request Chain 308

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBSIEIDcoouT-gBojmZysAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHCB_4WJOmncR-WuBF9Qao&google_cver=1&gdpr=0

Request Chain 309

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEFmqH-6xtAHO_SjoBDQNdRg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFmqH-6xtAHO_SjoBDQNdRg%26google_cver%3D1

Request Chain 310

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQzNTU4ODE5MzgzMTMzOTYwNQ%3D%3D

Request Chain 311

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPqvacnZy9CvmLFTX-AS21s&google_cver=1&gdpr=0

Request Chain 312

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzVhY2FjODctYjJhYy0yZWI2LWM5YWMtNWQwMzMyMjNiMjlj

Request Chain 313

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEB6LonSXWySFLSLrWeSCHyc&google_cver=1&gdpr=0

Request Chain 315

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESELcBc_bWt2mwlbTC08ct3Ig&google_cver=1&gdpr=0

Request Chain 316

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMpflAc3-kRP0lpbCDnR-is&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMpflAc3-kRP0lpbCDnR-is&google_cver=1&__user_check__=1&sync_id=ef7e9c34-c4d8-11ed-b7ef-1f0541440106

Request Chain 317

https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=ef7ea553-c4d8-11ed-9f9b-19bfd3920406 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZWY3ZWE1MGUtYzRkOC0xMWVkLTlmOWItMTliZmQzOTIwNDA2

Request Chain 347

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJLCIpWojQa5lZSnJvQDfeQ&google_cver=1&google_push=Aa02lx-SmpQaEzj17LhDpQWbj7gABkSzQPhbIRuIJiSlW5mGaOixOH5fNdNXuPqiX9xhzm85ocX9gzGZvAzo0P2DMsspa3WMcrQp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-SmpQaEzj17LhDpQWbj7gABkSzQPhbIRuIJiSlW5mGaOixOH5fNdNXuPqiX9xhzm85ocX9gzGZvAzo0P2DMsspa3WMcrQp

Request Chain 349

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPLa472BUHgdW2RXcdLQjRM&google_cver=1&google_push=Aa02lx88qFDyIY7cHlcE7GCfbce4OnpxRQVpcCY5dRdxBmC6peKhjt2DlAFruXRpmNj8cnKunk0yilYZDdPT3TNYieUNtvHU3Feu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx88qFDyIY7cHlcE7GCfbce4OnpxRQVpcCY5dRdxBmC6peKhjt2DlAFruXRpmNj8cnKunk0yilYZDdPT3TNYieUNtvHU3Feu&google_hm=pQMaO2QPRPCd3JHB5_7T8y8

Request Chain 350

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEKFpkF5kJOeBmVF3z9woZ0&google_cver=1&google_push=Aa02lx9w-JPt0RKvhEROFbcUVPpzZKbUeHt3WyMsVMkz_Id9V3QxMC907DyMcnNJwKBLPjdzUCRagKbQc1fqg_Q4pb8u0nvGn4yo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMTUzODUwOTkzMjEzMjQ5MQ%3D%3D&google_push=Aa02lx9w-JPt0RKvhEROFbcUVPpzZKbUeHt3WyMsVMkz_Id9V3QxMC907DyMcnNJwKBLPjdzUCRagKbQc1fqg_Q4pb8u0nvGn4yo

Request Chain 351

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFsoee20JZk4zSXp0W5nEfs&google_cver=1&google_push=Aa02lx8U8y2bKQau6p6dSYB76SuRoHpwPn6ZPFMtvipe6OB2r3p0NlUahMK76w-XWAcZOF_YGHkgWB92kfQK0iw1h6Nh0qt81uEP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8U8y2bKQau6p6dSYB76SuRoHpwPn6ZPFMtvipe6OB2r3p0NlUahMK76w-XWAcZOF_YGHkgWB92kfQK0iw1h6Nh0qt81uEP&google_hm=eS1ETTBTUldwRTJwRzZDVGxTeTEyaEhZcmlLTUdjZmhLUH5B

Request Chain 353

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEC26gR9CJLqNC5qvbk_ITd4&google_cver=1&google_push=Aa02lx-H6SWZv1NP9P9EZZ0CG4PPA4foZwfKSdmpO0H2yN1SNrR-8qNl0F7enebk9GHKtvmidRefYU34_s5hRjvBvoENuKQHbCpqrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-H6SWZv1NP9P9EZZ0CG4PPA4foZwfKSdmpO0H2yN1SNrR-8qNl0F7enebk9GHKtvmidRefYU34_s5hRjvBvoENuKQHbCpqrw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 356

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFsoee20JZk4zSXp0W5nEfs&google_cver=1&google_push=Aa02lx8qq9cI4Q3-lGIEO7rcRM9MiTBGQA9YK9iXhnWm3i5lZfpmhgFYjXIdUrKM-j_QdEkM6bNn27HH1-ZcH22qxZQcbzGGK5Bm6g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8qq9cI4Q3-lGIEO7rcRM9MiTBGQA9YK9iXhnWm3i5lZfpmhgFYjXIdUrKM-j_QdEkM6bNn27HH1-ZcH22qxZQcbzGGK5Bm6g&google_hm=eS1ETTBTUldwRTJwRzZDVGxTeTEyaEhZcmlLTUdjZmhLUH5B

Request Chain 357

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJECV9EsxS3PL5pH72l_U74&google_cver=1&google_push=Aa02lx89lGGLGVrR7jdd0pMTtSBZ6H0bM4TPRv1HH_Z48ZCg9vTIzgkL5HkB3jSnwPfH7-LXKQC_ILrg5t9jgZt4z72uZuH_87vTyQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=M334y9tHXB5ZN1r8jJiTibBDVi8&google_push=Aa02lx89lGGLGVrR7jdd0pMTtSBZ6H0bM4TPRv1HH_Z48ZCg9vTIzgkL5HkB3jSnwPfH7-LXKQC_ILrg5t9jgZt4z72uZuH_87vTyQ

Request Chain 358

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELWOcdMEr1reaVVoRMYGEcw&google_cver=1&google_push=Aa02lx-pByRATtqTQ_g0knfavw10P10QoUoi1LzjgUyO8GZc1XfZIE8GVcnp8_nG1MbM9NUy9SaYwD9AEukRagi9WUKbuIEYavve HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELWOcdMEr1reaVVoRMYGEcw&google_cver=1&google_push=Aa02lx-pByRATtqTQ_g0knfavw10P10QoUoi1LzjgUyO8GZc1XfZIE8GVcnp8_nG1MbM9NUy9SaYwD9AEukRagi9WUKbuIEYavve&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-pByRATtqTQ_g0knfavw10P10QoUoi1LzjgUyO8GZc1XfZIE8GVcnp8_nG1MbM9NUy9SaYwD9AEukRagi9WUKbuIEYavve&google_hm=GU4EsGZHRvKLygN8R_WRhw7u

Request Chain 360

https://ads.avads.net/sync/ggl?google_gid=CAESEKGmD4CUHpdylgiGvoYrPJU&google_cver=1&google_push=Aa02lx-PRSzLzqXNMNfYyEMKN9lWsXV4hHMes0KURyawRXOYztAEg44srf-vbl0a98kiXrSIEi8HhGqaBxcd6vqXf6jKkgeff_Vqens HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YWU3MjRkZmYtOTI2NC00ZWRkLWE0YmItMDQ3Mjk5ZWYyYTM3&google_push=Aa02lx-PRSzLzqXNMNfYyEMKN9lWsXV4hHMes0KURyawRXOYztAEg44srf-vbl0a98kiXrSIEi8HhGqaBxcd6vqXf6jKkgeff_Vqens

Request Chain 361

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEC26gR9CJLqNC5qvbk_ITd4&google_cver=1&google_push=Aa02lx9_co64aMq9N_bJ-slrG2eBgTS2vYghkfUN3znyxfQ4erpQpm60zPwn7z2AIOBegwZUhCPn6gM6T8cTLGGmaRHBwg8eyouywuY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9_co64aMq9N_bJ-slrG2eBgTS2vYghkfUN3znyxfQ4erpQpm60zPwn7z2AIOBegwZUhCPn6gM6T8cTLGGmaRHBwg8eyouywuY HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 362

https://trace.mediago.io/cs/google?google_gid=CAESEI-Geko2_tgIjf1zCuY_21M&google_cver=1&google_push=Aa02lx_EH8qGnw3uWqWf256VDPZsWGHUWpnuxnnyxF5o0tXIqjaJMZalOKm1VW9Ct2wSYh-YlnpP0S2BwwiA9WFMsqie75hqqzAFA2Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_EH8qGnw3uWqWf256VDPZsWGHUWpnuxnnyxF5o0tXIqjaJMZalOKm1VW9Ct2wSYh-YlnpP0S2BwwiA9WFMsqie75hqqzAFA2Q&google_hm=821d8b1c5ae7c24dd9a346e89e996ca0

Request Chain 365

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKebJtux3sxMD0ltAxtN4p4&google_cver=1&google_push=Aa02lx_V4IQvnbuAq9a_L4JvPzoO_fqq-B4ygDIktC5LgijbtDFQld1gjpZaSjuVRLlnwhj20v4F0vMaj_u2yLLwa072fvwHstvDlg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_V4IQvnbuAq9a_L4JvPzoO_fqq-B4ygDIktC5LgijbtDFQld1gjpZaSjuVRLlnwhj20v4F0vMaj_u2yLLwa072fvwHstvDlg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKebJtux3sxMD0ltAxtN4p4&google_cver=1&google_push=Aa02lx_V4IQvnbuAq9a_L4JvPzoO_fqq-B4ygDIktC5LgijbtDFQld1gjpZaSjuVRLlnwhj20v4F0vMaj_u2yLLwa072fvwHstvDlg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_V4IQvnbuAq9a_L4JvPzoO_fqq-B4ygDIktC5LgijbtDFQld1gjpZaSjuVRLlnwhj20v4F0vMaj_u2yLLwa072fvwHstvDlg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 368

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHjsEWW98yoHQjXF0bQ4wFA&google_cver=1&google_push=Aa02lx_K6mHNFmYPPnLV_6sw50ERTuL2yHVKEeXYKqPW-TWodt-Bu9d2Lz_1Jeq-LGPi3oxWQIbOqCqKIOMssbZKcULrbOLFNyPq HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_K6mHNFmYPPnLV_6sw50ERTuL2yHVKEeXYKqPW-TWodt-Bu9d2Lz_1Jeq-LGPi3oxWQIbOqCqKIOMssbZKcULrbOLFNyPq&google_gid=CAESEHjsEWW98yoHQjXF0bQ4wFA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMjkxNzcwNzUxOTkzMzI0NjczMQ%3D%3D&google_push=Aa02lx_K6mHNFmYPPnLV_6sw50ERTuL2yHVKEeXYKqPW-TWodt-Bu9d2Lz_1Jeq-LGPi3oxWQIbOqCqKIOMssbZKcULrbOLFNyPq

Request Chain 369

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAcjqs1_YCt9g56H0CcexAA&google_cver=1&google_push=Aa02lx8tWDa9ORIVp1vp4BdK6SiiWzUXNjtPnMyCNW7dDDBLTo0y09Vdi90AeXMl9P-KVgJr2Sdyfe1_mWvYOEzkK1Z65ECGXD7fTAk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xeTVNT0gxRTJ1RXNzVWVCREVoR2dqMGhBMzc0aFFOWH5B&google_push=Aa02lx8tWDa9ORIVp1vp4BdK6SiiWzUXNjtPnMyCNW7dDDBLTo0y09Vdi90AeXMl9P-KVgJr2Sdyfe1_mWvYOEzkK1Z65ECGXD7fTAk

Request Chain 391

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153735 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_pre=CMq5msqk4_0CFe6Kgwcd9RsBfw;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153735

Request Chain 401

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153771 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_pre=CP2Hncqk4_0CFWaFgwcduwQO5A;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153771

Request Chain 409

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153780 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_pre=CPK6oMqk4_0CFdMi4AodF-MJSg;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153780

Request Chain 468

http://3p-geo.yahoo.com/p?s=1183310220&t=FYWrmAFkR1BmPBe7,0.37075517650537737&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_cmi%03%7B%22AFT%22%3A2151%2C%22AFT1%22%3A2151%2C%22AFTNOAD%22%3A1878%2C%22STR%22%3A1679%2C%22VIC%22%3A5200%2C%22PLT%22%3A12141%2C%22DOMC%22%3A1217%2C%22HTTPC%22%3A121%2C%22CP%22%3A91%2C%22NCP%22%3A100%7D%04A_utm%03%7B%22DARLA_RSTART%22%3A2202%2C%22ADSTART_LDRB%22%3A2285%2C%22ADSTART_LREC%22%3A2329%2C%22ADSTART_LREC2%22%3A2344%2C%22DARLA_REND%22%3A2369%2C%22ADEND_LREC2%22%3A4869%2C%22ADEND_LDRB%22%3A4881%2C%22ADEND_LREC%22%3A5185%2C%22ADSTART_LDRB2%22%3A5698%2C%22ADSTART_LREC3%22%3A5708%2C%22ADSTART_LREC4%22%3A5734%2C%22ADEND_LDRB2%22%3A11816%2C%22ADEND_LREC4%22%3A12010%2C%22ADEND_LREC3%22%3A12092%2C%22CONNECTION_TYPE%22%3A%224g%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067159%04_ms%03134%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031 HTTP 307
https://3p-geo.yahoo.com/p?s=1183310220&t=FYWrmAFkR1BmPBe7,0.37075517650537737&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_cmi%03%7B%22AFT%22%3A2151%2C%22AFT1%22%3A2151%2C%22AFTNOAD%22%3A1878%2C%22STR%22%3A1679%2C%22VIC%22%3A5200%2C%22PLT%22%3A12141%2C%22DOMC%22%3A1217%2C%22HTTPC%22%3A121%2C%22CP%22%3A91%2C%22NCP%22%3A100%7D%04A_utm%03%7B%22DARLA_RSTART%22%3A2202%2C%22ADSTART_LDRB%22%3A2285%2C%22ADSTART_LREC%22%3A2329%2C%22ADSTART_LREC2%22%3A2344%2C%22DARLA_REND%22%3A2369%2C%22ADEND_LREC2%22%3A4869%2C%22ADEND_LDRB%22%3A4881%2C%22ADEND_LREC%22%3A5185%2C%22ADSTART_LDRB2%22%3A5698%2C%22ADSTART_LREC3%22%3A5708%2C%22ADSTART_LREC4%22%3A5734%2C%22ADEND_LDRB2%22%3A11816%2C%22ADEND_LREC4%22%3A12010%2C%22ADEND_LREC3%22%3A12092%2C%22CONNECTION_TYPE%22%3A%224g%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067159%04_ms%03134%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Request Chain 474

https://finance.yahoo.com/pdarla/php/fc.php?tID=1&d=0&f=1183310220&l=LDRB%2CLREC&rn=1679067165117&en=utf-8&npv=1&lang=en-US&filter=no_expandable%253Bexp_iframe_expandable%253B&ref=https%253A//finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html&tgt=_blank&sa=Y-BUCKET%253D%2522finance-US-en-US-def%2522%2520LREC%253D%2522300x250%253B1x1%2522%2520LREC2%253D%2522300x250%253B1x1%2522%2520LREC3%253D%2522300x250%253B1x1%2522%2520UBALREC%253D%2522300x250%253B1x1%2522%2520UBALREC2%253D%2522300x250%253B1x1%2522%2520UBALREC3%253D%2522300x250%253B1x1%2522%2520MON%253D%2522300x600%253B1x1%2522%2520ticker%253D%2522BTC-USD%2522%2520wiki_topics%253D%2522Kazakhstan%253BProvinces_of_China%253BSichuan%253BPublic_company%2522%2520ctopid%253D%25221542500%253B1480989%253B1481489%253B1577000%2522%2520hashtag%253D%25221542500%253B1480989%253B1481489%253B1577000%2522%2520%2520rs%253D%2522lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk_75%253Blpstaid%253A58cd28cb-d225-3f64-a522-31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon_modal%2522&ult=pg%253Aproperty%25253A_en-US%25253Brid%25253Aajt4qvdhvr4fi%25253Btest%25253Afinance-US-en-US-def&ar=1 HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=S5F8QbU&done=https%3A%2F%2Ffinance.yahoo.com%2Fpdarla%2Fphp%2Ffc.php%3FtID%3D1%26d%3D0%26f%3D1183310220%26l%3DLDRB%252CLREC%26rn%3D1679067165117%26en%3Dutf-8%26npv%3D1%26lang%3Den-US%26filter%3Dno_expandable%25253Bexp_iframe_expandable%25253B%26ref%3Dhttps%25253A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%26tgt%3D_blank%26sa%3DY-BUCKET%25253D%252522finance-US-en-US-def%252522%252520LREC%25253D%252522300x250%25253B1x1%252522%252520LREC2%25253D%252522300x250%25253B1x1%252522%252520LREC3%25253D%252522300x250%25253B1x1%252522%252520UBALREC%25253D%252522300x250%25253B1x1%252522%252520UBALREC2%25253D%252522300x250%25253B1x1%252522%252520UBALREC3%25253D%252522300x250%25253B1x1%252522%252520MON%25253D%252522300x600%25253B1x1%252522%252520ticker%25253D%252522BTC-USD%252522%252520wiki_topics%25253D%252522Kazakhstan%25253BProvinces_of_China%25253BSichuan%25253BPublic_company%252522%252520ctopid%25253D%2525221542500%25253B1480989%25253B1481489%25253B1577000%252522%252520hashtag%25253D%2525221542500%25253B1480989%25253B1481489%25253B1577000%252522%252520%252520rs%25253D%252522lmsid%25253Aa0V0W00000HOchMUAT%25253Brevsp%25253Acoindesk_75%25253Blpstaid%25253A58cd28cb-d225-3f64-a522-31500d475d2c%25253Blu%25253A0%25253Bpct%25253Astory%25253Bpt%25253Acontent%25253Bsite%25253Afinance%25253Bver%25253Aarticle%25253Bpd%25253Anon_modal%252522%26ult%3Dpg%25253Aproperty%2525253A_en-US%2525253Brid%2525253Aajt4qvdhvr4fi%2525253Btest%2525253Afinance-US-en-US-def%26ar%3D1 HTTP 302
https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_4a281d57-48ab-4081-b330-a131ffe57ec9

472 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.rinehartfarm.com/ 640 KB
120 KB 1026ms
338ms Document
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 8aeac920ec9dbdec2102d5790c0c97031685bae8f252caed19125ae08cad9a0d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Mar 2023 15:32:23 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK 8368c9215f9423b15b43e2840f6356fb
www.rinehartfarm.com/lander/vayt-masha-28.02-6/img/ 46 KB
46 KB 274ms
140ms Image
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/img/8368c9215f9423b15b43e2840f6356fb
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK YahooSans-VF-Web.woff2
www.rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/ 64 KB
64 KB 153ms
52ms Font
font/woff2 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/YahooSans-VF-Web.woff2
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c77ac0aa1aa3c9715cacb1fc76feaf226e30927a9636e5c75c4dfeb75c0f8f98

Request headers

Referer: http://www.rinehartfarm.com/
Origin: http://www.rinehartfarm.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-fe98"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65176
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H2 200 YahooSansCond-XBold.woff2
s.yimg.com/cv/apiv2/fonts/2019/ 12 KB
12 KB 229ms
52ms Font
font/woff2 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/fonts/2019/YahooSansCond-XBold.woff2

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

a20c6fca1545a35f9ecd601cc41f9df7b24f55cfced32d55abe50b46b5842a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.rinehartfarm.com/
Origin: http://www.rinehartfarm.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 16:40:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ZZ2WYQJC9GAVXBX3
age: 82330
x-amz-server-side-encryption: AES256
content-length: 12064
x-amz-id-2: 2/5xJb38x+Sipzn2LYRG56HeI81g10BRivajSC4vIZRpBaWhQrS/p5lD6f/UQsQR2+pLVGvhUHA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Sep 2019 19:59:06 GMT
server: ATS
etag: "6f15483a73d1b9823661757777f54b18"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H/1.1 200
OK fusion.atomic.b6ce8976b99c528880199405b20d4522.css
www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 69 KB
17 KB 76ms
52ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/fusion.atomic.b6ce8976b99c528880199405b20d4522.css
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 8845be6e7a95e3a872fbe0c447d743096b3adf8ee1b6f0d59bcdbdec18aeea36

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1140a"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK bundle.c60a6d54.css
www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 4 KB
2 KB 74ms
48ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/bundle.c60a6d54.css
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: dfdfd45ff45df936750142130afa1fd5781410a300088470c0b54849e96cac44

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-10a5"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK yahoosans.4e1e076763861e0d17cdc2af84ef1ef4.css
www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 3 KB
3 KB 75ms
49ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/yahoosans.4e1e076763861e0d17cdc2af84ef1ef4.css
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c25eb9ef13d4c6fc1509e8f478899f196165bdf32f17acb2163cb329820f1c7d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-b21"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2849
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK desktopweb.db9adc4ea43e2feffc0a59fd0980c7b9.css
www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 7 KB
2 KB 99ms
55ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/desktopweb.db9adc4ea43e2feffc0a59fd0980c7b9.css
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 81871a231bd7e95f87d000c40a52a9e9670d4895e46824e030ac11ddc93e11ce

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1aaa"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK colors_1.1.27.min.css
www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 6 KB
2 KB 104ms
56ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/colors_1.1.27.min.css
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c4785a51adadef034b8274f06cd3ba259f313f67269f1c8f06bb9ce88ae9137a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1823"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK tdv2-wafer-content-list.custom.45f01f005c629741cf7c510f94504957.css
www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 1 KB
2 KB 104ms
55ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/tdv2-wafer-content-list.custom.45f01f005c629741cf7c510f94504957.css
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 67abefd44cdbe95de18cacac973e61226611e6c1bf7c76ca9cd2f7289afc8332

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-5af"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1455
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK tdv2-wafer-header.ybar.desktop.a5ef55315256ad2c3ff918a06f48f42e.css
www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 175 B
507 B 121ms
50ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/tdv2-wafer-header.ybar.desktop.a5ef55315256ad2c3ff918a06f48f42e.css
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 3016ee9e02f913a7cac4c4fdc28c5552afea273ee310d94f7520eb47d50669f9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-af"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK caas.9d51dd81df00ec18726ffe5ad0918865.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 41 KB
16 KB 58ms
53ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/caas.9d51dd81df00ec18726ffe5ad0918865.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 20ab02ab4d58b6fad10d4ec2d856dd2fcc6984f5f43832cc09f490ba69ad9307

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-a4c0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK g-r-min.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 204 KB
87 KB 63ms
63ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 8c6a14a96e308f070f495f999af4e39027527d649157fe1a3ffc116870e14697

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-32f1e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-loader-2.6.15.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 12 KB
3 KB 65ms
64ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-loader-2.6.15.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 2da8e6f60e9698291e4cfecbaf95ba806282637c28fa1cc7c2d7ef0e32e660e9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-30ff"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK sda.49ad5a43996ff69d6b12c33e7705e129.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 4 KB
2 KB 81ms
63ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/sda.49ad5a43996ff69d6b12c33e7705e129.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 4a66b92fc3985947226e9cba3cdd5687ed4746876da1c1f7e399a1cdd6c62409

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-105d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-sticky-1.2.2.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 9 KB
3 KB 98ms
50ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-sticky-1.2.2.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 6df75e91352dff7a5d6c9827c27612ff26c7954cf2fea7c6da459773865c6bc9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-227c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK rapid-3.53.38.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 50 KB
18 KB 166ms
60ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/rapid-3.53.38.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 1236e3d07c5be99605a2ce51cf62277390130d7e1666e31757c7182173c31f1c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-c816"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK cmp.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 64 KB
17 KB 58ms
51ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/cmp.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: f204ab420a5067e50cf449c161ca633301e47849248e691863bae78110990e60

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-101f5"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK cs_1.4.0.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 1 KB
2 KB 56ms
55ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/cs_1.4.0.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: d636b7c6e03c525b4bb0030d0a9d2908fb6e1e51bfbfc0ea0b25fb7b8da50321

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-4d8"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1240
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK tdv2-wafer-utils.19c76fb8.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 3 KB
4 KB 55ms
52ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/tdv2-wafer-utils.19c76fb8.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 30797f2f9f4f25064a692331c35f0216ef5225c11627cd1393847db1e8cff8ff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-d5d"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3421
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK finSearch.min.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 172 KB
54 KB 163ms
57ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/finSearch.min.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: f1c5cc39ece1de53f6288d53ff3847e660425d77debd81a7ac493903d74926be

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-2b1cf"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK consent.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 55 KB
17 KB 54ms
53ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/consent.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 3d7ffe1ecb061100760ab496bae435770032c862df220c02160bfd98fdaf07d1

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-daf4"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-module-2.0.0.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 5 KB
2 KB 51ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-module-2.0.0.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 5f86ec9907f6433f430f9caa406d5244809b9623f8ebac90868ae331775438c5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1208"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK spotIm.custom.SpotImJAC.a890015a7cd1c52f9ca06097087591ab.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 33 KB
11 KB 62ms
57ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/spotIm.custom.SpotImJAC.a890015a7cd1c52f9ca06097087591ab.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: a18f1f61513a044194cece1b38c0e512126976c8e590f800fe4bd406e697dc57

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-82f6"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-fetch-1.18.11.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 17 KB
6 KB 62ms
62ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-fetch-1.18.11.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c99e18f340da3013a89d08357f05aa510393fdbfc400c364f85439f6f8bcda9f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-42f3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-video-2.20.1.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 29 KB
9 KB 51ms
50ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-video-2.20.1.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 60a7550cfbb885a0a9f7007c8efcc3c0d9c2f968f87d263b5061d5cf8322c80b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-75b3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-beacon-1.3.4.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 11 KB
4 KB 49ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-beacon-1.3.4.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 504e05e34c69c7ecb5293f3fb31be8600db94d8b1076675844bc0b94cabd54f1

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-2b81"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-scrollview-2.18.8.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 32 KB
9 KB 52ms
51ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-scrollview-2.18.8.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: dc85247b4034d72a283958d72065ec4e1b937a3b3572944b948c5cdd12dd6f67

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-8198"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-toggle-1.15.4.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 13 KB
4 KB 52ms
52ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-toggle-1.15.4.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 18c32790c19d6483d673c06a3d9cf7f6d717fb88bf3698afbae2b04b033ed537

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-3289"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-form-1.33.0.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 14 KB
5 KB 51ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-form-1.33.0.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 52d9389cd526906e929ccece229fc8122685205a9a2a0aaf667d0907ef933576

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-3728"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-darla-1.8.0.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 12 KB
5 KB 51ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-darla-1.8.0.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 17657f91dc8a7010a869b39af18f5bdee723126a7467f77f929aaef9c53f2e40

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-30e7"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-caas-1.19.1.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 23 KB
8 KB 59ms
50ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-caas-1.19.1.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c67c77e7757e42a7c7a8e394e3a162dc2ea087d2f09afd7a1e39c3660a86c62b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-5dab"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-lightbox-1.10.5.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 14 KB
5 KB 62ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-lightbox-1.10.5.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: c9bbc35341f4aeaffb38d9d1a98b84e59eda553ce1faeaba1410006b90df518d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-3835"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-countdown-1.2.5.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 5 KB
2 KB 50ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-countdown-1.2.5.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: a1060b6dd1609d1165ffc70733edcc780fd8192fd74d229cba17f1fd402a43a4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-12f8"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-image-1.4.0.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 7 KB
3 KB 51ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-image-1.4.0.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 2b3162b9d90ea855e1d140d94062ed56fb3b8d98193f1f37680f864320d481fc

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1b10"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK tdv2-wafer-content-list.custom.c5b1d1b30a366567b8d67f27e343f60d.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 4 KB
4 KB 49ms
48ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/tdv2-wafer-content-list.custom.c5b1d1b30a366567b8d67f27e343f60d.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: ad24df8561b589323813953f7fd01e7aac1253b8570e78c9c2d07ac6488ea0e4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-fe1"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4065
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK wf-rapid-1.10.6.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 13 KB
4 KB 51ms
50ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-rapid-1.10.6.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 93b4d7141f0235efab12760ea30046e4640c1ea82e336561ff918435b04c1673

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-328b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK react-wafer-featurebar.custom.default.95a7979b4c06295e22960043d003fb49.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 2 KB
2 KB 50ms
50ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/react-wafer-featurebar.custom.default.95a7979b4c06295e22960043d003fb49.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 33de9ebb711226b9d7ebc94f2c9e9eaea6ab6346ea7bfd79828ec1fb819de33f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-647"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1607
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK react-wafer-subscription.custom.monalixa.default.3acd4d714f1d5780da18a78eccee4d24.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 1 KB
1 KB 49ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/react-wafer-subscription.custom.monalixa.default.3acd4d714f1d5780da18a78eccee4d24.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 314e1fe839edf550dc0b9df5652a95424a597f72fbc78c00f80976f297696a0d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-48c"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1164
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK 3c2171b.caas-article2_web.min.css
www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/ 105 KB
17 KB 118ms
53ms Stylesheet
text/css 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/3c2171b.caas-article2_web.min.css
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 4a94f6bee75aa79866b9b5e432a352b6e45c906c10eb348ca31b5b4317294d11

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1a4ee"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H2 200 yahoo_finance_en-US_h_p_financev2.png
s.yimg.com/rz/p/ 5 KB
6 KB 159ms
52ms Image
image/png 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/rz/p/yahoo_finance_en-US_h_p_financev2.png

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

879c22d7d11e8394e045a7ab8dfd514a9f9f8ef27adf8070a8372f69e07943b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:04:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: GJ97CFCQQRVM1354
age: 1660
x-amz-server-side-encryption: AES256
content-length: 5453
x-amz-id-2: pDnGQHR7hJt+2DAF/Nsd0EusCh8GjLhHrJ77x05sUlG3985eb87pc/Z8/KKTeGrz6bHMo3HBUDk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Mar 2023 21:32:39 GMT
server: ATS
etag: "2ff14860d1612c92b9373b855cf3d0d9"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
expires: Fri, 17 Mar 2023 23:00:00 GMT

GET
H2 200 yahoo_finance_en-US_h_w_financev2.png
s.yimg.com/rz/p/ 4 KB
4 KB 195ms
88ms Image
image/png 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/rz/p/yahoo_finance_en-US_h_w_financev2.png

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e4202fdaa44bd24962e5cc9943e81f3880c07261b70240417755975eff513bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 10:08:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: S4SM9ATSCXWX7TTJ
age: 19436
x-amz-server-side-encryption: AES256
content-length: 3779
x-amz-id-2: 9K/i8Ypuu9UWBN17ozwmgmfiroPFsLQ7LdtKSmNe8I865WlI2Qv8rQDZ3YAi18QSF+Y/DB3MOqM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Mar 2023 21:32:39 GMT
server: ATS
etag: "9d5d82593dae940c6529b473900ddfdb"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
expires: Fri, 17 Mar 2023 23:00:00 GMT

GET
H/1.1 200
OK logo-18-18.svg
www.rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/ 741 B
1 KB 51ms
51ms Image
image/svg+xml 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/logo-18-18.svg
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: e4ee215e9c740c7eb984b200253336cbd8c65695492c9d443f4a6e3e256f870d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-2e5"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 741
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK cerebro_min.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 6 KB
2 KB 51ms
50ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/cerebro_min.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: b168be397ac36dbca02b07547dad2a928427e765df9b49a931f05db057f3a83c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1604"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK 0f36fba0-1cea-11ed-bee7-af68ceb219c6
www.rinehartfarm.com/lander/vayt-masha-28.02-6/img/ 640 KB
640 KB 135ms
135ms Image
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/img/0f36fba0-1cea-11ed-bee7-af68ceb219c6
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK wf-core-1.61.3.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 174 KB
40 KB 60ms
56ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-core-1.61.3.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 983142f7f74bc016f252894067351b2af7d87a59d31a201376e08f374413eaeb

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-2b8be"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK yaft-0.3.28.min.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 17 KB
6 KB 64ms
55ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/yaft-0.3.28.min.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-42f0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK feb44f4.caas-article2_web.min.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 128 KB
32 KB 54ms
53ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/feb44f4.caas-article2_web.min.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 5fea1a0dbbe96d453e3c8d4b47e1f8f646a7ecc4abcbf7779862f491ac4a09e0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: W/"63fd922c-1ff07"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H/1.1 200
OK advertisement_0.0.19.js Show response
www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/ 158 B
504 B 55ms
49ms Script
application/javascript 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/advertisement_0.0.19.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-9e"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 158
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET US
query1.finance.yahoo.com/v1/finance/trending/ 0
0

GET
H/1.1 200
OK spritify-sprite-light-fd484ded-e3dce7a4.png
www.rinehartfarm.com/lander/vayt-masha-28.02-6/img/ 12 KB
12 KB 59ms
49ms Image
image/png 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/img/spritify-sprite-light-fd484ded-e3dce7a4.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 506648db425e3801b3b45aca2382efaed10698e5af1dcb90fc8cffb2b090704e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-2ebf"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11967
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H2 200 marketTime.fbd97d839c0f2c235883.js Show response
s.yimg.com/uc/finance/webcore/js/ 203 KB
64 KB 53ms
53ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uc/finance/webcore/js/marketTime.fbd97d839c0f2c235883.js

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

cf6e8632455597e764c74736941b8859a7458b4de5f2294947a4abdf1662751b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: XRMN642NJE4C7GYW
age: 1372270
x-amz-server-side-encryption: AES256
x-amz-id-2: f03ts+ysoBrB3tSmuAmbaRAlX1sdxBmDzVfXXuM0H+69szi2jkf2JeCdhV+I+DzfViJy3UyElqs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 21:14:58 GMT
server: ATS
etag: "f405fdc5cbbcaf1cbac192d171f89571-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 marketSummary.49bc65bfd2fd44d6fc91.js Show response
s.yimg.com/uc/finance/webcore/js/ 259 KB
85 KB 52ms
51ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uc/finance/webcore/js/marketSummary.49bc65bfd2fd44d6fc91.js

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

68b6d95d23388dfe19a9e50f5697c58fa43418da4cf7bc8571e065afc730d767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: MHR9JNTXFG787TPR
age: 1379898
x-amz-server-side-encryption: AES256
x-amz-id-2: lUHLe4QD9i4heplW9JiyHC25eQkKoJ3Nx4+0KZDLm7BGIyoUesZ0bc7Mh451litPC9UIAS7Udas=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 21:14:58 GMT
server: ATS
etag: "70c67d8e390336bc71db1366f8f1a926-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET consentRecord
guce.yahoo.com/v1/ 0
0

GET
H/1.1 200
OK YahooSansCond-XBold.woff2
www.rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/ 12 KB
12 KB 49ms
49ms Font
font/woff2 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/fonts/YahooSansCond-XBold.woff2
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/yahoosans.4e1e076763861e0d17cdc2af84ef1ef4.css
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: a20c6fca1545a35f9ecd601cc41f9df7b24f55cfced32d55abe50b46b5842a95

Request headers

Referer: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/css/yahoosans.4e1e076763861e0d17cdc2af84ef1ef4.css
Origin: http://www.rinehartfarm.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:24 GMT
Last-Modified: Tue, 28 Feb 2023 05:33:32 GMT
Server: nginx
ETag: "63fd922c-2f20"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12064
Expires: Mon, 27 Mar 2023 15:32:24 GMT

GET
H2 200 337_842fb37f16.chunk.js Show response
s.yimg.com/aaq/c/ 10 KB
4 KB 57ms
57ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/337_842fb37f16.chunk.js

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/feb44f4.caas-article2_web.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

7e926fbc63ec1370ffa4ca3778637b9b183d6da7a7a1539b78329cafc2f22f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:36:43 GMT
x-amz-version-id: iFZz9HhbmU6oiUNH4Ga36zW3WB7rDL_E
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 1S98513B9D479M1J
age: 1587344
x-amz-server-side-encryption: AES256
x-amz-id-2: UgPvR1yn5kojzBUf0vvpvuV/UJvurt0ck72ZLI4C3dL6OA9tMs4j1MyxVMUPCL9D2u6+t7CtyQM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 26 Feb 2023 07:09:58 GMT
server: ATS
etag: "4006fd808ab8bbc0325ca65d29ef64e6-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 2927_842fb37f16.chunk.js Show response
s.yimg.com/aaq/c/ 20 KB
6 KB 56ms
56ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/2927_842fb37f16.chunk.js

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/feb44f4.caas-article2_web.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

a0db2bd28c98bd3023a5f63cd4c4fa1e180bfeb8a220f8ed07ed7cc2a7dc2607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:36:43 GMT
x-amz-version-id: Lw6.fMWw0Eq74kc47bDo3QAsS96MCWcf
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 1S9AW5F2MC1TCNEV
age: 1587344
x-amz-server-side-encryption: AES256
x-amz-id-2: Myya8As5sYcksPh388zCxfu3dmCOaQ+CIZppPNAAjl1pcXHPTFHRc3H3msSKhUNZMPHpvkQqEqg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 26 Feb 2023 07:09:57 GMT
server: ATS
etag: "a08a04d158e22fa57da1792f10542576-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

POST remote
embed.fireplace.yahoo.com/_rcv/ 0
0

POST
H/1.1 200
OK remote Show response
www.rinehartfarm.com/nel_ms/_rcv/ 640 KB
120 KB 141ms
140ms Fetch
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/nel_ms/_rcv/remote?m_id=tdv2-wafer-content-list&ctrl=Stream&module=moreStories&site=finance&device=desktop&lang=en-US&region=US&bucket=finance-US-en-US-def&rid=ajt4qvdhvr4fi&m_mode=json
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-core-1.61.3.js
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 92048fe17ab99379696001bc409ad3456f8bc3d01670f6e2993e9d93b2d55874

Request headers

Referer: http://www.rinehartfarm.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

POST
H/1.1 200
OK remote Show response
www.rinehartfarm.com/fp_ms/_rcv/ 640 KB
120 KB 175ms
175ms Fetch
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/fp_ms/_rcv/remote?m_mode=json&ctrl=SubscriptionMonalixa&m_id=react-wafer-subscription
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-core-1.61.3.js
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 344c047bd023bf7735dad087f56e67c775aac4cf0b9c20c8de483f244b82caa6

Request headers

Referer: http://www.rinehartfarm.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 exp.json Show response
edge-mcdn.secure.yahoo.com/ybar/ 2 KB
2 KB 53ms
49ms Fetch
application/json 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-mcdn.secure.yahoo.com/ybar/exp.json

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/cerebro_min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

5cb2b348029a5c8cad5342d73f5f78ac09ad0cf6ebde80b5a1ed069f08332ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:22:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3F0KDMGD9ZNWHMTH
age: 14984
x-amz-server-side-encryption: AES256
content-length: 1784
x-amz-id-2: zADq2fJUAMpoV7OiYLSm+mOxzHITHz/cr4t7hOLwvLD4BI7D3rKRfqkhjBGcEJptWUvPKSWRcdQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Dec 2022 17:20:56 GMT
server: ATS
etag: "877792d86d801176269a36ac7b4e6e02"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 streamer.70fa1a924bdc58efa713.js Show response
s.yimg.com/uc/finance/webcore/js/ 292 KB
92 KB 57ms
56ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uc/finance/webcore/js/streamer.70fa1a924bdc58efa713.js

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e4747850a5b4d1e9920a61fb7f0e247efaae09920c22cc0f0d86ed70fbf2e10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 02:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 8P6RJJKVWYAHT2ZK
age: 1344095
x-amz-server-side-encryption: AES256
x-amz-id-2: kru2JsvO+ax1RmSxHsGwhvM2U/54+eoLpu8T6k16FdgM4KAeSglziAdPwHb9/fOthOGjZG6S3S8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 21:14:58 GMT
server: ATS
etag: "c584de8dd6eb1c385c4057d85c7c8123-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 perf-vitals_3.1.0.js Show response
s.yimg.com/cx/pv/ 8 KB
3 KB 56ms
56ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cx/pv/perf-vitals_3.1.0.js

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

baa52e8ac769d702e14fd1fa5a4363a1fc7e6462115ab6bcdbb317ce0e99da8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 14:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: JDAGAE490ZJQ69SW
age: 3476
x-amz-server-side-encryption: AES256
x-amz-id-2: 7TbWEZ16+ofHgQnV1EDUdYPjXT6px2DAXTxf8YzKzj3eA826AryRuAlF6gkVWHosg29ax9CYrZZ/d5mAnOys2Q==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Jan 2023 00:09:27 GMT
server: ATS
etag: "26831b6bd9ea430823f593b6a70c7375-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 r-csc.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame 72B1 2 KB
1 KB 55ms
54ms Document
text/html 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-csc.html

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

3f1fdef4f502d2db072df997a1b83e977c3e257521551a9e4de98b1c28fa8a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 2326
cache-control: public,max-age=31536000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 14:53:40 GMT
etag: "1ff9b6e511ccd76562520a75bae161d2-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: mK/ec+Sb4aQ3olaAgqFpE0KDH/jZ1wi/aWfSaZ75ZmKhecuy7rBgaJdPo5LLMOzeux6Qm5NSkNY=
x-amz-request-id: 33VQWD50DPEJE8RV
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame 936E 2 KB
960 B 60ms
59ms Document
text/html 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6576
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame 7DE4 2 KB
807 B 57ms
56ms Document
text/html 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6576
cache-control: public,max-age=31536000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame 68E9 2 KB
799 B 51ms
51ms Document
text/html 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6576
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adcount%7C2.0%7C5113.1%7C4948213%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=31766;adcid=0;itime=562354435;reqtype=5;;impref=16775623542580318895;imprefseq=14360940497606356;imprefts=1677562354;adcl...
5.ras.yahoo.com/ 1 B
201 B 536ms
410ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4948213%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=31766;adcid=0;itime=562354435;reqtype=5;;impref=16775623542580318895;imprefseq=14360940497606356;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=MAST;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y409682;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4948339%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=33881;adcid=0;itime=562354437;reqtype=5;;impref=16775623542580318898;imprefseq=14360940497606359;imprefts=1677562354;adcl...
5.ras.yahoo.com/ 1 B
201 B 291ms
165ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4948339%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=33881;adcid=0;itime=562354437;reqtype=5;;impref=16775623542580318898;imprefseq=14360940497606359;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=MON;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y409828;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C5206752%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=14320;adcid=0;itime=562354418;reqtype=5;;impref=16775623542580318832;imprefseq=14360940497606335;imprefts=1677562354;adcln...
5.ras.yahoo.com/ 1 B
202 B 291ms
166ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C5206752%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=14320;adcid=0;itime=562354418;reqtype=5;;impref=16775623542580318832;imprefseq=14360940497606335;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=INARTICLE;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y963903263;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4863223%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=5060;adcid=0;itime=562354411;reqtype=5;;impref=16775623542580318769;imprefseq=14360940497606323;imprefts=1677562354;adclnt...
5.ras.yahoo.com/ 1 B
204 B 288ms
163ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4863223%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=5060;adcid=0;itime=562354411;reqtype=5;;impref=16775623542580318769;imprefseq=14360940497606323;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=BTNA;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y407889;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4863233%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=7509;adcid=0;itime=562354413;reqtype=5;;impref=16775623542580318792;imprefseq=14360940497606326;imprefts=1677562354;adclnt...
5.ras.yahoo.com/ 1 B
201 B 278ms
154ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4863233%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=7509;adcid=0;itime=562354413;reqtype=5;;impref=16775623542580318792;imprefseq=14360940497606326;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=BTNB;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y407890;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4863240%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=9827;adcid=0;itime=562354415;reqtype=5;;impref=16775623542580318804;imprefseq=14360940497606329;imprefts=1677562354;adclnt...
5.ras.yahoo.com/ 1 B
476 B 274ms
150ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4863240%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=9827;adcid=0;itime=562354415;reqtype=5;;impref=16775623542580318804;imprefseq=14360940497606329;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=BTNC;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y407891;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4863245%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=12080;adcid=0;itime=562354416;reqtype=5;;impref=16775623542580318817;imprefseq=14360940497606332;imprefts=1677562354;adcln...
5.ras.yahoo.com/ 1 B
202 B 145ms
145ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4863245%7C0%7C0%7CAdId=-3;BnId=0;ct=3963478407;st=12080;adcid=0;itime=562354416;reqtype=5;;impref=16775623542580318817;imprefseq=14360940497606332;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=BTND;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y407892;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4948593%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=35972;adcid=0;itime=562354438;reqtype=5;;impref=16775623542580318909;imprefseq=14360940497606362;imprefts=1677562354;adcl...
5.ras.yahoo.com/ 1 B
202 B 144ms
143ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4948593%7C0%7C0%7CAdId=-41;BnId=0;ct=3963478407;st=35972;adcid=0;itime=562354438;reqtype=5;;impref=16775623542580318909;imprefseq=14360940497606362;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=MON2;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y410010;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830144%7C0%7C225%7CAdId=11101939;BnId=2;ct=3963478407;st=16948;adcid=1;itime=562354419;reqtype=5;;impref=16775623542580318841;imprefseq=14360940497606338;imprefts=16775623...
5.ras.yahoo.com/ 1 B
202 B 176ms
175ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830144%7C0%7C225%7CAdId=11101939;BnId=2;ct=3963478407;st=16948;adcid=1;itime=562354419;reqtype=5;;impref=16775623542580318841;imprefseq=14360940497606338;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LDRB;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402804;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830165%7C0%7C170%7CAdId=11101861;BnId=2;ct=3963478407;st=22090;adcid=1;itime=562354423;reqtype=5;;impref=16775623542580318853;imprefseq=14360940497606344;imprefts=16775623...
5.ras.yahoo.com/ 1 B
201 B 168ms
168ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830165%7C0%7C170%7CAdId=11101861;BnId=2;ct=3963478407;st=22090;adcid=1;itime=562354423;reqtype=5;;impref=16775623542580318853;imprefseq=14360940497606344;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LREC;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402806;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830145%7C0%7C170%7CAdId=11101864;BnId=2;ct=3963478407;st=24595;adcid=1;itime=562354427;reqtype=5;;impref=16775623542580318861;imprefseq=14360940497606347;imprefts=16775623...
5.ras.yahoo.com/ 1 B
202 B 181ms
181ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830145%7C0%7C170%7CAdId=11101864;BnId=2;ct=3963478407;st=24595;adcid=1;itime=562354427;reqtype=5;;impref=16775623542580318861;imprefseq=14360940497606347;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LREC2;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402807;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:25 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

OPTIONS
H2 204 remote
embed.fireplace.yahoo.com/_rcv/ Frame 0
0 338ms
80ms Preflight 87.248.100.208
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.fireplace.yahoo.com/_rcv/remote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.208 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-ui71.prod.media.vip.ir2.yahoo.com

Software

ATS / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .ampproject.org .aol.com .autoblog.com .betterme-magazine.com .campaign.yahoo.com.tw .launch3d.com .engadget.com .google.com .huffingtonpost.ca .huffingtonpost.co.uk .huffingtonpost.com.au .huffingtonpost.com .huffingtonpost.es .huffingtonpost.fr .huffingtonpost.gr .huffingtonpost.it .huffingtonpost.jp .huffingtonpost.kr .huffpost.ca .huffpost.com .huffpost.net .huffpostbrasil.com .intheknow.com .oath.com .paas.ec.yahoo.com:4443 pnr.ouryahoo.com .pnr.ouryahoo.com .shopping.yahoo.com .tw.campaign.yahoo.net .yahoo.ca .yahoo.com:3000 .yahoo.com.tw .yahoo.com enlight.yahoo.net enlight-stage.yahoo.net; font-src s.yimg.com; report-uri https://csp.yahoo.com/beacon/csp?src=embed.fireplace.yahoo.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://www.rinehartfarm.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST
age: 0
cache-control: max-age=0, private
content-length: 0
content-security-policy: frame-ancestors 'self' *.ampproject.org *.aol.com *.autoblog.com *.betterme-magazine.com *.campaign.yahoo.com.tw *.launch3d.com *.engadget.com *.google.com *.huffingtonpost.ca *.huffingtonpost.co.uk *.huffingtonpost.com.au *.huffingtonpost.com *.huffingtonpost.es *.huffingtonpost.fr *.huffingtonpost.gr *.huffingtonpost.it *.huffingtonpost.jp *.huffingtonpost.kr *.huffpost.ca *.huffpost.com *.huffpost.net *.huffpostbrasil.com *.intheknow.com *.oath.com *.paas.ec.yahoo.com:4443 pnr.ouryahoo.com *.pnr.ouryahoo.com *.shopping.yahoo.com *.tw.campaign.yahoo.net *.yahoo.ca *.yahoo.com:3000 *.yahoo.com.tw *.yahoo.com enlight.yahoo.net enlight-stage.yahoo.net; font-src s.yimg.com; report-uri https://csp.yahoo.com/beacon/csp?src=embed.fireplace.yahoo.com
date: Fri, 17 Mar 2023 15:32:25 GMT
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
expires: -1
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-decorator-operation: fireplace-module-server--mtls-production-ir2.fireplace-k8s.svc.yahoo.local:4080/*
x-envoy-upstream-service-time: 2
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 jac.js Show response
openweb.jac.yahoosandbox.com/1.5.0/ 130 KB
39 KB 154ms
47ms Script
application/javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/spotIm.custom.SpotImJAC.a890015a7cd1c52f9ca06097087591ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://yahoo.com https://*.yahoo.com https://techcrunch.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors https://yahoo.com https://*.yahoo.com https://techcrunch.com
x-amz-request-id: T5B3KB40QGHRJ015
age: 10446
x-amz-server-side-encryption: AES256
content-length: 39811
x-amz-id-2: 9QVHHggvpnUR9npdXfnKJOWybRe1uCjV086rD5TU49csjHNA5pEeoHL/5KKA6Ibb3/UjsPDDqRg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
server: ATS
etag: "ba7ab9e2045b668f3f93509ade11995d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes

GET
H/1.1 404
Not Found __rapid-worker-1.2.js
www.rinehartfarm.com/ 548 B
696 B 53ms
53ms Other
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/__rapid-worker-1.2.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

POST
H/1.1 200
OK reporting-observer
www.rinehartfarm.com/_td_api/beacon/ 640 KB
120 KB 176ms
176ms Ping
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/_td_api/beacon/reporting-observer?meta=%7B%22sourceFile%22%3Anull%2C%22lineNumber%22%3Anull%2C%22columnNumber%22%3Anull%2C%22id%22%3A%224302%22%2C%22message%22%3A%22Deprecation%20messages%20are%20stored%20in%20the%20devtools-frontend%20repo%20at%20front_end%2Fmodels%2Fissues_manager%2FDeprecationIssue.ts.%22%2C%22anticipatedRemoval%22%3Anull%7D&src=deprecation&_rdn=145549&rid=ajt4qvdhvr4fi&bucket=finance-US-en-US-def&device=desktop&osName=linux&browserName=firefox&browserVersion=45.0&site=finance
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/tdv2-wafer-utils.19c76fb8.js
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 87cae86ffab4a825efd06a602c30563b9e29208314ba093a26a3550013358080

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

POST yql
udc.yahoo.com/v2/public/ 0
0

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame 936E 63 KB
27 KB 48ms
48ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: K90X4YVGEX1N8A52
age: 2612910
x-amz-server-side-encryption: AES256
content-length: 27596
x-amz-id-2: +Cb1UrGGdc70ZYNBtk3W/rcHKe7M+Ir9Ex/J9Q/KOmV5fqlzp2e7rCDVXMCbP75HnXH5IymelVw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
264 B 164ms
48ms Image
image/gif 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=7241469&c5=1183310220&c7=other%2Fchinese-bitcoin-mining-company-delivers-084958533.html&c14=-1&c8=Chinese%20Bitcoin%20Mining%20Company%20Delivers%20First%20Machines%20to%20Kazakhstan&c9=&gdpr=0&gdpr_consent=&cs_ucfr=0&ns_c=UTF-8&ns__t=1679067145686
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:25 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 43
x-amz-cf-id: 07Z5GMJFewfNn3HYP-S2uG2emNU-jTSmb-wgeDLzWyNeewGLIKdZiw==
x-cache: Miss from cloudfront
content-type: image/gif

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame 7DE4 63 KB
27 KB 49ms
48ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: K90X4YVGEX1N8A52
age: 2612910
x-amz-server-side-encryption: AES256
content-length: 27596
x-amz-id-2: +Cb1UrGGdc70ZYNBtk3W/rcHKe7M+Ir9Ex/J9Q/KOmV5fqlzp2e7rCDVXMCbP75HnXH5IymelVw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame 68E9 63 KB
27 KB 50ms
49ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: K90X4YVGEX1N8A52
age: 2612910
x-amz-server-side-encryption: AES256
content-length: 27596
x-amz-id-2: +Cb1UrGGdc70ZYNBtk3W/rcHKe7M+Ir9Ex/J9Q/KOmV5fqlzp2e7rCDVXMCbP75HnXH5IymelVw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

POST
H/1.1 200
OK error
www.rinehartfarm.com/_td_api/beacon/ 640 KB
120 KB 269ms
269ms Ping
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/_td_api/beacon/error?err=WaferFetch&beaconType=wafer_err&info=%7B%22message%22%3A%22Failed%20to%20fetch%22%2C%22retryCount%22%3A2%2C%22targetElem%22%3A%7B%7D%2C%22url%22%3A%22https%3A//embed.fireplace.yahoo.com/_rcv/remote%22%7D&stack=&connection=%7B%22downlink%22%3A9.2%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&rid=ajt4qvdhvr4fi&bucket=finance-US-en-US-def&device=desktop&osName=linux&browserName=firefox&browserVersion=45.0
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-core-1.61.3.js
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 8aeac920ec9dbdec2102d5790c0c97031685bae8f252caed19125ae08cad9a0d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:26 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 404 px.gif
www.yahoo.com/ 0
0 216ms
71ms Image
text/html 87.248.100.216
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yahoo.com/px.gif?ch=1&rn=5.302580804303001
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.248.100.216 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: media-router-fp74.prod.media.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 px.gif
www.yahoo.com/ 0
0 216ms
72ms Image
text/html 87.248.100.216
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yahoo.com/px.gif?ch=2&rn=5.302580804303001
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.248.100.216 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: media-router-fp74.prod.media.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET quote
query1.finance.yahoo.com/v7/finance/ 0
0

POST
H/1.1 200
OK error
www.rinehartfarm.com/_td_api/beacon/ 640 KB
120 KB 279ms
279ms Ping
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/_td_api/beacon/error?err=WaferFetch&beaconType=wafer_err&info=%7B%22message%22%3A%22Malformed%20response%22%2C%22retryCount%22%3A2%2C%22targetElem%22%3A%7B%7D%2C%22url%22%3A%22/nel_ms/_rcv/remote%3Fm_id%3Dtdv2-wafer-content-list%26ctrl%3DStream%26module%3DmoreStories%26site%3Dfinance%26device%3Ddesktop%26lang%3Den-US%26region%3DUS%26bucket%3Dfinance-US-en-US-def%26rid%3Dajt4qvdhvr4fi%26m_mode%3Djson%22%7D&stack=&connection=%7B%22downlink%22%3A9.2%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&rid=ajt4qvdhvr4fi&bucket=finance-US-en-US-def&device=desktop&osName=linux&browserName=firefox&browserVersion=45.0
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-core-1.61.3.js
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 8aeac920ec9dbdec2102d5790c0c97031685bae8f252caed19125ae08cad9a0d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:26 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

POST
H/1.1 200
OK error
www.rinehartfarm.com/_td_api/beacon/ 640 KB
120 KB 254ms
253ms Ping
text/html 213.226.126.234
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rinehartfarm.com/_td_api/beacon/error?err=WaferFetch&beaconType=wafer_err&info=%7B%22message%22%3A%22Malformed%20response%22%2C%22retryCount%22%3A2%2C%22targetElem%22%3A%7B%7D%2C%22url%22%3A%22/fp_ms/_rcv/remote%3Fm_mode%3Djson%26ctrl%3DSubscriptionMonalixa%26m_id%3Dreact-wafer-subscription%22%7D&stack=&connection=%7B%22downlink%22%3A9.2%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&rid=ajt4qvdhvr4fi&bucket=finance-US-en-US-def&device=desktop&osName=linux&browserName=firefox&browserVersion=45.0
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/wf-core-1.61.3.js
Protocol: HTTP/1.1
Server: 213.226.126.234 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds-cb47696.timeweb.ru
Software: nginx /
Resource Hash: 8aeac920ec9dbdec2102d5790c0c97031685bae8f252caed19125ae08cad9a0d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:26 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

p
3p-geo.yahoo.com/
Redirect Chain

http://3p-geo.yahoo.com/p?s=1183310220&t=PBlXwRfILbbpyiT4,0.6963802396263072&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03...
https://3p-geo.yahoo.com/p?s=1183310220&t=PBlXwRfILbbpyiT4,0.6963802396263072&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%0...

43 B
73 B

479ms
74ms

Ping
image/gif

188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://3p-geo.yahoo.com/p?s=1183310220&t=PBlXwRfILbbpyiT4,0.6963802396263072&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_ttfb%22%3A1031%2C%22perf_ttfb_rating%22%3A%22needs-improvement%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067145%04_ms%03849%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:26 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

Redirect headers

Date: Fri, 17 Mar 2023 15:32:25 GMT
Server: ATS
Content-Language: en
Location: https://3p-geo.yahoo.com/p?s=1183310220&t=PBlXwRfILbbpyiT4,0.6963802396263072&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_ttfb%22%3A1031%2C%22perf_ttfb_rating%22%3A%22needs-improvement%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067145%04_ms%03849%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031
Content-Type: text/html
Cache-Control: no-store, no-cache, private, max-age=0
Connection: keep-alive
Content-Length: 8
Expires: -1

GET spark
query1.finance.yahoo.com/v7/finance/ 0
0

GET markettime
query1.finance.yahoo.com/v6/finance/ 0
0

GET
H2

200

p
3p-geo.yahoo.com/
Redirect Chain

http://3p-geo.yahoo.com/p?s=1183310220&t=7W4KP4WsNPXqZ44O,0.1488513136381282&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03...
https://3p-geo.yahoo.com/p?s=1183310220&t=7W4KP4WsNPXqZ44O,0.1488513136381282&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%0...

43 B
446 B

431ms
73ms

Ping
image/gif

188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://3p-geo.yahoo.com/p?s=1183310220&t=7W4KP4WsNPXqZ44O,0.1488513136381282&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_fcp%22%3A1679%2C%22perf_fcp_rating%22%3A%22good%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067146%04_ms%03118%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:26 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

Redirect headers

Date: Fri, 17 Mar 2023 15:32:26 GMT
Server: ATS
Content-Language: en
Location: https://3p-geo.yahoo.com/p?s=1183310220&t=7W4KP4WsNPXqZ44O,0.1488513136381282&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_fcp%22%3A1679%2C%22perf_fcp_rating%22%3A%22good%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067146%04_ms%03118%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031
Content-Type: text/html
Cache-Control: no-store, no-cache, private, max-age=0
Connection: keep-alive
Content-Length: 8
Expires: -1

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame 936E 4 KB
2 KB 655ms
183ms Script
application/x-javascript 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB|562354419&brxdSiteId=4451051&yadpos=LDRB&pos=ipemeafinanceldrb&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: df8c74a629c51de014bce7844daf00de4572feb98bc1023a4010e5ab17db20e7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:26 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 1711
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame 936E 318 KB
107 KB 517ms
46ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1857
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame 936E 565 B
958 B 499ms
29ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
x-amz-version-id: null
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
age: 39237
x-amz-request-id: KPNXB3V80ADW05F8
etag: "349bad1100a940608cb9109eb2b166a2"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame 936E 1 KB
1 KB 501ms
32ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
x-amz-version-id: null
age: 80755
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame 7DE4 4 KB
2 KB 634ms
190ms Script
application/x-javascript 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC|562354423&brxdSiteId=4451051&yadpos=LREC&pos=ipemeafinancelrec&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 56b39aafd32c6d5dd1bfa2663cc899b86b7b277e7bc97e79ba56df1a50f46c27

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:26 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 1711
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame 7DE4 318 KB
107 KB 542ms
99ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1857
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame 7DE4 565 B
637 B 480ms
39ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
x-amz-version-id: null
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
age: 39237
x-amz-request-id: KPNXB3V80ADW05F8
etag: "349bad1100a940608cb9109eb2b166a2"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame 7DE4 1 KB
1 KB 481ms
41ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
x-amz-version-id: null
age: 80755
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame 68E9 4 KB
2 KB 592ms
175ms Script
application/x-javascript 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC2|562354427&brxdSiteId=4451051&yadpos=LREC2&pos=ipemeafinancelrec2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b4a02324ddd8805824e8cb386acf7d1405bb1147c32791b4651d5a2fc17f04bd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:26 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 1709
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame 68E9 318 KB
107 KB 539ms
124ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1857
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame 68E9 565 B
637 B 446ms
33ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
x-amz-version-id: null
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
age: 39237
x-amz-request-id: KPNXB3V80ADW05F8
etag: "349bad1100a940608cb9109eb2b166a2"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame 68E9 1 KB
1 KB 449ms
37ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
x-amz-version-id: null
age: 80755
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
BLOB 200
OK 9ae93cda-1b34-460f-ad02-20b044969800
http://www.rinehartfarm.com/ 61 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.rinehartfarm.com/9ae93cda-1b34-460f-ad02-20b044969800
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0dd2f7d37cfa51424fc969bde8bfa6ee89c0616ef07fb62b61732ac156bf153

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 62362
Content-Type

GET
H2

200

p
3p-geo.yahoo.com/
Redirect Chain

http://3p-geo.yahoo.com/p?s=1183310220&t=ORaOlVPbdaa2gzh5,0.0343632301022232&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03...
https://3p-geo.yahoo.com/p?s=1183310220&t=ORaOlVPbdaa2gzh5,0.0343632301022232&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%0...

43 B
97 B

202ms
79ms

Ping
image/gif

188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://3p-geo.yahoo.com/p?s=1183310220&t=ORaOlVPbdaa2gzh5,0.0343632301022232&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_pfb%031031%04A_pbp%03150%04A_psr%03488%04A_pdi%032111%04A_pdl%03635%04A_psc%0352%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067146%04_ms%03417%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:26 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

Redirect headers

Date: Fri, 17 Mar 2023 15:32:26 GMT
Server: ATS
Content-Language: en
Location: https://3p-geo.yahoo.com/p?s=1183310220&t=ORaOlVPbdaa2gzh5,0.0343632301022232&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_pfb%031031%04A_pbp%03150%04A_psr%03488%04A_pdi%032111%04A_pdl%03635%04A_psc%0352%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067146%04_ms%03417%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031
Content-Type: text/html
Cache-Control: no-store, no-cache, private, max-age=0
Connection: keep-alive
Content-Length: 8
Expires: -1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 68E9 79 KB
27 KB 168ms
54ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC2|562354427&brxdSiteId=4451051&yadpos=LREC2&pos=ipemeafinancelrec2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

fe4db8848e2badc0361eed7dd59b1991e2eb65d78de9cb32382a62aa41e503a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27472
x-xss-protection: 0
server: sffe
etag: "1513 / 536 of 1000 / last-modified: 1679051457"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 15:32:26 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 68E9 19 B
44 B 249ms
55ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58301,58294,55953,55936,58292,58160,55938,55859,58222,47,58581&referrer=finance.yahoo.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame 68E9 43 B
70 B 75ms
54ms Image
image/gif 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926533&grp=%3F%3F%3F&nl=1679067146761&rts=1679067146637&pix=1&et=1&a=8ba2be28a5f24e7bbcb61deb4397157b&m=aXAtMTAtMjItMTIzLTEwNA..&b=MTMxMjM7RU1FQSAtIEFkWCBQYXNzYmFjazs_Pz87Ozs7NjhkNzNkZGZiNDYzNDJiM2EzOTYyZTQzNGM5NGZjMjM7Mjk0NjMzMjI7MTY3OTA2MzU1OTs7MDs7MDs7cGFzc2JhY2stMTI3MTQ7OzE7MTs.&uid=y-QMHKvadE2rOWjgSaAvyxINQzh.C6qQZ.lGUZQT_JLDHD%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&af=7&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=5
Requested by: Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC2|562354427&brxdSiteId=4451051&yadpos=LREC2&pos=ipemeafinancelrec2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 68E9 69 KB
16 KB 72ms
55ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: QNY8TFB7PYCQHDCT
age: 197
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: NDMdEi0S0mvv/0jWCen+WuBm368vOg3+/kKlg6XH7Map3vY18TQhBBjQIYmV17G5OPrYRZcmHzM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 936E 79 KB
27 KB 205ms
97ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB|562354419&brxdSiteId=4451051&yadpos=LDRB&pos=ipemeafinanceldrb&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

fe4db8848e2badc0361eed7dd59b1991e2eb65d78de9cb32382a62aa41e503a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27472
x-xss-protection: 0
server: sffe
etag: "1513 / 528 of 1000 / last-modified: 1679051457"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 15:32:26 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 936E 19 B
150 B 238ms
50ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58301,58294,55953,55936,58292,58160,55938,55859,58222,57630,47&referrer=finance.yahoo.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB|562354419&brxdSiteId=4451051&yadpos=LDRB&pos=ipemeafinanceldrb&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame 936E 43 B
70 B 68ms
53ms Image
image/gif 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926548&grp=%3F%3F%3F&nl=1679067146767&rts=1679067146637&pix=1&et=1&a=fbada2de0c8a41efb0f680e2d2bab8f7&m=aXAtMTAtMjItMTEyLTEwNg..&b=MTMxMjM7RU1FQSAtIEFkWCBQYXNzYmFjazs_Pz87Ozs7ZTdiMGI0Yzg0YjI0NGQ1Y2I1NjY5NWZmOWM0NWVkZDg7Mjk0NjMzMjI7MTY3OTA2MzU1OTs7MDs7MDs7cGFzc2JhY2stMTI3MTU7OzE7MTs.&uid=y-QMHKvadE2rOWjgSaAvyxINQzh.C6qQZ.lGUZQT_JLDHD%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&af=7&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=5
Requested by: Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB|562354419&brxdSiteId=4451051&yadpos=LDRB&pos=ipemeafinanceldrb&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 936E 69 KB
16 KB 73ms
59ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB|562354419&brxdSiteId=4451051&yadpos=LDRB&pos=ipemeafinanceldrb&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: QNY8TFB7PYCQHDCT
age: 197
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: NDMdEi0S0mvv/0jWCen+WuBm368vOg3+/kKlg6XH7Map3vY18TQhBBjQIYmV17G5OPrYRZcmHzM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7DE4 79 KB
27 KB 218ms
119ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC|562354423&brxdSiteId=4451051&yadpos=LREC&pos=ipemeafinancelrec&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5c91e5a423b545e6cf71afe04e0888d05dbf73753666f25e1af5bc31ba8839ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27475
x-xss-protection: 0
server: sffe
etag: "1513 / 832 of 1000 / last-modified: 1679051457"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 15:32:26 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 7DE4 19 B
53 B 236ms
57ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58292,55938,57630,47,55859,58294,55953,58529,55940,58382,58301,58581&referrer=finance.yahoo.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC|562354423&brxdSiteId=4451051&yadpos=LREC&pos=ipemeafinancelrec&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame 7DE4 43 B
109 B 58ms
51ms Image
image/gif 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926530&grp=%3F%3F%3F&nl=1679067146772&rts=1679067146637&pix=1&et=1&a=d2388a6c45ff40ea953c652d8055e862&m=aXAtMTAtMjItMTIxLTI0NA..&b=MTMxMjM7RU1FQSAtIEFkWCBQYXNzYmFjazs_Pz87Ozs7MTg5NDUxMGRiZWVjNDk1NzlkZjE5YzUyNGU0ZmZlYjg7Mjk0NjMzMjI7MTY3OTA2MzU1OTs7MDs7MDs7cGFzc2JhY2stMTI3MTQ7OzE7MTs.&uid=y-QMHKvadE2rOWjgSaAvyxINQzh.C6qQZ.lGUZQT_JLDHD%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&af=7&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=5
Requested by: Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC|562354423&brxdSiteId=4451051&yadpos=LREC&pos=ipemeafinancelrec&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:26 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 7DE4 69 KB
16 KB 67ms
60ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC|562354423&brxdSiteId=4451051&yadpos=LREC&pos=ipemeafinancelrec&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: QNY8TFB7PYCQHDCT
age: 197
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: NDMdEi0S0mvv/0jWCen+WuBm368vOg3+/kKlg6XH7Map3vY18TQhBBjQIYmV17G5OPrYRZcmHzM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 pubads_impl_2023031401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 68E9 397 KB
134 KB 46ms
45ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

444eb17b5e45f8497ffbba1c5d159235e8e0d6bd80a2871e83446e6f61ca9c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136981
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 08:37:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Mar 2024 06:31:24 GMT

GET
H2 200 pubads_impl_2023031401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 936E 397 KB
134 KB 82ms
82ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

444eb17b5e45f8497ffbba1c5d159235e8e0d6bd80a2871e83446e6f61ca9c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136981
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 08:37:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Mar 2024 06:31:24 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 68E9 84 B
256 B 244ms
77ms Script
text/html 34.243.115.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147078&de=458311017842&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067147078&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101864%3A26888709%3A-&zMoatBannerInfo=498041668&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830145&zMoatAlias=y402807&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=384280944&cs=0&callback=DOMlessLLDcallback_61899853
Requested by: Host: aka-cdn.adtechus.com
URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.115.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-115-23.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 955ed60b4f42403984860c90db75c5e897f3845c2874e44c4f3c744229bdc44e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:27 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "e85774970afbe39f1612a375cf9d7751c2b8c7c4"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 68E9 43 B
260 B 161ms
52ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147078&de=458311017842&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067147078&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101864%3A26888709%3A-&zMoatBannerInfo=498041668&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830145&zMoatAlias=y402807&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1262620942&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:27 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 7DE4 83 B
256 B 109ms
74ms Script
text/html 34.243.115.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147231&de=278175055980&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067147231&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101861%3A26888708%3A-&zMoatBannerInfo=498041666&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1995143250&cs=0&callback=DOMlessLLDcallback_67811590
Requested by: Host: aka-cdn.adtechus.com
URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.115.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-115-23.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 9d3ec62d4604767f2f3f0a690531f98c2e0bca117efeb25d0a70a947709d7fcb

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:27 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "eac5819424ba3dbaf6bb868c2f584e849a9c8f30"
content-length: 83
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7DE4 43 B
260 B 52ms
51ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147231&de=278175055980&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067147231&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101861%3A26888708%3A-&zMoatBannerInfo=498041666&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=652922160&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:27 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 936E 83 B
255 B 72ms
71ms Script
text/html 34.243.115.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147357&de=973385629132&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067147357&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101939%3A26888735%3A-&zMoatBannerInfo=498041664&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830144&zMoatAlias=y402804&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1805788978&cs=0&callback=DOMlessLLDcallback_68777382
Requested by: Host: aka-cdn.adtechus.com
URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.115.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-115-23.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: aa4e97176c42a995d917905a61e9933fa29d6f04912b3e2f9e683276a96de194

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:27 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "1931b53c50e6fd2f8e18d6168b40eaaef39c9098"
content-length: 83
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 936E 43 B
260 B 54ms
53ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147357&de=973385629132&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067147357&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101939%3A26888735%3A-&zMoatBannerInfo=498041664&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830144&zMoatAlias=y402804&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=398542682&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:27 GMT

GET
H3 200 pubads_impl_2023031501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7DE4 397 KB
134 KB 44ms
44ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

010595716a334027c86b48c191484ca1ea5f758b4c239ffdedf69919ac480c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136785
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 08:36:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Mar 2024 11:03:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 936E 107 B
531 B 168ms
53ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 936E 107 B
456 B 153ms
53ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 936E 62 KB
12 KB 342ms
342ms Fetch
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=912579993772664&correlator=3307738120434890&eid=31071363%2C31072020%2C31072878%2C31072886%2C31072893%2C31073151&output=ldjh&gdfp_req=1&vrg=2023031401&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=121124594%2Cad-exchange-gpt%2Cyahoo-nonmail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=3540211355&sfv=1-0-40&prev_scp=ADPOSITION%3DLDRB%26SITEID%3D222418&eri=4&sc=1&cdm=s.yimg.com&abxe=1&dt=1679067147947&dlt=1679067145463&idt=2212&adxs=0&adys=14&biw=-12245933&bih=-12245933&isw=727&ish=89&scr_x=-12245933&scr_y=-12245933&ucis=klx0hctaolf8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&top=www.rinehartfarm.com&frm=24&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1033510546.1679067148&ga_sid=1679067148&ga_hid=2116928593&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6a6b1b44b39e91e4b3fbdbef63f9d28f34da997f245fe9eeba6444237443c6d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12734
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 936E 15 KB
11 KB 209ms
106ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ecf8ce0589030ddd4cdad1e8bda6ab78bb89aa9912aa01078b3c8ff69abfe550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11277
x-xss-protection: 0

GET
H2 200 container.html Show response
316a7d8546048e10a2cd990e0c513158.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 68BD 6 KB
3 KB 183ms
59ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://316a7d8546048e10a2cd990e0c513158.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:28 GMT
expires: Sat, 16 Mar 2024 15:32:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 68E9 107 B
165 B 109ms
62ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 68E9 107 B
165 B 89ms
61ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 68E9 53 KB
12 KB 331ms
330ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2287542896518469&correlator=548038626573450&eid=31072886%2C31073151&output=ldjh&gdfp_req=1&vrg=2023031401&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=121124594%2Cad-exchange-gpt%2Cyahoo-nonmail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3803727015&sfv=1-0-40&prev_scp=ADPOSITION%3DLREC2%26SITEID%3D222418&eri=4&sc=1&cdm=s.yimg.com&abxe=1&dt=1679067148016&dlt=1679067145580&idt=2178&adxs=0&adys=14&biw=-12245933&bih=-12245933&isw=299&ish=249&scr_x=-12245933&scr_y=-12245933&ucis=5knydehvzwbh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&top=www.rinehartfarm.com&frm=24&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1892248039.1679067148&ga_sid=1679067148&ga_hid=743999551&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2b8698b365967116c6d5923bd2876570010442a38bafc38a1d8f4a0c31faa4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11847
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 68E9 15 KB
12 KB 130ms
91ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

70b8bcda8f0e83b8d1c027bde67dc8ccfbf4e916e89e6cf2052904b01eeda559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11446
x-xss-protection: 0

GET
H2 200 container.html Show response
793e5fb988953e704349b7bc3946e3d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C6D8 6 KB
3 KB 186ms
52ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://793e5fb988953e704349b7bc3946e3d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:28 GMT
expires: Sat, 16 Mar 2024 15:32:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 7DE4 107 B
165 B 57ms
53ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7DE4 107 B
165 B 61ms
60ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7DE4 21 KB
9 KB 255ms
255ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=686452993253964&correlator=4238991586833191&eid=31072020%2C31073178&output=ldjh&gdfp_req=1&vrg=2023031501&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=121124594%2Cad-exchange-gpt%2Cyahoo-nonmail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=53201040&sfv=1-0-40&prev_scp=ADPOSITION%3DLREC%26SITEID%3D222418&eri=4&sc=1&cdm=s.yimg.com&abxe=1&dt=1679067148251&dlt=1679067145520&idt=2356&adxs=0&adys=14&biw=-12245933&bih=-12245933&isw=299&ish=249&scr_x=-12245933&scr_y=-12245933&ucis=vl8kbq7k55t3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&top=www.rinehartfarm.com&frm=24&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1732835253.1679067148&ga_sid=1679067148&ga_hid=1184992115&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

97aebd5817a78473c11e44b3133e7524915b11b3fcc45a42313d46e978f19345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9688
x-xss-protection: 0
google-lineitem-id: 5832330622
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369425532
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7DE4 15 KB
11 KB 156ms
155ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

edf9650e6e7b5e9f6cbfa379ada4eeeb903f2f4ebb3bcea00c5c436ff0e5ce59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11431
x-xss-protection: 0

GET
H2 200 container.html Show response
27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DEED 6 KB
3 KB 67ms
52ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:28 GMT
expires: Sat, 16 Mar 2024 15:32:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 68E9 17 KB
7 KB 197ms
74ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 15:32:28 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 936E 17 KB
6 KB 191ms
85ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 15:32:28 GMT

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame 92E1 2 KB
820 B 57ms
57ms Document
text/html 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6579
cache-control: public,max-age=31536000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame B99E 2 KB
810 B 50ms
50ms Document
text/html 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6579
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-10-1/html/ Frame 7FF6 2 KB
810 B 58ms
50ms Document
text/html 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 6579
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 13:42:50 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: ZjO7+EMZQebtsWCj22q0nEl3p2R62NM0Pyxv/L5BRtGWne6soFvIvF+Jzqt6Shlvd+tk+PuAjCs=
x-amz-request-id: P2567MSQ7BWRJHGB
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830142%7C0%7C225%7CAdId=11101985;BnId=3;ct=3963478407;st=19519;adcid=1;itime=562354421;reqtype=5;;impref=16775623542580318848;imprefseq=14360940497606341;imprefts=16775623...
5.ras.yahoo.com/ 1 B
34 B 152ms
145ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830142%7C0%7C225%7CAdId=11101985;BnId=3;ct=3963478407;st=19519;adcid=1;itime=562354421;reqtype=5;;impref=16775623542580318848;imprefseq=14360940497606341;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LDRB2;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402805;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:28 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830146%7C0%7C170%7CAdId=11101812;BnId=2;ct=3963478407;st=27119;adcid=1;itime=562354430;reqtype=5;;impref=16775623542580318872;imprefseq=14360940497606350;imprefts=16775623...
5.ras.yahoo.com/ 1 B
34 B 151ms
144ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830146%7C0%7C170%7CAdId=11101812;BnId=2;ct=3963478407;st=27119;adcid=1;itime=562354430;reqtype=5;;impref=16775623542580318872;imprefseq=14360940497606350;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LREC3;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402808;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:28 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830166%7C0%7C170%7CAdId=11101914;BnId=2;ct=3963478407;st=29575;adcid=1;itime=562354434;reqtype=5;;impref=16775623542580318883;imprefseq=14360940497606353;imprefts=16775623...
5.ras.yahoo.com/ 1 B
225 B 150ms
143ms Image
application/x-javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830166%7C0%7C170%7CAdId=11101914;BnId=2;ct=3963478407;st=29575;adcid=1;itime=562354434;reqtype=5;;impref=16775623542580318883;imprefseq=14360940497606353;imprefts=1677562354;adclntid=1004;spaceid=1183310220;adposition=LREC4;lmsid=a0V0W00000HOchMUAT;revshare=lmsid%253Aa0V0W00000HOchMUAT%253Brevsp%253Acoindesk%255F75%253Blpstaid%253A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%253Blu%253A0%253Bpct%253Astory%253Bpt%253Acontent%253Bsite%253Afinance%253Bver%253Aarticle%253Bpd%253Anon%255Fmodal;pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc;sectionid=96306051;kvrs=coindesk_75:pt:site:lu:lmsid:finance:content:pd:0:a0v0w00000hochmuat:pct:story:article:ver:58cd28cb-d225-3f64-a522-31500d475d2c:revsp:lpstaid:non_modal;kvssp=ssp;kvmn=y402809;kvhashtag=1542500:1481489:1480989:1577000;kvsecure=true;kvsecure-darla=4-10-1%7Cysd%7C1;kvticker=btc-usd;kvctopid=1542500:1481489:1480989:1577000;kvwiki_topics=kazakhstan:sichuan:provinces_of_china:public_company;kvy-bucket=finance-us-en-us-def;kvpgcolo=ir2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=linux;kvadtc_dvbrand=mozilla;kvadtc_dvtype=desktop;kvadtc_dvmodel=firefox_-_linux;kvrepo_dvosplt=linux;kvadtc_dvosversion=UNKNOWN;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:28 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK p
geo.yahoo.com/ 43 B
618 B 163ms
76ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://geo.yahoo.com/p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=1183310220&pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-10-1&D_l=137%2C318%2C1957%2C2187%2C0%2C0%2C88%2C140%2C69&D_m=0%2C%2C4g%2C1%2C&test=&D_e=&D_p=6%2C11101864%2CLREC2%2C300x250%2C999999%2C999999%2C999999%2C0%2C0%2C2502%2C1%2C-1%2C26888709%2C-1%2C2%2CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%3A-1%3ALREC2%2C2%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C3%2C1%2C3%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C3%2Chttp%253A%2F%2Fwww.rinehartfarm.com%2C%2C1%2C2%2C3%2C0%2C0%2C-1%2C0%2C-1%2C-1%2C-1%2C-1%2C-1%3B&D_res=%7B%22LREC2%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fweb-oao.ssp.yahoo.com%2Fadmax%2FadServe.do%3FbrxdSectionId%3D96306051%26brxdPublisherId%3D20459933223%26ypubblob%3Dlmsid%3Aa0V0W00000HOchMUAT%3Brevsp%3Acoindesk_75%3Blpstaid%3A58cd28cb-d225-3f64-a522-31500d475d2c%3Blu%3A0%3Bpct%3Astory%3Bpt%3Acontent%3Bsite%3Afinance%3Bver%3Aarticle%3Bpd%3Anon_modal%7CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%7C1183310220%7CLREC2%7C562354427%26brxdSiteId%3D4451051%26yadpos%3DLREC2%26pos%3Dipemeafinancelrec2%26ybkt%3D_BUCKETID_%26us_privacy%3D%26gdpr%3D0%26euconsent%3D%26gpp%3D%26gpp_sid%3D%26wd%3D300%26ht%3D250%26of%3Djs%26csrtype%3D3%26req(url)%3Dhttps%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%22%2C%22dur%22%3A594%2C%22st%22%3A885%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Faka-cdn.adtechus.com%2Fmedia%2Fmoat%2Fadtechbrands092348fjlsmdhlwsl239fh3df%2Fmoatad.js%23moatClientLevel1%3D5113%26moatClientLevel2%3D374058%26moatClientLevel3%3D0%26moatClientLevel4%3D4830145%26zMoatMaster%3D11100493%26zMoatFlight%3D11101864%26zMoatBanner%3D26888709%26zURL%3Dhttps%26zMoatPlacementId%3D4830145%26zMoatAdId%3D11101864%26zMoatCreative%3D0%26zMoatBannerID%3D2%26zMoatCustomVisp%3D50%26zMoatCustomVist%3D1000%26zMoatIsAdvisGoal%3D0%26zMoatEventUrl%3Dhttps%3A%2F%2F5.ras.yahoo.com%2Fadcount%7C2.0%7C5113.1%7C4830145%7C0%7C170%7CAdId%3D11101864%3BBnId%3D2%3Bct%3D3963478407%3Bst%3D24306%3Badcid%3D1%3Bitime%3D562354427%3Breqtype%3D5%3B%3Bimpref%3D16775623542580318861%3Bimprefseq%3D14360940497606347%3Bimprefts%3D1677562354%3Badclntid%3D1004%3Bspaceid%3D1183310220%3Badposition%3DLREC2%3Blmsid%3Da0V0W00000HOchMUAT%3Brevshare%3Dlmsid%25253Aa0V0W00000HOchMUAT%25253Brevsp%25253Acoindesk%25255F75%25253Blpstaid%25253A58cd28cb%25252Dd225%25252D3f64%25252Da522%25252D31500d475d2c%25253Blu%25253A0%25253Bpct%25253Astory%25253Bpt%25253Acontent%25253Bsite%25253Afinance%25253Bver%25253Aarticle%25253Bpd%25253Anon%25255Fmodal%3Bpvid%3DCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%3Bsectionid%3D96306051%3Bkvrs%3Dcoindesk%255F75%3Apt%3Asite%3Alu%3Almsid%3Afinance%3Acontent%3Apd%3A0%3Aa0v0w00000hochmuat%3Apct%3Astory%3Aarticle%3Aver%3A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%3Arevsp%3Alpstaid%3Anon%255Fmodal%3Bkvssp%3Dssp%3Bkvmn%3Dy402807%3Bkvhashtag%3D1542500%3A1481489%3A1480989%3A1577000%3Bkvsecure%3Dtrue%3Bkvsecure%252Ddarla%3D4%252D10%252D1%257Cysd%257C1%3Bkvticker%3Dbtc%252Dusd%3Bkvctopid%3D1542500%3A1481489%3A1480989%3A1577000%3Bkvwiki%255Ftopics%3Dkazakhstan%3Asichuan%3Aprovinces%255Fof%255Fchina%3Apublic%255Fcompany%3Bkvy%252Dbucket%3Dfinance%252Dus%252Den%252Dus%252Ddef%3Bkvpgcolo%3Dir2%3Bkvadtc%255Fdvmktname%3Dunknown%3Bkvadtc%255Fdvosplt%3Dlinux%3Bkvadtc%255Fdvbrand%3Dmozilla%3Bkvadtc%255Fdvtype%3Ddesktop%3Bkvadtc%255Fdvmodel%3Dfirefox%255F%252D%255Flinux%3Bkvrepo%255Fdvosplt%3Dlinux%3Bkvadtc%255Fdvosversion%3DUNKNOWN%3Bkvadtc%255Fcrmcc%3DUNKNOWN%3Bkvadtc%255Fcrmnc%3DUNKNOWN%3Bgdpr%3D0%3B%26zMoatSize%3D170%26zMoatSubNetID%3D1%26zMoatisSelected%3D0%26zMoatadServer%3Dus-pg.ras.yahoo.com%26zMoatadVisServer%3D%26zMoatSamplingRate%3D5%26zMoatliveTestCookie%3D%26zMoatRefSeqId%3DLbBAFMTBzAA%26zMoatImpRefTs%3D1677562354%26zMoatAlias%3Dy402807%26zMoatVert%3D%26zMoatBannerInfo%3D498041668%22%2C%22dur%22%3A572%2C%22st%22%3A887%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fo.aolcdn.com%2Fads%2Fadchoices.png%22%2C%22dur%22%3A451%2C%22st%22%3A889%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fo.aolcdn.com%2Fads%2Fadchoicesi.png%22%2C%22dur%22%3A450%2C%22st%22%3A888%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fservice.idsync.analytics.yahoo.com%2Fsp%2Fv0%2Fpixels%3FpixelIds%3D55940%2C58301%2C58294%2C55953%2C55936%2C58292%2C58160%2C55938%2C55859%2C58222%2C47%2C58581%26referrer%3Dfinance.yahoo.com%26limit%3D12%26us_privacy%3D%26js%3D1%26_origin%3D1%26gdpr%3D0%26euconsent%3D%22%2C%22dur%22%3A252%2C%22st%22%3A1489%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%5D%7D&t=1679067148646
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: media-router-brb71.prod.media.vip.ir2.yahoo.com
Software: ATS /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:28 GMT
server: ATS
Age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
Connection: keep-alive
content-length: 43

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302271541000/ Frame 2D8D 221 KB
61 KB 824ms
45ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

5ae9552d446982cedbbeb56c92ec7461d79f2e7734efa66bd0633e095b12d645

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Mar 2023 17:10:33 GMT
age: 339716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61845
x-xss-protection: 0
server: sffe
etag: "4fba9ccee66ca96a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 12 Mar 2024 17:10:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 2D8D 15 KB
5 KB 941ms
163ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 04:56:40 GMT
age: 556549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
server: sffe
etag: "cedf9691907d886d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 04:56:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 2D8D 94 KB
28 KB 949ms
171ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 03:37:38 GMT
age: 561291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28954
x-xss-protection: 0
server: sffe
etag: "eb54a928dd76f593"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 03:37:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 2D8D 5 KB
2 KB 958ms
181ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 04:47:59 GMT
age: 557070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "aaf5c93962f41d5e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 04:47:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 2D8D 40 KB
13 KB 964ms
187ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Mar 2023 18:09:06 GMT
age: 595403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "2e1a930b1f14d060"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Mar 2024 18:09:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2D8D 4 KB
1 KB 833ms
56ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 15:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 14:52:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 15:32:29 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D8D 2 KB
3 KB 50ms
48ms Image
image/png 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 07:53:30 GMT
x-content-type-options: nosniff
server: cafe
age: 27538
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 18 Mar 2023 07:53:30 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D8D 295 B
399 B 53ms
51ms Image
image/png 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 20:24:54 GMT
x-content-type-options: nosniff
server: cafe
age: 68854
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Mar 2023 20:24:54 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2D8D 0
0 96ms
94ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfLuvDIgUZK-QBa_D9u8Pm6uhiAaQ1J3ubr7CuLCOEbvCioX7OBABIMqc9yNg6eTJhdgaoAH27KebA8gBCakCUPnr22nXsT7gAgCoAwHIAwqqBKQCT9AON6XK2bEUo6lleVlavaQmGX494x-z0PMSDcaSqtLxVpafV2ES85tDQWjoYdC6b8HxGrk47twHmzVtjWgkuv9diXalHiED0Y9vKhRE77S-XYWZ-w_eOqARGsdlLP1XpTqvFzUL7MMssdXh7MkgwW_WdT19h5klS4k64MPxmO_0JbTBC6vUqLsY4i5I207koqhwN3tnM4VoCDoYjY-wJe0OnRBq50KpBLwIJQpmVelllBx7AvF690cJxwqxu3reYImeIwl4sJNuGawTIIA7U-A-v-F5FP8ryvahwH4Wl8CinCONniCvmSdn6mSv1dfAQ7XkXPu1KqfRYcQeC_sTeTcf0zyVRgQlCYGiSYxctS5ybunFNWRpJPtjtQhhjT_yNVF-X8AEhrSE8JkE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_KS2GSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC3jgPSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTkwNTkzMjU5MzA5NDA2ORiq3Bg&sigh=Mf6OHZMzwBg&uach_m=[UACH]&cid=CAQSGwDUE5ymJcUqsxtgCNn5GB422xXHhmwWOoqwuxgB&template_id=5000
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14218343119437884834/ Frame 2D8D 18 KB
18 KB 46ms
45ms Image
image/jpeg 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14218343119437884834/14763004658117789537?w=400&h=209

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

839bbc532e50b418067796dc2dbfee591f47b4c497d2148dcae3a28221cf83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:00:24 GMT
x-content-type-options: nosniff
age: 178324
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17940
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 07:29:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Mar 2024 14:00:24 GMT

GET
DATA 200
OK truncated
/ Frame 2D8D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2D8D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc29b878d0de77b881475726149efbdc770c6eb6f4997acd482dd23b2586a855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7DE4 17 KB
6 KB 56ms
55ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 15:32:28 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302271541000/ Frame 5A38 221 KB
60 KB 836ms
125ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

5ae9552d446982cedbbeb56c92ec7461d79f2e7734efa66bd0633e095b12d645

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Mar 2023 17:10:33 GMT
age: 339716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61845
x-xss-protection: 0
server: sffe
etag: "4fba9ccee66ca96a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 12 Mar 2024 17:10:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 5A38 15 KB
5 KB 920ms
209ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 04:56:40 GMT
age: 556549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
server: sffe
etag: "cedf9691907d886d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 04:56:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 5A38 94 KB
28 KB 904ms
193ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 03:37:38 GMT
age: 561291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28954
x-xss-protection: 0
server: sffe
etag: "eb54a928dd76f593"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 03:37:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 5A38 5 KB
2 KB 909ms
199ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Mar 2023 04:47:59 GMT
age: 557070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "aaf5c93962f41d5e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 04:47:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 5A38 40 KB
13 KB 917ms
207ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Mar 2023 18:09:06 GMT
age: 595403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "2e1a930b1f14d060"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Mar 2024 18:09:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5A38 8 KB
968 B 768ms
58ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 15:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 13:57:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 15:32:29 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A38 295 B
353 B 50ms
50ms Image
image/png 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 20:24:54 GMT
x-content-type-options: nosniff
server: cafe
age: 68854
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Mar 2023 20:24:54 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A38 2 KB
3 KB 52ms
52ms Image
image/png 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 19:10:45 GMT
x-content-type-options: nosniff
server: cafe
age: 73303
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Fri, 17 Mar 2023 19:10:45 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5A38 0
0 91ms
90ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwzbIDIgUZJuPAeiU9u8P0ZqK-A_I_6_Ab4Ofy_bWEOmymJWODhABIMqc9yNg6eTJhdgaoAGgqsrpAsgBAakCf09YgyD7qD7gAgCoAwHIAwqqBKECT9B-3nefVTRNlpOYMJHaNb8xEwaHPJy8Yfw2OTeW0z2QSY15vJCHrfgw-mb_Oj-tZ4cWgiTVANfqmCwIW0q7vPK9XhNCzrapUUUUdAHNb0-2t6swGzbWKv0g_jAxm95mSuRZHLGUPAgJBI14Z928AWgHKXhlY7-0NgDBZTOKSLdm1-88oz-blSsuIXKKH9PNGoAwMGJjarNbZcH6nOy1lVzNrWmKJMHvqGOuDatDtxHHjLRvPg9IksuHmCKCuBMJQfzX5BSqVFg5uOkgh3rVAgU-jiRnKATkpQ8H-CdGXzgpolr3qdrzsyBvq64ljnxEGQfPIN33BRMFxNtuP-CIoRIyFvjYPvl63Syj78UBt2R0h-9B0kydc9p4kzs4VzbT58AEjqbxjYgE4AQBkgUECAQYAZIFBAgFGASgBmaAB8jVtZYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQt44D0ggPCIBhEAEYHTICigI6AoBAgAoDyAsB2BMLiBQH0BUBgBcBshceChwIABIUcHViLTU5MDU5MzI1OTMwOTQwNjkYqtwY&sigh=DL2WY20qlA0&uach_m=[UACH]&cid=CAQSGwDUE5ymuzGvxlpZkBezp16uqpK_33yMO8Tl9BgB
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 container.html Show response
27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3CDF 6 KB
3 KB 46ms
45ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:28 GMT
expires: Sat, 16 Mar 2024 15:32:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5A38 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5A38 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d7860d5f0def7ec1422ac15a605762bf80bbdb4d335d325d1dac16300faf4a3

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK p
geo.yahoo.com/ 43 B
618 B 73ms
73ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://geo.yahoo.com/p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=1183310220&pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-10-1&D_l=137%2C318%2C1957%2C2187%2C0%2C0%2C88%2C140%2C69&D_m=0%2C%2C4g%2C1%2C&test=&D_e=&D_p=6%2C11101939%2CLDRB%2C728x90%2C999999%2C999999%2C999999%2C0%2C0%2C2551%2C1%2C100%2C26888735%2C-1%2C2%2CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%3A-1%3ALDRB%2C1%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C3%2C1%2C3%2C2%2C0%2C0%2C0%2C0%2C100%2C0%2C3%2Chttp%253A%2F%2Fwww.rinehartfarm.com%2C%2C1%2Ctrue%2C3%2C0%2C0%2C-1%2C0%2C-1%2C-1%2C-1%2C2789%2C2789%3B&D_res=%7B%22LDRB%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fweb-oao.ssp.yahoo.com%2Fadmax%2FadServe.do%3FbrxdSectionId%3D96306051%26brxdPublisherId%3D20459933223%26ypubblob%3Dlmsid%3Aa0V0W00000HOchMUAT%3Brevsp%3Acoindesk_75%3Blpstaid%3A58cd28cb-d225-3f64-a522-31500d475d2c%3Blu%3A0%3Bpct%3Astory%3Bpt%3Acontent%3Bsite%3Afinance%3Bver%3Aarticle%3Bpd%3Anon_modal%7CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%7C1183310220%7CLDRB%7C562354419%26brxdSiteId%3D4451051%26yadpos%3DLDRB%26pos%3Dipemeafinanceldrb%26ybkt%3D_BUCKETID_%26us_privacy%3D%26gdpr%3D0%26euconsent%3D%26gpp%3D%26gpp_sid%3D%26wd%3D728%26ht%3D90%26of%3Djs%26csrtype%3D3%26req(url)%3Dhttps%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%22%2C%22dur%22%3A656%2C%22st%22%3A867%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Faka-cdn.adtechus.com%2Fmedia%2Fmoat%2Fadtechbrands092348fjlsmdhlwsl239fh3df%2Fmoatad.js%23moatClientLevel1%3D5113%26moatClientLevel2%3D374058%26moatClientLevel3%3D0%26moatClientLevel4%3D4830144%26zMoatMaster%3D11100493%26zMoatFlight%3D11101939%26zMoatBanner%3D26888735%26zURL%3Dhttps%26zMoatPlacementId%3D4830144%26zMoatAdId%3D11101939%26zMoatCreative%3D0%26zMoatBannerID%3D2%26zMoatCustomVisp%3D50%26zMoatCustomVist%3D1000%26zMoatIsAdvisGoal%3D0%26zMoatEventUrl%3Dhttps%3A%2F%2F5.ras.yahoo.com%2Fadcount%7C2.0%7C5113.1%7C4830144%7C0%7C225%7CAdId%3D11101939%3BBnId%3D2%3Bct%3D3963478407%3Bst%3D16638%3Badcid%3D1%3Bitime%3D562354419%3Breqtype%3D5%3B%3Bimpref%3D16775623542580318841%3Bimprefseq%3D14360940497606338%3Bimprefts%3D1677562354%3Badclntid%3D1004%3Bspaceid%3D1183310220%3Badposition%3DLDRB%3Blmsid%3Da0V0W00000HOchMUAT%3Brevshare%3Dlmsid%25253Aa0V0W00000HOchMUAT%25253Brevsp%25253Acoindesk%25255F75%25253Blpstaid%25253A58cd28cb%25252Dd225%25252D3f64%25252Da522%25252D31500d475d2c%25253Blu%25253A0%25253Bpct%25253Astory%25253Bpt%25253Acontent%25253Bsite%25253Afinance%25253Bver%25253Aarticle%25253Bpd%25253Anon%25255Fmodal%3Bpvid%3DCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%3Bsectionid%3D96306051%3Bkvrs%3Dcoindesk%255F75%3Apt%3Asite%3Alu%3Almsid%3Afinance%3Acontent%3Apd%3A0%3Aa0v0w00000hochmuat%3Apct%3Astory%3Aarticle%3Aver%3A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%3Arevsp%3Alpstaid%3Anon%255Fmodal%3Bkvssp%3Dssp%3Bkvmn%3Dy402804%3Bkvhashtag%3D1542500%3A1481489%3A1480989%3A1577000%3Bkvsecure%3Dtrue%3Bkvsecure%252Ddarla%3D4%252D10%252D1%257Cysd%257C1%3Bkvticker%3Dbtc%252Dusd%3Bkvctopid%3D1542500%3A1481489%3A1480989%3A1577000%3Bkvwiki%255Ftopics%3Dkazakhstan%3Asichuan%3Aprovinces%255Fof%255Fchina%3Apublic%255Fcompany%3Bkvy%252Dbucket%3Dfinance%252Dus%252Den%252Dus%252Ddef%3Bkvpgcolo%3Dir2%3Bkvadtc%255Fdvmktname%3Dunknown%3Bkvadtc%255Fdvosplt%3Dlinux%3Bkvadtc%255Fdvbrand%3Dmozilla%3Bkvadtc%255Fdvtype%3Ddesktop%3Bkvadtc%255Fdvmodel%3Dfirefox%255F%252D%255Flinux%3Bkvrepo%255Fdvosplt%3Dlinux%3Bkvadtc%255Fdvosversion%3DUNKNOWN%3Bkvadtc%255Fcrmcc%3DUNKNOWN%3Bkvadtc%255Fcrmnc%3DUNKNOWN%3Bgdpr%3D0%3B%26zMoatSize%3D225%26zMoatSubNetID%3D1%26zMoatisSelected%3D0%26zMoatadServer%3Dus-pg.ras.yahoo.com%26zMoatadVisServer%3D%26zMoatSamplingRate%3D5%26zMoatliveTestCookie%3D%26zMoatRefSeqId%3DCbBAFMTBzAA%26zMoatImpRefTs%3D1677562354%26zMoatAlias%3Dy402804%26zMoatVert%3D%26zMoatBannerInfo%3D498041664%22%2C%22dur%22%3A573%2C%22st%22%3A868%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fo.aolcdn.com%2Fads%2Fadchoicesi.png%22%2C%22dur%22%3A502%2C%22st%22%3A869%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fo.aolcdn.com%2Fads%2Fadchoices.png%22%2C%22dur%22%3A502%2C%22st%22%3A870%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fservice.idsync.analytics.yahoo.com%2Fsp%2Fv0%2Fpixels%3FpixelIds%3D55940%2C58301%2C58294%2C55953%2C55936%2C58292%2C58160%2C55938%2C55859%2C58222%2C57630%2C47%26referrer%3Dfinance.yahoo.com%26limit%3D12%26us_privacy%3D%26js%3D1%26_origin%3D1%26gdpr%3D0%26euconsent%3D%22%2C%22dur%22%3A247%2C%22st%22%3A1530%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22first-paint%22%3A2789%2C%22first-contentful-paint%22%3A2789%7D%5D%7D&t=1679067148924
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: media-router-brb71.prod.media.vip.ir2.yahoo.com
Software: ATS /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:28 GMT
server: ATS
Age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
Connection: keep-alive
content-length: 43

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame 92E1 63 KB
27 KB 49ms
49ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: K90X4YVGEX1N8A52
age: 2612913
x-amz-server-side-encryption: AES256
content-length: 27596
x-amz-id-2: +Cb1UrGGdc70ZYNBtk3W/rcHKe7M+Ir9Ex/J9Q/KOmV5fqlzp2e7rCDVXMCbP75HnXH5IymelVw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame B99E 63 KB
27 KB 97ms
97ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: K90X4YVGEX1N8A52
age: 2612913
x-amz-server-side-encryption: AES256
content-length: 27596
x-amz-id-2: +Cb1UrGGdc70ZYNBtk3W/rcHKe7M+Ir9Ex/J9Q/KOmV5fqlzp2e7rCDVXMCbP75HnXH5IymelVw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-10-1/js/ Frame 7FF6 63 KB
27 KB 142ms
142ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-10-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: K90X4YVGEX1N8A52
age: 2612913
x-amz-server-side-encryption: AES256
content-length: 27596
x-amz-id-2: +Cb1UrGGdc70ZYNBtk3W/rcHKe7M+Ir9Ex/J9Q/KOmV5fqlzp2e7rCDVXMCbP75HnXH5IymelVw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
server: ATS
etag: "a84b48cbebd5379f03b1e428526ec262-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8DAE 13 KB
5 KB 103ms
49ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 9818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:48:51 GMT
expires: Sat, 16 Mar 2024 12:48:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0C58 783 B
743 B 181ms
56ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

15918f765204761c643d2e0d39fc60e07eaddbb881df11f115878c6f71b2769a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vkKhpRSnTPHX_MzePL6LmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-vkKhpRSnTPHX_MzePL6LmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:29 GMT
expires: Fri, 17 Mar 2023 15:32:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C6B5 13 KB
5 KB 103ms
54ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 9818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:48:51 GMT
expires: Sat, 16 Mar 2024 12:48:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AD87 783 B
1 KB 174ms
55ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

fceb35a57280efd77522839a3be8424586eca77604b5d02d41aee13f16ba4ce3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RtK_m1tJfqAreSwAgN3aXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-RtK_m1tJfqAreSwAgN3aXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:29 GMT
expires: Fri, 17 Mar 2023 15:32:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7F2C 13 KB
5 KB 70ms
62ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 9818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:48:51 GMT
expires: Sat, 16 Mar 2024 12:48:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 209A 783 B
738 B 136ms
57ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

44f6b549a0b8cfc0643eda7af22d6d3c592f1b7e6335918b235f9f68ad2e6d48

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qfhDCODistDGAB90b1QXZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-qfhDCODistDGAB90b1QXZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:29 GMT
expires: Fri, 17 Mar 2023 15:32:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame 92E1 4 KB
2 KB 339ms
307ms Script
application/x-javascript 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB2|562354421&brxdSiteId=4451051&yadpos=LDRB2&pos=ipemeafinanceldrb2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 71b68ef61fe4a64d7d8914a428759ca0109ebebd458b9cf258d9f929fe50757d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:29 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 1718
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame 92E1 318 KB
107 KB 57ms
36ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:29 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1860
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame 92E1 565 B
660 B 79ms
58ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:29 GMT
x-amz-version-id: null
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
age: 39240
x-amz-request-id: KPNXB3V80ADW05F8
etag: "349bad1100a940608cb9109eb2b166a2"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame 92E1 1 KB
2 KB 85ms
64ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:29 GMT
x-amz-version-id: null
nel: {"report_to": "default", "max_age": 43200, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age: 80758
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
report-to: {"group": "default", "max_age": 43200, "endpoints":[{"url": "https://report.edgecast.com/nel/v0?s=QlcUD0dUXhNXDlABC1NW", "priority": 1}, {"url": "https://nelcollector.sre.ecsvc.net/report", "priority": 2}]}
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame 7FF6 4 KB
2 KB 322ms
302ms Script
application/x-javascript 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC4|562354434&brxdSiteId=4451051&yadpos=LREC4&pos=ipemeafinancelrec4&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 91882a111dbec666e8404ba19b8f74516939ae2b2d9304c187b5adfce509c10d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:30 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 1
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 1714
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame 7FF6 318 KB
107 KB 61ms
34ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:29 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1860
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame 7FF6 565 B
637 B 49ms
35ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:29 GMT
x-amz-version-id: null
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
age: 39240
x-amz-request-id: KPNXB3V80ADW05F8
etag: "349bad1100a940608cb9109eb2b166a2"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame 7FF6 1 KB
1 KB 50ms
36ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:29 GMT
x-amz-version-id: null
age: 80758
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adServe.do Show response
web-oao.ssp.yahoo.com/admax/ Frame B99E 4 KB
2 KB 283ms
280ms Script
application/x-javascript 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC3|562354430&brxdSiteId=4451051&yadpos=LREC3&pos=ipemeafinancelrec3&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 569ea3817eb4c6220aa0bef06154b2a2e0e77dc611d91911cd14b370771837d1

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:30 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 1
vary: Accept-Encoding, User-Agent
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 1712
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame B99E 318 KB
107 KB 36ms
34ms Script
application/javascript 152.199.21.65
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.65 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEA2) /
Resource Hash: 8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:29 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:58:13 GMT
server: ECAcc (wmi/FEA2)
age: 1860
x-amz-request-id: N83Q7BT1CSHEGJ63
etag: "aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 108947
x-amz-id-2: 4FzJwnADnpIDqW0Fg3y14yvuBS+MvUkWyZGvq8rc4yXhX7Np2CHqZO3N7k4ytZ085awwtIwgWkY=
x-amzn-internal-status: 304

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame B99E 565 B
639 B 32ms
30ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FEEC) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:29 GMT
x-amz-version-id: null
nel: {"report_to": "default", "max_age": 43200, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age: 39240
x-amz-request-id: KPNXB3V80ADW05F8
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 565
x-amz-id-2: i1LwYjKw8rwJCV9txrNRNmOeb1h61zGTXMR4AK1Ci9FzuHXQ5fA0q1xELRb9M1DQJTDoAYUGb9U=
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FEEC)
etag: "349bad1100a940608cb9109eb2b166a2"
report-to: {"group": "default", "max_age": 43200, "endpoints":[{"url": "https://report.edgecast.com/nel/v0?s=QlcUD0dUXhNXDlABC1NW", "priority": 1}, {"url": "https://nelcollector.sre.ecsvc.net/report", "priority": 2}]}
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame B99E 1 KB
1 KB 35ms
33ms Image
image/png 192.229.221.24
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (wmi/FE97) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:29 GMT
x-amz-version-id: null
age: 80758
x-amz-request-id: 63K964JHTET2V5W5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: rnOiQZNwy6TwWtcf76cUh1HLDco/BqeWv1GOQkxa7L7uBJpb6uqnHuMUzm8GbVcvT+IGQhLIL7U=
x-amzn-internal-status: 304
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (wmi/FE97)
etag: "eec84c9335d53d358f4b61c925c376e9"
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3CDF 24 KB
6 KB 47ms
46ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com
URL: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 00:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Mar 2024 00:05:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CDF 158 KB
49 KB 279ms
174ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com
URL: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 15:32:30 GMT

GET
H/1.1 200
OK p
geo.yahoo.com/ 43 B
618 B 83ms
82ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://geo.yahoo.com/p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=1183310220&pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-10-1&D_l=137%2C318%2C1957%2C2187%2C0%2C0%2C88%2C140%2C69&D_m=0%2C%2C4g%2C1%2C&test=&D_e=&D_p=6%2C11101861%2CLREC%2C300x250%2C999999%2C999999%2C999999%2C0%2C0%2C2836%2C1%2C-1%2C26888708%2C-1%2C2%2CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%3A-1%3ALREC%2C2%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C4%2C1%2C4%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C3%2Chttp%253A%2F%2Fwww.rinehartfarm.com%2C%2C1%2C2%2C3%2C0%2C0%2C-1%2C0%2C-1%2C-1%2C-1%2C3006%2C3006%3B&D_res=%7B%22LREC%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fweb-oao.ssp.yahoo.com%2Fadmax%2FadServe.do%3FbrxdSectionId%3D96306051%26brxdPublisherId%3D20459933223%26ypubblob%3Dlmsid%3Aa0V0W00000HOchMUAT%3Brevsp%3Acoindesk_75%3Blpstaid%3A58cd28cb-d225-3f64-a522-31500d475d2c%3Blu%3A0%3Bpct%3Astory%3Bpt%3Acontent%3Bsite%3Afinance%3Bver%3Aarticle%3Bpd%3Anon_modal%7CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%7C1183310220%7CLREC%7C562354423%26brxdSiteId%3D4451051%26yadpos%3DLREC%26pos%3Dipemeafinancelrec%26ybkt%3D_BUCKETID_%26us_privacy%3D%26gdpr%3D0%26euconsent%3D%26gpp%3D%26gpp_sid%3D%26wd%3D300%26ht%3D250%26of%3Djs%26csrtype%3D3%26req(url)%3Dhttps%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%22%2C%22dur%22%3A637%2C%22st%22%3A879%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Faka-cdn.adtechus.com%2Fmedia%2Fmoat%2Fadtechbrands092348fjlsmdhlwsl239fh3df%2Fmoatad.js%23moatClientLevel1%3D5113%26moatClientLevel2%3D374058%26moatClientLevel3%3D0%26moatClientLevel4%3D4830165%26zMoatMaster%3D11100493%26zMoatFlight%3D11101861%26zMoatBanner%3D26888708%26zURL%3Dhttps%26zMoatPlacementId%3D4830165%26zMoatAdId%3D11101861%26zMoatCreative%3D0%26zMoatBannerID%3D2%26zMoatCustomVisp%3D50%26zMoatCustomVist%3D1000%26zMoatIsAdvisGoal%3D0%26zMoatEventUrl%3Dhttps%3A%2F%2F5.ras.yahoo.com%2Fadcount%7C2.0%7C5113.1%7C4830165%7C0%7C170%7CAdId%3D11101861%3BBnId%3D2%3Bct%3D3963478407%3Bst%3D21815%3Badcid%3D1%3Bitime%3D562354423%3Breqtype%3D5%3B%3Bimpref%3D16775623542580318853%3Bimprefseq%3D14360940497606344%3Bimprefts%3D1677562354%3Badclntid%3D1004%3Bspaceid%3D1183310220%3Badposition%3DLREC%3Blmsid%3Da0V0W00000HOchMUAT%3Brevshare%3Dlmsid%25253Aa0V0W00000HOchMUAT%25253Brevsp%25253Acoindesk%25255F75%25253Blpstaid%25253A58cd28cb%25252Dd225%25252D3f64%25252Da522%25252D31500d475d2c%25253Blu%25253A0%25253Bpct%25253Astory%25253Bpt%25253Acontent%25253Bsite%25253Afinance%25253Bver%25253Aarticle%25253Bpd%25253Anon%25255Fmodal%3Bpvid%3DCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%3Bsectionid%3D96306051%3Bkvrs%3Dcoindesk%255F75%3Apt%3Asite%3Alu%3Almsid%3Afinance%3Acontent%3Apd%3A0%3Aa0v0w00000hochmuat%3Apct%3Astory%3Aarticle%3Aver%3A58cd28cb%252Dd225%252D3f64%252Da522%252D31500d475d2c%3Arevsp%3Alpstaid%3Anon%255Fmodal%3Bkvssp%3Dssp%3Bkvmn%3Dy402806%3Bkvhashtag%3D1542500%3A1481489%3A1480989%3A1577000%3Bkvsecure%3Dtrue%3Bkvsecure%252Ddarla%3D4%252D10%252D1%257Cysd%257C1%3Bkvticker%3Dbtc%252Dusd%3Bkvctopid%3D1542500%3A1481489%3A1480989%3A1577000%3Bkvwiki%255Ftopics%3Dkazakhstan%3Asichuan%3Aprovinces%255Fof%255Fchina%3Apublic%255Fcompany%3Bkvy%252Dbucket%3Dfinance%252Dus%252Den%252Dus%252Ddef%3Bkvpgcolo%3Dir2%3Bkvadtc%255Fdvmktname%3Dunknown%3Bkvadtc%255Fdvosplt%3Dlinux%3Bkvadtc%255Fdvbrand%3Dmozilla%3Bkvadtc%255Fdvtype%3Ddesktop%3Bkvadtc%255Fdvmodel%3Dfirefox%255F%252D%255Flinux%3Bkvrepo%255Fdvosplt%3Dlinux%3Bkvadtc%255Fdvosversion%3DUNKNOWN%3Bkvadtc%255Fcrmcc%3DUNKNOWN%3Bkvadtc%255Fcrmnc%3DUNKNOWN%3Bgdpr%3D0%3B%26zMoatSize%3D170%26zMoatSubNetID%3D1%26zMoatisSelected%3D0%26zMoatadServer%3Dus-pg.ras.yahoo.com%26zMoatadVisServer%3D%26zMoatSamplingRate%3D5%26zMoatliveTestCookie%3D%26zMoatRefSeqId%3DIbBAFMTBzAA%26zMoatImpRefTs%3D1677562354%26zMoatAlias%3Dy402806%26zMoatVert%3D%26zMoatBannerInfo%3D498041666%22%2C%22dur%22%3A586%2C%22st%22%3A880%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fo.aolcdn.com%2Fads%2Fadchoices.png%22%2C%22dur%22%3A487%2C%22st%22%3A882%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fo.aolcdn.com%2Fads%2Fadchoicesi.png%22%2C%22dur%22%3A482%2C%22st%22%3A881%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgampad%2Fads%3Fpvsid%3D686452993253964%26correlator%3D4238991586833191%26eid%3D31072020%252C31073178%26output%3Dldjh%26gdfp_req%3D1%26vrg%3D2023031501%26ptt%3D17%26impl%3Dfif%26gdpr_consent%3Dtcunavailable%26gdpr%3D0%26tcfe%3D3%26iu_parts%3D121124594%252Cad-exchange-gpt%252Cyahoo-nonmail%26enc_prev_ius%3D%252F0%252F1%252F2%26prev_iu_szs%3D300x250%26ifi%3D1%26adks%3D53201040%26sfv%3D1-0-40%26prev_scp%3DADPOSITION%253DLREC%2526SITEID%253D222418%26eri%3D4%26sc%3D1%26cdm%3Ds.yimg.com%26abxe%3D1%26dt%3D1679067148251%26dlt%3D1679067145520%26idt%3D2356%26adxs%3D0%26adys%3D14%26biw%3D-12245933%26bih%3D-12245933%26isw%3D299%26ish%3D249%26scr_x%3D-12245933%26scr_y%3D-12245933%26ucis%3Dvl8kbq7k55t3%26oid%3D2%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26bc%3D23%26nvt%3D1%26nhd%3D1%26url%3Dhttps%253A%252F%252Ffinance.yahoo.com%252Fnews%252Fchinese-bitcoin-mining-company-delivers-084958533.html%26loc%3Dhttps%253A%252F%252Fs.yimg.com%252Frq%252Fdarla%252F4-10-1%252Fhtml%252Fr-sf.html%26top%3Dwww.rinehartfarm.com%26frm%3D24%26vis%3D1%26psz%3D300x0%26msz%3D300x0%26fws%3D256%26ohw%3D0%26ea%3D0%26ga_vid%3D1732835253.1679067148%26ga_sid%3D1679067148%26ga_hid%3D1184992115%26ga_fc%3Dfalse%22%2C%22dur%22%3A258%2C%22st%22%3A2966%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22first-paint%22%3A3006%2C%22first-contentful-paint%22%3A3006%7D%5D%7D&t=1679067149862
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: media-router-brb71.prod.media.vip.ir2.yahoo.com
Software: ATS /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:29 GMT
server: ATS
Age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
Connection: keep-alive
content-length: 43

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5A38 28 KB
28 KB 191ms
50ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s.yimg.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:05:31 GMT
x-content-type-options: nosniff
age: 167219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 17:05:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2D8D 16 KB
16 KB 237ms
100ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s.yimg.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 16:22:50 GMT
x-content-type-options: nosniff
age: 169780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 16:22:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2D8D 15 KB
15 KB 241ms
110ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s.yimg.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 91614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 14:05:36 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7DE4 43 B
260 B 68ms
67ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=0&q=0&hp=1&vb=1&kq=1&lo=4&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2F27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147231&de=278175055980&cu=1679067147231&m=2735&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=432&lg=1&lh=155&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=46&cd=0&ah=46&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=2060668902&cs=0
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CDF 0
0 106ms
106ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv77tgVIfImDf1JP21uOBP0dHZGw39z7Bus8GZ1qENg_O2JnxsU3fhnVAiPctQ78bOg76BtE6PAZMJ8bhHDgedd1LYogTS1oibpVgwLha8f_IdBHNu-U2gStZEq2Bnq4SzjqLwWCrbziYpWwOwF4VkOQtiWlIHUIkm76PAvcR5bZdoep84GRQ9f7p1jQVzAXuPxDdKL0ESkV4auzk1NID4AdGUlb-azH6l-JIqk1wXqVJytet0Xdk_57yc9p86Zayey24FlhrOXh4LrFB1OIPan7P4JDEoRNjRisNtQDqkd93AnX8eAAXee9eQctHIBkJnmiYOh0rOWv6kOgholov9li7A&sai=AMfl-YQb1dJf9_29aiumb3ZrBr9mFYsGpV52Wensp5tyXXctiFcZBPze-2n-oq8b3XFSgQ4zvmDOcyDUesjBLZ0&sig=Cg0ArKJSzBs7BEkKsfkYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com
URL: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 index.html Show response
s.yimg.com/cv/apiv2/default/houseAdsExchange/ Frame ED74 5 KB
2 KB 48ms
48ms Document
text/html 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/default/houseAdsExchange/index.html?geo=uk&size=300x250

Requested by

Host: 27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com
URL: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

d28377f1af0c55467353355bf408fc6faf7d9de21ddbf99513ccade70a2ea7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 49
cache-control: max-age=300
content-encoding: gzip
content-type: text/html
date: Fri, 17 Mar 2023 15:31:42 GMT
etag: "2387eef8fb3705efb7ac06493666e5c0-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Tue, 18 Aug 2020 14:24:50 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Origin
x-amz-id-2: yyHI45nqj6QZ5NH2BCWyVd7GfhQrfKw+emN5zGWXBJfz9TgApQDnBXVVhF/y+v/1f9nThKKCaHg=
x-amz-request-id: SVGTE2R2XPGMH3S9
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5A38
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

167ms
56ms

Image
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Fri, 17 Mar 2023 15:32:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7DE4 43 B
260 B 58ms
56ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=37&q=0&hp=1&vb=1&kq=1&lo=4&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147231&de=278175055980&cu=1679067147231&m=3052&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=432&lg=1&lh=155&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=164&cn=0&gk=164&gl=0&ik=164&ic=164&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=46&cd=46&ah=46&am=46&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=965117479&cs=0
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:30 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 92E1 79 KB
27 KB 86ms
85ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB2|562354421&brxdSiteId=4451051&yadpos=LDRB2&pos=ipemeafinanceldrb2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5c91e5a423b545e6cf71afe04e0888d05dbf73753666f25e1af5bc31ba8839ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27475
x-xss-protection: 0
server: sffe
etag: "1513 / 856 of 1000 / last-modified: 1679051457"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 15:32:30 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 92E1 19 B
76 B 65ms
64ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58301,58294,55953,55936,58292,58160,55938,55859,58222,57630,58309&referrer=finance.yahoo.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB2|562354421&brxdSiteId=4451051&yadpos=LDRB2&pos=ipemeafinanceldrb2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame 92E1 43 B
70 B 63ms
62ms Image
image/gif 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926551&grp=%3F%3F%3F&nl=1679067149993&rts=1679067149764&pix=1&et=1&a=229e1aebb9d84c70bc49d8122117cbaa&m=aXAtMTAtMjItMTIxLTI0NA..&b=MTMxMjM7RU1FQSAtIEFkWCBQYXNzYmFjazs_Pz87Ozs7YzhhYzNiMzUwZjBhNDM4Y2JjMzdlOThlNjMxMjZjZTA7Mjk0NjMzMjI7MTY3OTA2MzU1OTs7MDs7MDs7cGFzc2JhY2stMTI3MTU7OzE7MTs.&uid=y-QMHKvadE2rOWjgSaAvyxINQzh.C6qQZ.lGUZQT_JLDHD%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&bkts=NDIjMTYx&af=7&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=5
Requested by: Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB2|562354421&brxdSiteId=4451051&yadpos=LDRB2&pos=ipemeafinanceldrb2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 92E1 69 KB
16 KB 50ms
49ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LDRB2|562354421&brxdSiteId=4451051&yadpos=LDRB2&pos=ipemeafinanceldrb2&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=728&ht=90&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: QNY8TFB7PYCQHDCT
age: 201
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: NDMdEi0S0mvv/0jWCen+WuBm368vOg3+/kKlg6XH7Map3vY18TQhBBjQIYmV17G5OPrYRZcmHzM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A38 2 KB
2 KB 47ms
47ms Image
image/png 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 19:10:45 GMT
x-content-type-options: nosniff
server: cafe
age: 73305
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Fri, 17 Mar 2023 19:10:45 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A38 295 B
319 B 81ms
81ms Image
image/png 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 20:24:54 GMT
x-content-type-options: nosniff
server: cafe
age: 68856
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 17 Mar 2023 20:24:54 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7FF6 78 KB
27 KB 113ms
113ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC4|562354434&brxdSiteId=4451051&yadpos=LREC4&pos=ipemeafinancelrec4&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c893d71d5cfbf9c9a691589c30003d348c0b1ed93c5baf09fa6dfb27dc3c2fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27272
x-xss-protection: 0
server: sffe
etag: "1513 / 769 of 1000 / last-modified: 1679051457"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 15:32:30 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 7FF6 19 B
53 B 61ms
53ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58301,58294,55953,55936,58292,58160,55938,55859,58222,47,58529&referrer=finance.yahoo.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC4|562354434&brxdSiteId=4451051&yadpos=LREC4&pos=ipemeafinancelrec4&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame 7FF6 43 B
70 B 63ms
55ms Image
image/gif 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926539&grp=%3F%3F%3F&nl=1679067150052&rts=1679067149815&pix=1&et=1&a=b3ca5081e5a14e8ba6fd9f9979190ab3&m=aXAtMTAtMjItMTEyLTEwNg..&b=MTMxMjM7RU1FQSAtIEFkWCBQYXNzYmFjazs_Pz87Ozs7NTEyNmRjYzA2MjEyNGMwZDg2NWRlZTkxNzM0MWUxZDU7Mjk0NjMzMjI7MTY3OTA2MzU1OTs7MDs7MDs7cGFzc2JhY2stMTI3MTQ7OzE7MTs.&uid=y-QMHKvadE2rOWjgSaAvyxINQzh.C6qQZ.lGUZQT_JLDHD%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&af=7&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=5
Requested by: Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC4|562354434&brxdSiteId=4451051&yadpos=LREC4&pos=ipemeafinancelrec4&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 7FF6 69 KB
16 KB 76ms
70ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC4|562354434&brxdSiteId=4451051&yadpos=LREC4&pos=ipemeafinancelrec4&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: QNY8TFB7PYCQHDCT
age: 201
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: NDMdEi0S0mvv/0jWCen+WuBm368vOg3+/kKlg6XH7Map3vY18TQhBBjQIYmV17G5OPrYRZcmHzM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B99E 79 KB
27 KB 107ms
104ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC3|562354430&brxdSiteId=4451051&yadpos=LREC3&pos=ipemeafinancelrec3&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

31665c7c01527083a4492b70d9a202462499a041939f3cc381e02ec1939efd39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27471
x-xss-protection: 0
server: sffe
etag: "1513 / 115 of 1000 / last-modified: 1679051351"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 15:32:30 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame B99E 19 B
44 B 59ms
54ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58301,58294,55953,55936,58292,58160,55938,55859,58222,58309,47&referrer=finance.yahoo.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC3|562354430&brxdSiteId=4451051&yadpos=LREC3&pos=ipemeafinancelrec3&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame B99E 43 B
70 B 60ms
56ms Image
image/gif 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770829463&dcn=brxd3223532&posi=926536&grp=%3F%3F%3F&nl=1679067150052&rts=1679067149834&pix=1&et=1&a=5c4c544731a64e84b99ceedc05181181&m=aXAtMTAtMjItMTEwLTI0MQ..&b=MTMxMjM7RU1FQSAtIEFkWCBQYXNzYmFjazs_Pz87Ozs7Y2NhYmNkYzBkYmRmNGRjZDgxNDUzMjQ0ZjM3ODgyZWI7Mjk0NjMzMjI7MTY3OTA2MzU1OTs7MDs7MDs7cGFzc2JhY2stMTI3MTQ7OzE7MTs.&uid=y-QMHKvadE2rOWjgSaAvyxINQzh.C6qQZ.lGUZQT_JLDHD%7EA&tsrctype=2&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxQT0w.&af=7&brxdPublisherId=20459933223&brxdSiteId=4451051&brxdSectionId=96306051&dety=5
Requested by: Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC3|562354430&brxdSiteId=4451051&yadpos=LREC3&pos=ipemeafinancelrec3&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
last-modified: Thu, 16 Mar 2023 14:12:32 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame B99E 69 KB
16 KB 102ms
98ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: web-oao.ssp.yahoo.com
URL: https://web-oao.ssp.yahoo.com/admax/adServe.do?brxdSectionId=96306051&brxdPublisherId=20459933223&ypubblob=lmsid:a0V0W00000HOchMUAT;revsp:coindesk_75;lpstaid:58cd28cb-d225-3f64-a522-31500d475d2c;lu:0;pct:story;pt:content;site:finance;ver:article;pd:non_modal|Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc|1183310220|LREC3|562354430&brxdSiteId=4451051&yadpos=LREC3&pos=ipemeafinancelrec3&ybkt=_BUCKETID_&us_privacy=&gdpr=0&euconsent=&gpp=&gpp_sid=&wd=300&ht=250&of=js&csrtype=3&req(url)=https://finance.yahoo.com/news/chinese-bitcoin-mining-company-delivers-084958533.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: QNY8TFB7PYCQHDCT
age: 201
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: NDMdEi0S0mvv/0jWCen+WuBm368vOg3+/kKlg6XH7Map3vY18TQhBBjQIYmV17G5OPrYRZcmHzM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DAE 36 KB
14 KB 181ms
49ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response
pagead2.googlesyndication.com/bg/ Frame C6B5 36 KB
14 KB 200ms
67ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F2C 36 KB
14 KB 171ms
50ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CDF 0
0 175ms
81ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss30qc4pdA5Ky4ahLwZtBM84ya7Y0x0Lhiq7aK1f7BabWtkJ3gIwRIU65RJI8_HGRatdYsw78rh9Z3U_38McFubVGGwgLnp308g0A-LoB_Bg3G5id7UJ6f8qcxSkqNniZ-e0DV_NrvWK2UNq9HBOxLRl4zJz3oHm-zKv3SP2kAc1xS6kteT2vflFdVmVp9kQxvZhmtCA-wpwEdwj9Z42KW-bMxpfG1qmjJ3tH-xGK2KZ-Asmg_C1pUb4iyM-OfY96yPRaXzo5Hv-NmsvBWs1YyjgHH0AXQ8za5qG80_JWirH0aR1n4NZiQGPs7O7bjn7mad_A5H7e-Qk0jP5hJc1Mjl2Y-VGw&sai=AMfl-YT3IauvRw2ct8OcJ0ARUpOO5jClolJug6NVGNYuiL9kKX9oKc4cWR5DOUm7sJBqs1qGHT5o5-2SBHoVUnI&sig=Cg0ArKJSzKFvplhdJWREEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Mar 2023 15:32:30 GMT

GET
DATA 200
OK truncated
/ Frame 3CDF 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ec63d3cee297fa15b6e36ca69114f908ecbfe7c89f4e0625a84f6eb3d4dc29d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads.js Show response
s.yimg.com/cv/apiv2/default/houseAdsExchange/ Frame ED74 40 KB
3 KB 53ms
50ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/default/houseAdsExchange/ads.js?cb=1679067151

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/cv/apiv2/default/houseAdsExchange/index.html?geo=uk&size=300x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

d1d43bc5e2499d449c36abb0db438f7f5b7e58b44c568d351c2e0a8cd1bf56d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/cv/apiv2/default/houseAdsExchange/index.html?geo=uk&size=300x250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 14:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: KN9W5NWEF3GQVQ0J
age: 3525
x-amz-server-side-encryption: AES256
x-amz-id-2: u2t+Ptt2jdY/zoblkdfkKmbJbF/SVxNzD6XmEJ2itG3n5W38RYnSZtR1lLsF8XV10g6cGS0WNLs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Mar 2023 12:39:04 GMT
server: ATS
etag: "cd1384e79512cf4ba682a169951cc16d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H3 200 pubads_impl_2023031501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 92E1 397 KB
134 KB 45ms
44ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

010595716a334027c86b48c191484ca1ea5f758b4c239ffdedf69919ac480c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 11:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136785
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 08:36:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Mar 2024 11:03:55 GMT

GET
H3 200 pubads_impl_2023031301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B99E 397 KB
134 KB 52ms
52ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 12:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136873
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 08:34:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Mar 2024 12:48:18 GMT

GET
H3 200 pubads_impl_2023031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7FF6 396 KB
133 KB 64ms
63ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073179

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 11:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136618
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 08:37:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Mar 2024 11:05:23 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 92E1 83 B
255 B 72ms
71ms Script
text/html 34.243.115.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150785&de=698571943793&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067150785&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101985%3A26888736%3A-&zMoatBannerInfo=498041662&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830142&zMoatAlias=y402805&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1206018310&cs=0&callback=DOMlessLLDcallback_41767345
Requested by: Host: aka-cdn.adtechus.com
URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.115.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-115-23.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 6f7a221421a9db31bf31276a2f25df81368ab815ec5f822b1d917af2647b2596

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:30 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "f581eaac9136e1fe4ceb1038becd3fc533240d8d"
content-length: 83
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 92E1 43 B
260 B 62ms
61ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150785&de=698571943793&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067150785&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101985%3A26888736%3A-&zMoatBannerInfo=498041662&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830142&zMoatAlias=y402805&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=884617326&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:30 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 7FF6 84 B
256 B 190ms
190ms Script
text/html 34.243.115.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150920&de=523733359860&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067150920&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101914%3A26888711%3A-&zMoatBannerInfo=498041672&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830166&zMoatAlias=y402809&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1862015021&cs=0&callback=DOMlessLLDcallback_39679417
Requested by: Host: aka-cdn.adtechus.com
URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.115.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-115-23.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 9b0f5bd19b94b9bb307b1c49ec849938d78679587c2d714cca8c27ff3a4a3cba

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:31 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "e4f559c0b5d7955b7c0eb532e2f2f8260f44a406"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7FF6 43 B
260 B 51ms
51ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150920&de=523733359860&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067150920&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101914%3A26888711%3A-&zMoatBannerInfo=498041672&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830166&zMoatAlias=y402809&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=786050389&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:30 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame B99E 82 B
253 B 78ms
77ms Script
text/html 34.243.115.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150983&de=923361839278&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1679067150983&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101812%3A26888710%3A-&zMoatBannerInfo=498041670&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830146&zMoatAlias=y402808&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1315206755&cs=0&callback=DOMlessLLDcallback_60452923
Requested by: Host: aka-cdn.adtechus.com
URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.115.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-115-23.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 96f838c93651f504f8c24a5c7b43058ee9aa1e30b2320b0275c701bc0211d01f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:31 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "911205bd352e8d2e259e8c252e22b043eef5d2cc"
content-length: 82
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
apx.moatads.com/ Frame B99E 43 B
260 B 51ms
50ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150983&de=923361839278&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1679067150983&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101812%3A26888710%3A-&zMoatBannerInfo=498041670&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830146&zMoatAlias=y402808&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1332858655&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:31 GMT

GET
H2 200 UK_Yahoo_WhiteWineQuestiontime_300x250.html Show response
s.yimg.com/cv/apiv2/default/HouseAds/UK/20200522/HTML/ Frame A04D 259 B
495 B 49ms
49ms Document
text/html 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/default/HouseAds/UK/20200522/HTML/UK_Yahoo_WhiteWineQuestiontime_300x250.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/cv/apiv2/default/houseAdsExchange/index.html?geo=uk&size=300x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

6aeefa6462f12c949256e6eedae1aaa00c39e26d3c5c0a29f447e298dd8d3eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/cv/apiv2/default/houseAdsExchange/index.html?geo=uk&size=300x250
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 622697
cache-control: max-age=31536000
content-length: 259
content-type: text/html
date: Fri, 10 Mar 2023 10:34:16 GMT
etag: "1b21b0c64ea2ec37fad89674c2f1337b"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Fri, 22 May 2020 11:59:28 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin
x-amz-id-2: DpdhUdqo1Tb1E/Yh/73tGazhsC1julGHJ5ikKwRHdvjNWdhzK9KPlqSQMvPsnNLeU+Jop0tnjUQ=
x-amz-request-id: 1C65WFXY441C6Z32
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7DE4 43 B
260 B 50ms
49ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=37&q=1&hp=1&vb=1&kq=1&lo=4&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147231&de=278175055980&cu=1679067147231&m=4197&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=432&lg=1&lh=155&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=1&ad=1311&cn=164&gn=1&gk=1311&gl=164&ik=1311&ic=1311&ez=1&co=1311&cp=1205&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1205&cd=46&ah=1205&am=46&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1766374296&cs=0
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:31 GMT

GET
H3 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 92E1 107 B
122 B 53ms
53ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 92E1 107 B
122 B 53ms
53ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 92E1 19 KB
9 KB 337ms
337ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2993873594767416&correlator=1455580222191215&eid=31072029%2C31072879%2C31073178%2C31073204&output=ldjh&gdfp_req=1&vrg=2023031501&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=121124594%2Cad-exchange-gpt%2Cyahoo-nonmail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=2919979242&sfv=1-0-40&prev_scp=ADPOSITION%3DLDRB2%26SITEID%3D222418&eri=4&sc=1&cdm=s.yimg.com&abxe=1&dt=1679067151464&dlt=1679067148884&idt=2323&adxs=0&adys=14&biw=-12245933&bih=-12245933&isw=728&ish=90&scr_x=-12245933&scr_y=-12245933&ucis=ddljli89pq5w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&top=www.rinehartfarm.com&frm=24&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1425467741.1679067151&ga_sid=1679067151&ga_hid=1154060573&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2886e7730a496ea348ef11f6b77bc48c78872904306ca1c314cf465f650726d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8856
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5A2B 6 KB
3 KB 71ms
55ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:31 GMT
expires: Sat, 16 Mar 2024 15:32:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.pl/adsid/ Frame B99E 107 B
122 B 55ms
55ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B99E 107 B
122 B 56ms
56ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B99E 20 KB
9 KB 314ms
311ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1553720110423206&correlator=3950784706420798&eid=31072020%2C31073112%2C31073196%2C44769662&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=121124594%2Cad-exchange-gpt%2Cyahoo-nonmail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3343594225&sfv=1-0-40&prev_scp=ADPOSITION%3DLREC3%26SITEID%3D222418&eri=4&sc=1&cdm=s.yimg.com&abxe=1&dt=1679067151528&dlt=1679067148896&idt=2401&adxs=0&adys=14&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=7q5brl7dd5j6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&top=www.rinehartfarm.com&frm=24&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=641671137.1679067152&ga_sid=1679067152&ga_hid=1217700078&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c730dcc6034e3953cdd2ad7e1769dd692c43a2ee57c2b8b62c0a10f61755b4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8968
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 65CB 6 KB
3 KB 97ms
54ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:31 GMT
expires: Sat, 16 Mar 2024 15:32:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 7FF6 107 B
122 B 54ms
54ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073179

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7FF6 107 B
122 B 52ms
52ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073179

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7FF6 20 KB
9 KB 271ms
270ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1153669148437824&correlator=2764003610827239&eid=31072879%2C31073179%2C31071975&output=ldjh&gdfp_req=1&vrg=2023031601&ptt=17&impl=fif&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=121124594%2Cad-exchange-gpt%2Cyahoo-nonmail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=4093080913&sfv=1-0-40&prev_scp=ADPOSITION%3DLREC4%26SITEID%3D222418&eri=4&sc=1&cdm=s.yimg.com&abxe=1&dt=1679067151638&dlt=1679067148907&idt=2442&adxs=0&adys=14&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=gv91off7u8yg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&top=www.rinehartfarm.com&frm=24&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=256918436.1679067152&ga_sid=1679067152&ga_hid=1399063763&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073179

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

03518aada5ecf33e70801c928b493a96329cd2f787200470581acf2958737817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9377
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D9AF 6 KB
3 KB 85ms
53ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073179

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:31 GMT
expires: Sat, 16 Mar 2024 15:32:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 UK-static_WhiteWineQuestionTime_ListenNow_300x250.jpg
s.yimg.com/cv/apiv2/default/HouseAds/UK/20200521/Yahoo/ Frame A04D 69 KB
69 KB 49ms
49ms Image
image/jpeg 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/cv/apiv2/default/HouseAds/UK/20200521/Yahoo/UK-static_WhiteWineQuestionTime_ListenNow_300x250.jpg

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/cv/apiv2/default/HouseAds/UK/20200522/HTML/UK_Yahoo_WhiteWineQuestiontime_300x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 Meath, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

c367c34df7f218533f2f60eba8b46dfb29926b357126608d18a8d1ff08eb1018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/cv/apiv2/default/HouseAds/UK/20200522/HTML/UK_Yahoo_WhiteWineQuestiontime_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 23:35:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: AJ31N86KKTR8A3WV
age: 1094246
x-amz-server-side-encryption: AES256
content-length: 70321
x-amz-id-2: Z13ZKb+vrvMeFuvLsUQOrF/oZnAPIYj0QBuHf5viIZj36us5b55y2bj0vebcX7dXByWFSGfpXuQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 May 2020 10:20:44 GMT
server: ATS
etag: "d261ff3c3c506f6b68b65ea8389c390f"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3CDF 42 B
64 B 81ms
80ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6gLhaCqjMNhlfftZpG1JlQqIC4GoUXO-DxD4LNPdRl57g_78vVpyhrWAYWMffR2ikhByU5NcGlOyxp6E8S5IRbRJeViUON5eHDuM6VYWLcYVjnXgT&sig=Cg0ArKJSzDTjEZdEUwkiEAE&id=lidar2&mcvt=1231&p=0,0,250,300&mtos=1231,1231,1231,1231,1231&tos=1231,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=53201040&rs=4&la=0&cr=0&vs=4&r=v&rst=1679067148847&rpt=1641&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5A38 42 B
64 B 80ms
80ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlkPIqg6K27giWZZu_J_ZVB21LgZ8lSAkpGKrREgdexuvWAvUsq56cZGcwvqGKmaO_ohZqPFim6n8jSO0K5hWZhn7IBKb8By5pvT3l-KaK058qkuI4Ec-1dszIwVmIxVr8-hU&sai=AMfl-YQWfDqhIEb81tscSkMbjc9IN1e_VWxu3MZqYQGp2zUGGLV4FE8OK3_nbHmOEMr8LuffRcnc9tjB24-o&sig=Cg0ArKJSzJ3Z6u1xoUb6EAE&cid=CAQSGwDUE5ymuzGvxlpZkBezp16uqpK_33yMO8Tl9BgB&id=ampim&o=0,91&d=728,90&ss=1600,1200&bs=728,90&mcvt=1086&mtos=0,0,1086,1086,1086&tos=0,0,1086,0,0&tfs=1895&tls=2981&g=100&h=100&tt=2981&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7DE4 43 B
260 B 51ms
51ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=5&q=0&hp=1&vb=1&kq=1&lo=4&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147231&de=278175055980&cu=1679067147231&m=4203&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=432&lg=1&lh=155&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=1&ad=1311&cn=1311&gn=1&gk=1311&gl=1311&ik=1311&ic=1311&ez=1&co=1311&cp=1205&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1205&cd=1205&ah=1205&am=1205&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1761271635&cs=0
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:31 GMT

GET
H3 200 container.html Show response
f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 285C 6 KB
3 KB 50ms
49ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:31 GMT
expires: Sat, 16 Mar 2024 15:32:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5AE 6 KB
3 KB 46ms
46ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:31 GMT
expires: Sat, 16 Mar 2024 15:32:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 211A 6 KB
3 KB 51ms
45ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073179

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:31 GMT
expires: Sat, 16 Mar 2024 15:32:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7DE4 43 B
260 B 63ms
56ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=37&q=2&hp=1&vb=1&kq=1&lo=4&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147231&de=278175055980&cu=1679067147231&m=4206&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=432&lg=1&lh=155&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=1&ad=1311&cn=1311&gn=1&gk=1311&gl=1311&ik=1311&ic=1311&ez=1&co=1311&cp=1205&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1205&cd=1205&ah=1205&am=1205&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=662960116&cs=0
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:32 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 92E1 43 B
260 B 51ms
51ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=0&q=0&hp=1&vb=1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Ff5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150785&de=698571943793&cu=1679067150785&m=1336&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=98&le=1&lf=527&lg=1&lh=229&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=335&cd=0&ah=335&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101985%3A26888736%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830142&zMoatAlias=y402805&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041662&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1230645296&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8DAE 0
10 B 43ms
43ms Image
text/plain 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ajNAWw
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7F2C 0
10 B 43ms
43ms Image
text/plain 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?W0Gr2w
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D60C 645 B
321 B 86ms
83ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLjm3OMBMAE&v=APEucNVKki-sejuDbZ9jMulpFvouRjttjoGZVEDeGYPWb032Us45m1sXPBtbgpTHmNMn32ViZiDmnJ-0dAtj7zF0vTX1YruJof4RgD5glMQJ82cBa59L2-Y

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 285C 78 KB
27 KB 97ms
97ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 15:32:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 285C 42 B
63 B 80ms
79ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AnIjhdXycw93-_mUb-Ovfq0-Ujoeo-RSm1IKhNsYXeSPJZnXaQZzo3xrjiE5WUoYPatowFTkcGsDE1og5V3u_sAsEo-87o2SpQbPWOncak6RHVinU

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 285C 0
20 B 90ms
87ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9419217065652593571&x=1&ct=77

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 285C 3 KB
1 KB 47ms
43ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 13:25:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 285C 20 KB
8 KB 47ms
44ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 13:25:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 285C 158 KB
48 KB 58ms
56ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 15:32:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C6B5 0
10 B 45ms
45ms Image
text/plain 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8RmY0A
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A798 668 B
313 B 83ms
82ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL7j3OMBMAE&v=APEucNWkQEhcglnHn3s3_MV-8aSkur7NwMzAKdSsDlH-Ft19fcEuaEMR2gKbkkk-MxPVfOtUghsSzKHc_KSTvTPAxfwCcMXikkbwMZwG9Mdf6HGmZ-VoXEs

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 246
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D5AE 78 KB
27 KB 179ms
178ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 15:32:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5AE 42 B
63 B 88ms
87ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DXK14Zwelx_L07gWbdAyBFu_y7v-bw3CwZLexzLGyWhRguvsyZFaDoIG81xwekPqEjwSg1D7VFfZ8ODkmEF60ud5IJvpiNLLLZv7fNKBBG2yDGO2M

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5AE 0
20 B 88ms
87ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13098166238546232863&x=1&ct=77

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame D5AE 3 KB
1 KB 45ms
43ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 13:25:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame D5AE 20 KB
8 KB 46ms
45ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 13:25:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5AE 158 KB
48 KB 58ms
57ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 15:32:32 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1001 503 B
218 B 103ms
88ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL7j3OMBMAE&v=APEucNWQcPU-u05K52oXQbVld25bSaKKjJT7Y_3mL5kq8Cs8iFlIR5Mv-kaQb0vQxfA_n6fcN_z2u1--sbrS_-q4tnKPgAlMUllFzxBtOvQB1J8LSQcVDCk

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 198
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 211A 78 KB
27 KB 154ms
140ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 15:32:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 211A 42 B
63 B 93ms
78ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AyoOsBzBHjZdS_fFS33yK0mFncJGi0QVocfpM2IJg2iyEZPEXvZ0tQCJ_HzYS93FFIAkWBgj0xDK0bSIz4U8-PhEHHjk39MyZcj-6LGQzLdfiUEyE

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 211A 0
20 B 94ms
80ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14495044957231168393&x=1&ct=77

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 211A 3 KB
1 KB 60ms
45ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 13:25:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 211A 20 KB
8 KB 65ms
50ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 13:25:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 211A 0
0 70ms
55ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkXwPcFYJak7xaLef1_VdIOyKZvF-IdKDB6KVpGQVeOgU0vhJGSx2SzqZRfa4NwgWBgS71kcyDeNj8OZUzDESYcVlwDg
Requested by: Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 211A 158 KB
48 KB 72ms
56ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 15:32:32 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7FF6 43 B
260 B 53ms
50ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=0&q=0&hp=1&vb=1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fda01d550c5d48615848150885a12d039.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150920&de=523733359860&cu=1679067150920&m=1367&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=586&lg=1&lh=155&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=150&cd=0&ah=150&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101914%3A26888711%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830166&zMoatAlias=y402809&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041672&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1061462645&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:32 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame B99E 43 B
260 B 51ms
50ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=0&q=0&hp=1&vb=1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2F5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150983&de=923361839278&cu=1679067150983&m=1361&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=429&lg=1&lh=110&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=218&cd=0&ah=218&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101812%3A26888710%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830146&zMoatAlias=y402808&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041670&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=2077299549&cs=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:32 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D60C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHCB_4WJOmncR-WuBF9Qao&google_cver=1&gdpr=0

43 B
766 B

107ms
50ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHCB_4WJOmncR-WuBF9Qao&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLjm3OMBMAE&v=APEucNVKki-sejuDbZ9jMulpFvouRjttjoGZVEDeGYPWb032Us45m1sXPBtbgpTHmNMn32ViZiDmnJ-0dAtj7zF0vTX1YruJof4RgD5glMQJ82cBa59L2-Y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHCB_4WJOmncR-WuBF9Qao&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D60C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBSIEIDcoouT-gBojmZysAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHCB_4WJOmncR-WuBF9Qao&google_cver=1&gdpr=0

43 B
766 B

59ms
56ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHCB_4WJOmncR-WuBF9Qao&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLjm3OMBMAE&v=APEucNVKki-sejuDbZ9jMulpFvouRjttjoGZVEDeGYPWb032Us45m1sXPBtbgpTHmNMn32ViZiDmnJ-0dAtj7zF0vTX1YruJof4RgD5glMQJ82cBa59L2-Y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHCB_4WJOmncR-WuBF9Qao&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame D60C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEFmqH-6xtAHO_SjoBDQNdRg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFmqH-6xtAHO_SjoBDQNdRg%26google_cver%3D1

43 B
1 KB

63ms
62ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFmqH-6xtAHO_SjoBDQNdRg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLjm3OMBMAE&v=APEucNVKki-sejuDbZ9jMulpFvouRjttjoGZVEDeGYPWb032Us45m1sXPBtbgpTHmNMn32ViZiDmnJ-0dAtj7zF0vTX1YruJof4RgD5glMQJ82cBa59L2-Y

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:32 GMT
AN-X-Request-Uuid: 7d5adabb-42d8-4e68-935f-e98a96211494
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 176.67.86.47; 176.67.86.47; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:32 GMT
AN-X-Request-Uuid: b1e60c19-0fa6-45d2-9b98-e80b15b88d12
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFmqH-6xtAHO_SjoBDQNdRg%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 176.67.86.47; 176.67.86.47; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D60C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQzNTU4ODE5MzgzMTMzOTYwNQ%3D%3D

170 B
188 B

54ms
53ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQzNTU4ODE5MzgzMTMzOTYwNQ%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Mar 2023 15:32:32 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 176.67.86.47; 176.67.86.47; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c34f346a-745f-4f80-82f5-44101b96d64c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQzNTU4ODE5MzgzMTMzOTYwNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A798
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPqvacnZy9CvmLFTX-AS21s&google_cver=1&gdpr=0

43 B
180 B

56ms
55ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPqvacnZy9CvmLFTX-AS21s&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL7j3OMBMAE&v=APEucNWkQEhcglnHn3s3_MV-8aSkur7NwMzAKdSsDlH-Ft19fcEuaEMR2gKbkkk-MxPVfOtUghsSzKHc_KSTvTPAxfwCcMXikkbwMZwG9Mdf6HGmZ-VoXEs
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPqvacnZy9CvmLFTX-AS21s&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A798
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzVhY2FjODctYjJhYy0yZWI2LWM5YWMtNWQwMzMyMjNiMjlj

170 B
188 B

61ms
60ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzVhY2FjODctYjJhYy0yZWI2LWM5YWMtNWQwMzMyMjNiMjlj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL7j3OMBMAE&v=APEucNWkQEhcglnHn3s3_MV-8aSkur7NwMzAKdSsDlH-Ft19fcEuaEMR2gKbkkk-MxPVfOtUghsSzKHc_KSTvTPAxfwCcMXikkbwMZwG9Mdf6HGmZ-VoXEs

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Mar 2023 15:32:32 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzVhY2FjODctYjJhYy0yZWI2LWM5YWMtNWQwMzMyMjNiMjlj
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame A798
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
https://sync.teads.tv/um?eid=3&uid=CAESEB6LonSXWySFLSLrWeSCHyc&google_cver=1&gdpr=0

23 B
172 B

155ms
83ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEB6LonSXWySFLSLrWeSCHyc&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL7j3OMBMAE&v=APEucNWkQEhcglnHn3s3_MV-8aSkur7NwMzAKdSsDlH-Ft19fcEuaEMR2gKbkkk-MxPVfOtUghsSzKHc_KSTvTPAxfwCcMXikkbwMZwG9Mdf6HGmZ-VoXEs
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Fri, 17 Mar 2023 15:32:32 GMT
pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEB6LonSXWySFLSLrWeSCHyc&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame A798 23 B
172 B 246ms
85ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL7j3OMBMAE&v=APEucNWkQEhcglnHn3s3_MV-8aSkur7NwMzAKdSsDlH-Ft19fcEuaEMR2gKbkkk-MxPVfOtUghsSzKHc_KSTvTPAxfwCcMXikkbwMZwG9Mdf6HGmZ-VoXEs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Fri, 17 Mar 2023 15:32:32 GMT
pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2

200

sync
partners.tremorhub.com/ Frame 1001
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0
https://partners.tremorhub.com/sync?UIGL=CAESELcBc_bWt2mwlbTC08ct3Ig&google_cver=1&gdpr=0

43 B
183 B

547ms
143ms

Image
image/gif

3.210.74.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESELcBc_bWt2mwlbTC08ct3Ig&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL7j3OMBMAE&v=APEucNWQcPU-u05K52oXQbVld25bSaKKjJT7Y_3mL5kq8Cs8iFlIR5Mv-kaQb0vQxfA_n6fcN_z2u1--sbrS_-q4tnKPgAlMUllFzxBtOvQB1J8LSQcVDCk
Protocol: H2
Server: 3.210.74.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-74-157.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 17 Mar 2023 15:32:33 GMT
server: Apache-Coyote/1.1
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://partners.tremorhub.com/sync?UIGL=CAESELcBc_bWt2mwlbTC08ct3Ig&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 1001
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMpflAc3-kRP0lpbCDnR-is&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMpflAc3-kRP0lpbCDnR-is&google_cver=1&__user_check__=1&sync_id=ef7e9c34-c4d8-11ed-b7ef-1f0541440106

43 B
548 B

53ms
52ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMpflAc3-kRP0lpbCDnR-is&google_cver=1&__user_check__=1&sync_id=ef7e9c34-c4d8-11ed-b7ef-1f0541440106
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL7j3OMBMAE&v=APEucNWQcPU-u05K52oXQbVld25bSaKKjJT7Y_3mL5kq8Cs8iFlIR5Mv-kaQb0vQxfA_n6fcN_z2u1--sbrS_-q4tnKPgAlMUllFzxBtOvQB1J8LSQcVDCk
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:32:33 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 72
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 17 Mar 2023 15:32:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7025&gdpr=0&uid=CAESEMpflAc3-kRP0lpbCDnR-is&google_cver=1&__user_check__=1&sync_id=ef7e9c34-c4d8-11ed-b7ef-1f0541440106
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 121
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1001
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZWY3ZWE1MGUtYzRkOC0xMWVkLTlmOWItMTliZmQzOTIwNDA2

170 B
188 B

63ms
62ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZWY3ZWE1MGUtYzRkOC0xMWVkLTlmOWItMTliZmQzOTIwNDA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGL7j3OMBMAE&v=APEucNWQcPU-u05K52oXQbVld25bSaKKjJT7Y_3mL5kq8Cs8iFlIR5Mv-kaQb0vQxfA_n6fcN_z2u1--sbrS_-q4tnKPgAlMUllFzxBtOvQB1J8LSQcVDCk

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Mar 2023 15:32:33 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZWY3ZWE1MGUtYzRkOC0xMWVkLTlmOWItMTliZmQzOTIwNDA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 93
Connection: keep-alive
Content-Length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 285C 0
20 B 78ms
77ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=214450416005&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 285C 0
20 B 80ms
80ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=214450416005&version=m202301230201&ct=77&x=1&cor=9419217065652593000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 285C 28 KB
17 KB 95ms
94ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRyWiDHRSWQwj4HpzCxHtqTbp0klOWV2Khgzkux_mrB_zcqhEThdjU2-pRIfg952L8ANsK30kPgcsI3ibG5Eqh3MByhWLhGy9uZX613kDt3clOz6xZZ9P-0j2MhBPr0c2nedOrHt0Gadg-FTlkGzksJ-NgpCAWN5B2HWbJ6gMtlBxxMLI&cry=1&dbm_d=AKAmf-BjXUT2Vh1qdAz8KOmPtTiaNEP6spftF_uoKaacyDvfnc3EDg6_0WCqq7GsQN7vcTjkn2hXSvM37u4ijNUDA1lJXxwMmTghVb1ZcvQEwbQJYIbH9f7AsDfo1tdUwkpV9ftkAi2nGmzk1v-XulGARNEz6cIpjpG4_N7zzkKMZ_3WVWwsauCU2ECwwNxOMB1ZlaZyKuQ8-5FPAE_ULSMY9fPfTqNZQs06-Drlj16AzHk7NbZOQyCvaG-3D6AVoj0L_PrNYdbhi4uAdBJVHWtmxYhJNLidVYhqSsk9s9hNx-Di5aU3cwpA6_js5V54O15G-E0b6_nUgSPdzC3Q0Nn39zgZsvshCNcZz6M69B1ZV82M3PcBhw1--tO57WUUDFUe1SciU750lYxMXDZzrEW-B2XJxrW1l3567aPtqqpmdmUjOBg5n5uZO2fQKBKeiWB5z5QlDzAhiX2wUTZyWvRqwicGfZXgK9apRoafCImGGxCAKrz95EWBEYxtYyUDQPpTWoqUTjm8oL_0nvnC5XgxpbpnR58f3Hu1j_iuWmZCbVvyOSlJJJFzf-QlO3XJNkhylbnHE99aJ-VZAExH7RoiS3GgUr239U8NY_jZBsPLeebWoL03R-eali5l27fFdRd21Uq539CfsmAG7__FfYgjxhHiw5U7cq_RctY11Zjyo-6jgVLS2k2n4K7Q0FqcVHtaG1ncaGCeSmNpewH5U_QSMd1c4nZKkdPZEdwCTiZjOOIb1kXWFuXKxbMAPctg1CHpWWuKfehcVGQY4EOlOvxCwOSPNEqVycLGza9G9g0llBF5194k0nhhF4MwIAA2DbsCiMpZXN55dTfsYe21z9e09yTh-BvAUNRJop9yKNHeNLOG3SGtz9LHTv4cLLrQF8GwJJWW6zHuOiNHRVzudWzEyfEfZ3O9P8D3s09rHVVKOwnLadFaV20DpNdmff9Q1uG9RPe_VVK1uerSdNPzkhu2jvq_-RqTbnFhVuRYzJZgGJvhJxqghfYFE9s9_vN5tdJZHy57uLRmFC-gWhzGrH5wURkcGsrGnlgbHH-xlWWFla4J6mEDufIMb723Eq4w7ORu9J__jxPGnmik2c_NpetRBOPbJGkPV2To0k1-ftDYQSBAxkFV2etDFFLJiRpUQIOsc-v7va4Zqx1N6dAV3RHhlOOr6MChdALqcCprlJnr0xs_AuGT1T-NAc2GoeQrFxvwrdERdup2dPT4hOWrQarOOJ7INqFvlUropXVCwDtr-lWwwNkZsZ7haW9YD_1-leIjDvHIMHnkaccLZ5BfL8L_vrr8fyVG_jOElwY_HgrSk1dgal4f-UPa1jMxxK1VOTpe-Y1ROZkhCG1LSqZCu-AUNp2Rh6M2UHZC0CFv__XZawmQIwhHkdrSbu6SDAjJvkxPzJ6fUJmSlNXHQI1fM4hWG2ZqCIGoncdYmnBzJk4T7B-u90EVwLJ65B_6ZWsQLLcMeywdpoI-aHJQYwwCNS5oqn1pTg7pEdiB0c1YmYDXFfn7Y0sbC7b2rWPUAt4bSnk-emAG9wLNr2vRBQkmytfR1o_n6YD2lONsC103DdxhchQ2T2yFQGFjaa12ODgC1d9I5C3OoVgUwlD-FP9DPWu-6Tv79hsReomvvvqpRwmCtAgTakbDDQEIQKNGI1mRWyL1FpDECQgGydMg43PiuutOjVETDuIFWVAbKvnlb92qbGOMkJ9RWc3U5z08_xIxyWUctxuizt49VCut8t3uVXF13L3yQab_97-4MDmJ9hk6NAqXcWFIym5K4CG3W8mAlZFpKQILd536jglVzdtJbCHLJGdWn5BR14u5FYBpe0gav3jAOl-h9NlCHSxaUhz5cKlLYNTIV3ekepkJz0YDMyBQSDoenvLjvA4MtAMuF8blt1_s0A1Xr6Eb98bsmbVAcRXHSJrt-y749nqGA3faFsSd1Xt1gKIQX6eizVAA2xEP8Ev6R-GfwVvzcDmvAvJEnTAakdkKDm3CXZovYO7sGsVcY2XCq_jHr5q_rb0CREzlZ1KAPB86BCNcr7rdafK563_zPoPO1E3WsWckdgBtylevVmtXTsdDhox79bUC6n-SZ7XxRWe1nPO54K_BJaB9L0dLdL4SY__cMW7rweaesopSIQUfYJiglOaq67Vp2vGR3f1KvUp1flwrtuzeYJfIJbSAUrfnv_VDd6CgH7gx8nXtIejKpZtHxoDfR7xRzSKBV9oYaIMnWWswkLxabED6YgHhzFYikKzwe5B2L1Xv8eSAdZoLz6_S66OJj0oJR9eWkZE-qOKJNcUbqFi4h5fHIFRgwqUAeqmnXuhiCZhxeXzZZDwHWiPSczy6xdiLXoVQiCrbQ0StcAuarWwTv5udmtUxTlpqj3JUaJkGCg6hDQO-dsdOdd3ACTTTCzZbX4jq2os0AkRGwStU9Sq8FO2A-cRoQnW7f1Ve-sdaKx99AmSqnOGurOTgcv8thBfdApjQvtfTiqOIYl2qNxo73f8TIGvtjOAS3DtW5mBP2mQS22o59BTQexeH73REcSOsiCirLrIcJd4u7zBpViMGxRMjvEfUGbXBfdvUkGvk-KQxIyeiRzryEnai7GDwbLvPEji9PGb9O8i16K3S0OUEwOtjHhBE_QpSM0kraBRnwMMGKv0qa2G-1mnd-dk8JZNDMcsKjQxCPdp-81DsH34m5z-B4BrUWJ8O902nVWlTr_AiIqx8ktLirWKcKfiND_MzMZJmVVEDGk418WnJaxgV-aM_vB7_kTqo_xTJD_TB8r9LJu6gssPcil_DLBiEyoIuBEalARrDEzDVIDsv3eTRkvA0-1W0PunbMD0qCCGJZ4NWu413QzQf5EG0xTU971FQVdWxQR62zUNq8ndpiuzYMEDKLkVJ2AUfensbEDeb0-9Lh2-63kcsZSG7FjSSjTq3rfv-1J8EHnQfIW5pgZ5J-nTpiE6IQsqDVZHTEf4GJKjBGBVEdNuu0GQicT0GzORXUVPj0wFscqsiuv0Tv2Cw1SBKRl2r1lPrkEe_9Ka1BdACZoMRrbtfL2iCEOvFrbKNE_Z33Bd6ZuzW3E6tMFEMAonfSGgwDLn6gkygPoDazqH1zLg67WzJ4YaH8onbCk_4taWYgjGvLuGRm1zVGjLmNBcNWXECGwbSALccK3KYmvtCRKrKYWVTkej7q8rGYN2_hQngz2mR3S4vf1dwAW8XkqSsELvjM322QqTnVzO85HFLXtD5eKwsSLqMnGyBfKKQRSeYw1QqIWPwtx4T0L3oas-wxyTSQ2eLhPUliw8ql8C8O2pmPWoLBnRQOZUAgxNB6vHvS91m0km0N2E&cid=CAQSKQDUE5ymXfA4JiwvWngqv_RQC0tMDCC-hjAlXzFGhWSd-SfY1tNKxHmBGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.rinehartfarm.com&ds=l&xdt=1&iif=1&cor=9419217065652593000&adk=2191498966&idt=116&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c11192f57c358070871144f88e07df44fb0df9f26d047a3e12d46b2a41308954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16922
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5AE 0
20 B 78ms
78ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=738080863156&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5AE 0
20 B 78ms
77ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=738080863156&version=m202301230201&ct=77&x=1&cor=13098166238546233000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D5AE 28 KB
16 KB 89ms
88ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0YBYfdkK4A4cAfQSLJ6FKPuvnTBqz4NkAftgmD-IRW57VlugToYSLbxJB5qgzrBQV4Xhz8fynsqd3uF-xXY5xIKBZD4DjyEP7WBRwo3ZDMs6gDo4_1sN6aHmOxHB43FSpGbPGxBRGYwpe6PPpj8S82JILmLBEPEsZfTEn4SiTlb0bMxM&cry=1&dbm_d=AKAmf-DxiWvIXUrspbKQIbg--Jev13vE9_oUwmUaYd6AK1YCVs2fht9OT3C_9nMrF_22SoHbofIIXjgJw80wzOsfvChpgKj7cVdZUPC5YR9mvYji7LKMGG615yvmaiOcvDf7tgwOhBZxaJzGg8pj7uywuHuCIYyaqXs84DPaqO0TaI24ill4Yu9STZbYdo3h6BQ30S7853CAh07DxykLjH0aR2aFqAZqfL-zfA-OnGOd-MN0CTxrENgD80xuzFTWqk4f0C5RuaGE6YWc4VY8fOpAozmciCubGAhA9ESvpZT2JV8rkwjW25IMLd0anuEgb8PNIf4hWwT9pgFNB6lfwEePP1hFQm1dv-p3W35YIUMA9-FhS-6crtN-_c2cqEptihuqRsOEh6wODk930tHCawQG1b6NQNDbC8mD4z9rdNO5eA5xmbsOdHoQ1H3r2JYM3UPf7HrQXavszm9CVg1GsfffELYvXWM18Pp73DByjzkCfYAaeexeMCqZysWufmd99dBtlylabiQnmjH-O23i3GKdkW6LXxHfbqiDjuNte_c8wLXN-ZIDzXenb2fNz7I71zxV5D4HeoDeOGGq-W7WhPvXhDYxbOdkHYXC1UCFOQ5NXjQ5W-zQIjZXH0T5bUTtvTj1z2CIFftrHolGTzdN_0e6DVF6RnF2JtsI1TTlM_-C3WbliASwAV3kyD-n2F3M4MmS2iwDV2XP3LF5IoGq-DsDgbSspCAnLZW98ojjdiF3un0pi3Q8huu-jBMEg4I8MVtWVKfOH7jSmB2J8NJZrbJKOvT6JWDRlVc-JrA-OweMHexnh5xPdzwZ-PfAedKnP4T6Mku6prT9DRIjcegtVV7oA2-ZfNq3B0-74VmlAy0mX50xtF6cIAs-UtR6k8225NqnHX3ZHg0a7yINSwPfhWDGo_eewyG8ZBnh-UKkUyRel-1kewKwdt794G9p2hzryotIpf3eqgSN_otybcknuPDprRPaVgFKdTXgEJrtP-l-g7MwKNeS2pROHioOQo3im-YMMpQcomMsDBZZd0GO1NX_HboocOVOcc28c2aaXfcywdhW4rCzKOXazAJ2V8TQlnYg7XnCS719i6pJ0Ox8SFC83nkzRfzSpRPdD-8Upf17UvHe838OvvnvAeTaWvqeUNWPgqpvmJJ0bumhasssjl7gNN0e5T9eE4-q7PkkLkma4LqbCY7fw438456JwCBTm_YyKv8a56QLIGggyo47LCox2BXB6Pkb1GSW76q1WR7FAUrbsgTP5QxLwrzbn7YlvPHdKDg34KG8R36s8Kat7ArbP-4kPREwE6k5z9JkzTTQhVHOVi1VB6_o8QRByCHLzVi2J-6vM8saMtdD6erKUuqHtNohb4uMCa127KhT8_rAyU_iSgcKYwXvR-0Tpx4UXLBKL5yUg218URWbwi0Kvx0KEgqAPi1clTG_6p6cmkkmeXle0gKOGi6nTrQdcGT5BVSlTzN0Tza1gkZ1GzhAV-SRkNiXj7u6lhVdcTpHdhRnaMyDM4a1k6vGur-pSUWAaIXG5QsJojCLDHnabJdX6dU41aKQ9Ox5QqhgixCiWEMbexvv6DbXrv9r_UB6ZO7MQRPU562aFio31ToQce7C_Qqzyr7iII_htR8M72yMAaBH-7UNEZZmHmMdp68yONjYe9OG3kv1biTklERmBh05NOfGe2kaAlynbTfp2rqQhgpP3_D0gkt38USpO6ACJZlNSbhl2Kt-cjoCjQSyijAInwRRbITEFnnMt9sWKAKwidlSvnw4R2VpXZJiIrtS1PFIl9-MayO-sQKtAO8HaGp-g5ak_S7iZJgc3OdizU-o7xQZQKdgq8UzGGT0xxAlxcAmuWTbeng-WYLVkP61irz3sWrZo3V3-ryiKx3SAF-V1avR-F7__nGtFxtlOKGdSP4_y2iLuoCg60GEvXUEGYzYZyWrfB_uf1WruhcbpfKVeNstWzQLGN9QgBFzCCAK8D7a4PPjKserfNSPjsDpadNHvipj0adT99LTGXNB_pUkFwk5iYpTV5FyAlCziwIbktXmXggZPzNvT5RnBZGD64TB8VNvkJbpGwFUlWKi-GK-dtvBaXV7Vbs_28FXCJ2MkE_jaRMqKWwmgLAtHI6ArIvivNkquAjhPLEB0Dj4QnTe1EYDgEi3jpMK_rrfksbPqjVOU3egaB9Xl1mDED9zT2ohGVjzu6sWZbLc4nK7-15iVLDGNmaRVmeUoeNHkt8ncvfBSbdDI9mgK_nusBDC2AG3XemT2QydEimpS7bZcJQ-auHwmXt5bo2uvUACQsr4mEh-42p89SHJU9enSSS8hGKEgNxdNxKorKA6FmSlnHW_AHUBzpsR6Xo1CVQrX65fomDwPCJixozvwFjZi6BjE1Fg-mIYe10M_rYQqzoxUHe6lRbWwgtcJPiEimuVLxgwDosq0LXXkAcBrJT3SkyYQoeXSiqJWbIqpMVNonNEnBdpPTxzFkqrwxVeeDs_XsgAgwCoVBHIbNMkBj4Tit4ExZl6IXOSNbJFTWM1OqD5801acRuzE4vGqK7h5e6T-J0PLh7lfM9gUUEnhrDjMgl_4YRRZyQXhF62dF3sRyvt5IJURwl8jZUm_cFDpIdFbJfXCMItf7lWsiA4dPqjR3PvJYKEeUMRIsL_SM_4qKXjHtit560hK6XZaPMcoOw2LR3aUxWjVXyP1_s1TD5Jz3cmdLH-KI7xQfgeB5LEZB2RumzNTbDmVvCrVwukkqleDF7HTEcCkX1kSeQnl1AkLK-YktGoJ-XZ-hNCfmz9x15ccbiLAHnWurRjIQEkc69dopCI_2QQkyOc7Z9kz7YTClxTRdiW1ZyzeViDPUbo59G3eUJgTIWDG8IaHItN461j6vC_wDEYpvNl8SYKGL4o91djC8MXOU02yT4KtKbr66xyFL0Qsp-tf41fOTwz-DvNHW_0DH7T5gTVt-yjkBEHEbQWTKbaFTlIOhkpT9Imf06bUvHD_l8IRWr6fgT6MpJldMrkekGI3DywFwPySR95hRvleEgFk0fKZ3-DSYGQz0oEugk8muO073P0lWoenyjIvPRiuH-6IIKeA3J0wY9DixZ3Ls5ua0r0Kat6hbeI860E5jeM6P8fMbutRAKpRHXS-jA6bAEdsoooET-pDWxlLf5rdqEbILVWYlRso7cyQPLqBq_YMWRry_qNg5y8tIFtuNc_UkZkZc0BGRBbaAPNDF-yAdlXcL2-2ITpYkBwTasw2zlTQyqXOBIDiNfGhO2es0Ipr80NGziZZDG4ORdIO9gKWLjfSv1brtTmbW5PkkEMUQiTCOWTTl6uiwzDwPRLoSSj-Qk199VOamqnzK9m9pVXvPQCkAwiViGTRAAEeZAMyaGZthPMcDFbfyiCpyAQu9ItLdE3UL8npAnozYT_DeoLf8SSICzXnlhBB5TRxw&cid=CAQSKQDUE5ymAmTmNiccnEDp2aYSTcT3FXffOJUJIzAgfWJUB9Umyd8oFXuOGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.rinehartfarm.com&ds=l&xdt=1&iif=1&cor=13098166238546233000&adk=3336693039&idt=198&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

37eb6b336a6d92f1078d555e5c131af4526307dfc4d9fdf8df94b3a0882d2d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16809
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 211A 0
20 B 80ms
78ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9075981397925&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 211A 0
20 B 81ms
81ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9075981397925&version=m202301230201&ct=77&x=1&cor=14495044957231167000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 211A 28 KB
17 KB 80ms
78ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ap8RfGqOwHSB039_VyAPdhJ_YmcWAgxjdauEjzBRKcs9kSyo_YMODt_ciMyZv9tgkyNEBi7ic-EvsnuhLk3bszUVMT05TooLJDXfQL3FwNy3hFAH4d1FZe_QzUj-srZmfT-apwxzzkaXpJgueaxMBQMUh2H14v64LRt5tock1PDiJ9HOA&cry=1&dbm_d=AKAmf-Ah1SJ3nqnuDGqKOHp92fOoDu0_sv4tk40bYbsQRv7fNJPGzx9dPJQsh2tKPX3FCOfYuqaiHVtJSy1AY-OdEHWf_WssrlWHVfW2_lpYwvGvg-tepJI7HQVUU-scQ1-Zx-PHwmo2qgPcWm_oCwHjFZ011cXsTvtyHMWQfF5dhu2CfNwm1zgxzAqJ0cHFBy6F7oMu7fJZpqFQm2vDMlzJEl925IjHl2lVtVBbOqSpt9JJ3boc32nUdeXyyl7_tnYdYXz5zW3kT_M6FVE8dng0x5uyowaOjWgQlnhUSdIXN--kP2i9nkhQvZzkOz9JAu5z5cAzurVWThU4fuW16ejbmXwL3enyxDeO3ZKqLdqmcH3G1vbTt-yMrTO61JbBMLxzSbpmNqaMutXHzQwFLviJgmsfnTOcspnrhVRd7n4VGklJoDlPRY4CUfMbM7viylSoz2PGiN7w8RGQpXYcaTGN6Ob5JXq4dROA34_jVGz_aOjp63F160pLYVm5jmKg-7wwUpkCDx_OPQLdkN5JWf2qxkVTRr2Nwfyypc1CqH7HdBazPD0MpwLPENL1W5WUAzcVm7OK9SsR6IXHD_MVZMWZNL8X_ipefxrmt6yyE4jjN0uOg2wqQJ66_dSTgIqD47j3-zw5rRATktYAVs4VPCODuXN4_a2TFWHt8VBXokYo-JstSlXDPYwfw4EDY1NOQEgWda5ULc293WeCfoAxGtl6rCwnn7Y1qhzugLkc5BvoTvmhd5cAWi5Ci2Z2npy5XDNaOYWdMK1DIJHm_tvRZSz08gBAnALFwyq3GkvgqCf4M0Qx6I2PPKs8dWrIPC3SR6RdzbWwhlWhh52hWZFg6g6MY57BAxd_NaIm_oPy3xwhygpmHTxXsJ7BlvYe1zqH0ZNJCSgUBAE9j_meS6SK0dSr4gX5f3NKzrW8KPQZ5aTm6lhNmd1a_AqO6DeWqDGFfDLIxrmOcBw1LeG-mRcEqjEI4Xn_CyPX3n_jsOxpg_MzwhtduCPEExYLfVIW2rTOCsy2rdhukT6GfGycUIhC8B-hfaD9oN2H77wnoVQaUO3iwi02u_ER6dpsNL0zkt2GOga9FUCUxCu_6hsDUYfxlqNBJLV9DokSOgcl1JcYB1fEfCbSkYoxGpJhjh--cITM4FGJz4el-hdvvIlAP8JY4jKjlKZ6kiUAWmdM_Xw_GCvOfRdDqlYusAVSqByGfLyehDV_3cFbGEDJcNF7Un7IlPEnKGV1LA8WZ422CJD2KjnM8wvl9V5Ll6mMTmpuYNu3KKfSQ_UFUVim7YxOvCkSTihcdrewevIBKrhv8Ia302O8_pcbA4Nn06ERlvOmBVSfuA1FVrdxBfHN23Om9Yq2KecOpCiUKhjSz2arC1nodWYkCfIrkGXOZGCccJUQy9k3L-O2Pwvq_UAeoNER71wLKj6T3-4lfNlmnPtRmPkf7nbq1sAE8CYXxh1nPQcj4ZQn5Pwazheixht2GVxAQ-o-0X-hCskwe6XToAnYDLgV3slc6jsMoNkz-PF06yN9lUa__AswWHS3BrrdVNovAsSM60iovtcvhT7m_grwSVhTuXEwRUFc_t4MViJi-ZTNRHDQk-78tpuIbfuphZKNc-MOktGeeyClZkIbnY2ywC8Reqnz1yIOhZyhjq3HNCbffIqVGAXZWI0Sh7PtzG2fl9GvYtwZSjr2LUNFb4k8KV00jjgjYY3j0saTxM63h4bTSbEEpP5-g-r_oZBbvst94PVrh4K3If2K_kz7f-d2xcZb0I7r1-KNHKgyceDBj_Y7rR4Tw_4opQtXYbHGaK4P-KobbS5-eV_oxzy3vCgUJJAOCY9NAfiPrk25pYe6flPEKIhLm26GGFOOYeZd6F6qeS5-azEWZFZ185xkelQ_T0z7BU_wDaHSQ5FDpjAEzsG8VHysNFNzFDt3yq24Mb8-qJIFmmGPgBbgWJ9Ti_fje2Z8FMy-Cam22awX5Aje6AGmojXfpbQcTt8KkMz6uLNerR0UXHGcUUC410A5Ndyh9QLdvoX9zDb53kSHMToM1E9LulaWx6ytFW_uB-MSOZ2PwhlQ_4gYqsdaEY79XcEwsMQP4jtK-X9E68dt5wHQpZEKJto5FEogMuE3RIHUcRB1Ine6iWixHA8FuFJiO1Pza6Ta2ZwKqnF05djq3TFLrME6pj8c3qwI9rDm8AKedi9YgSs1bxwLrS-rKu1DjWOodhs8rdgw9gTdXFvY-zfZRw2zfRAjCgnTrNhAgm5DRelSpmJ_2OhZi8xAzqwmZLSG-xqcXT9-AQy9qebEbG8O9bi94bK4ExJNfiVUHv_moJsWm1X551119KHenXE2vKc8pgwsXJ3X37-1bsPSgQ6J-gkyPwIq6_AG501Lk1gPXNCtdeaDjVfyoTc3aHb7aX1v4W4A-dRpqmOG5yI1SqyrlO0yz7zzqYpyDVGJuJs-OFTmUpBo84lrl_qVbh-GFTyRsaFCamIkeWnz81LsA2tQVeZO8tcUvtw7bkVCOf4XuN0xHFarqWfHJRs-fhivhQ_v0rW58E-GhD06IytlmElN3RaDx5xVG-2qI9lN7leVTw_qMXdLYY7NvEgnjIayVTzc0BvcGlMphWVg1KujoZuuqxTYE2rzqjXYn6DMTfdra8OXMNiBR8hdS7GN12i0dZ6vhZLJVHQTZgA30MtCX3CBOJ2_DEsCbqoqyC0tuwGb_np6aVNbSVYmf2DyZN1FgcCvgBbhY6N9Urx3f7qT96snnoFRo9Mt3Q3wv60MvZO4BjnASFr3ZFU96iWR6xk1eXHEZAYkfTSuu5g_22rak-NcfFtaPBIztiprSUCAY0E2o5gsiAM8fAKPQUGMoDg94cEyRgXEkyPC9Mli6NrV9x0nEezPo1br0zh8tJJ7d4G03EaK17_llUddb2wcj9Q-cLEj_oh7V-pjrDzNq77aur8ILQh371SYer7e7T24T5_gDshSDDOeCy1zY549VkQuRc720J_a3Vl_2puM-B83BOOev9uu4sT183kLU-msHrcrSMzOuTtCpr5vZvPyZolzm5AuiwcTiVX1-oTnUIjGRCXyRZdBzVVi9OV4nS4BFeyNEyiYslyB45PYBR8umHAJ87-0JSTdXhqMFgGM05XFACZBHRsiuQelUGy9-bQXzur5G89vvCQ_XbyC7eLFxYFH3WcbTkhrFvE7_4oEbN8ugWXhCLchHt1SElrzz9akQ-txt6BP0CDtkJZpud5OtBPw_Rkv-UTZPhYUySI20zIxi5rX7egD3V1qm3EHe_15zAXMH3oYEeOfz-Z9BOC6vPHnCWkCtal6zgwSN3zxJuX4y6RwwltKa25X_SeHHDnCdUPXHAyrpG7pEN3T-iPwk_vkfqtIiBse9nJu-1IvQJEadD-9PVmVsBMeJDAqURYV0GLHKtsj-abQZSkEYjR64LSAPw&cid=CAQSKQDUE5ymHuoO-SplsPF8NscA88tN2xbFj0q7mSveDS-LxhTHz6feYz7ZGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.rinehartfarm.com&ds=l&xdt=1&iif=1&cor=14495044957231167000&adk=608880704&idt=197&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3c56a32b9ea8908bf4bf80cbd3f4739ffa8de66248c9d200407d0280d1a889a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16943
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 285C 28 KB
11 KB 47ms
46ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRyWiDHRSWQwj4HpzCxHtqTbp0klOWV2Khgzkux_mrB_zcqhEThdjU2-pRIfg952L8ANsK30kPgcsI3ibG5Eqh3MByhWLhGy9uZX613kDt3clOz6xZZ9P-0j2MhBPr0c2nedOrHt0Gadg-FTlkGzksJ-NgpCAWN5B2HWbJ6gMtlBxxMLI&cry=1&dbm_d=AKAmf-BjXUT2Vh1qdAz8KOmPtTiaNEP6spftF_uoKaacyDvfnc3EDg6_0WCqq7GsQN7vcTjkn2hXSvM37u4ijNUDA1lJXxwMmTghVb1ZcvQEwbQJYIbH9f7AsDfo1tdUwkpV9ftkAi2nGmzk1v-XulGARNEz6cIpjpG4_N7zzkKMZ_3WVWwsauCU2ECwwNxOMB1ZlaZyKuQ8-5FPAE_ULSMY9fPfTqNZQs06-Drlj16AzHk7NbZOQyCvaG-3D6AVoj0L_PrNYdbhi4uAdBJVHWtmxYhJNLidVYhqSsk9s9hNx-Di5aU3cwpA6_js5V54O15G-E0b6_nUgSPdzC3Q0Nn39zgZsvshCNcZz6M69B1ZV82M3PcBhw1--tO57WUUDFUe1SciU750lYxMXDZzrEW-B2XJxrW1l3567aPtqqpmdmUjOBg5n5uZO2fQKBKeiWB5z5QlDzAhiX2wUTZyWvRqwicGfZXgK9apRoafCImGGxCAKrz95EWBEYxtYyUDQPpTWoqUTjm8oL_0nvnC5XgxpbpnR58f3Hu1j_iuWmZCbVvyOSlJJJFzf-QlO3XJNkhylbnHE99aJ-VZAExH7RoiS3GgUr239U8NY_jZBsPLeebWoL03R-eali5l27fFdRd21Uq539CfsmAG7__FfYgjxhHiw5U7cq_RctY11Zjyo-6jgVLS2k2n4K7Q0FqcVHtaG1ncaGCeSmNpewH5U_QSMd1c4nZKkdPZEdwCTiZjOOIb1kXWFuXKxbMAPctg1CHpWWuKfehcVGQY4EOlOvxCwOSPNEqVycLGza9G9g0llBF5194k0nhhF4MwIAA2DbsCiMpZXN55dTfsYe21z9e09yTh-BvAUNRJop9yKNHeNLOG3SGtz9LHTv4cLLrQF8GwJJWW6zHuOiNHRVzudWzEyfEfZ3O9P8D3s09rHVVKOwnLadFaV20DpNdmff9Q1uG9RPe_VVK1uerSdNPzkhu2jvq_-RqTbnFhVuRYzJZgGJvhJxqghfYFE9s9_vN5tdJZHy57uLRmFC-gWhzGrH5wURkcGsrGnlgbHH-xlWWFla4J6mEDufIMb723Eq4w7ORu9J__jxPGnmik2c_NpetRBOPbJGkPV2To0k1-ftDYQSBAxkFV2etDFFLJiRpUQIOsc-v7va4Zqx1N6dAV3RHhlOOr6MChdALqcCprlJnr0xs_AuGT1T-NAc2GoeQrFxvwrdERdup2dPT4hOWrQarOOJ7INqFvlUropXVCwDtr-lWwwNkZsZ7haW9YD_1-leIjDvHIMHnkaccLZ5BfL8L_vrr8fyVG_jOElwY_HgrSk1dgal4f-UPa1jMxxK1VOTpe-Y1ROZkhCG1LSqZCu-AUNp2Rh6M2UHZC0CFv__XZawmQIwhHkdrSbu6SDAjJvkxPzJ6fUJmSlNXHQI1fM4hWG2ZqCIGoncdYmnBzJk4T7B-u90EVwLJ65B_6ZWsQLLcMeywdpoI-aHJQYwwCNS5oqn1pTg7pEdiB0c1YmYDXFfn7Y0sbC7b2rWPUAt4bSnk-emAG9wLNr2vRBQkmytfR1o_n6YD2lONsC103DdxhchQ2T2yFQGFjaa12ODgC1d9I5C3OoVgUwlD-FP9DPWu-6Tv79hsReomvvvqpRwmCtAgTakbDDQEIQKNGI1mRWyL1FpDECQgGydMg43PiuutOjVETDuIFWVAbKvnlb92qbGOMkJ9RWc3U5z08_xIxyWUctxuizt49VCut8t3uVXF13L3yQab_97-4MDmJ9hk6NAqXcWFIym5K4CG3W8mAlZFpKQILd536jglVzdtJbCHLJGdWn5BR14u5FYBpe0gav3jAOl-h9NlCHSxaUhz5cKlLYNTIV3ekepkJz0YDMyBQSDoenvLjvA4MtAMuF8blt1_s0A1Xr6Eb98bsmbVAcRXHSJrt-y749nqGA3faFsSd1Xt1gKIQX6eizVAA2xEP8Ev6R-GfwVvzcDmvAvJEnTAakdkKDm3CXZovYO7sGsVcY2XCq_jHr5q_rb0CREzlZ1KAPB86BCNcr7rdafK563_zPoPO1E3WsWckdgBtylevVmtXTsdDhox79bUC6n-SZ7XxRWe1nPO54K_BJaB9L0dLdL4SY__cMW7rweaesopSIQUfYJiglOaq67Vp2vGR3f1KvUp1flwrtuzeYJfIJbSAUrfnv_VDd6CgH7gx8nXtIejKpZtHxoDfR7xRzSKBV9oYaIMnWWswkLxabED6YgHhzFYikKzwe5B2L1Xv8eSAdZoLz6_S66OJj0oJR9eWkZE-qOKJNcUbqFi4h5fHIFRgwqUAeqmnXuhiCZhxeXzZZDwHWiPSczy6xdiLXoVQiCrbQ0StcAuarWwTv5udmtUxTlpqj3JUaJkGCg6hDQO-dsdOdd3ACTTTCzZbX4jq2os0AkRGwStU9Sq8FO2A-cRoQnW7f1Ve-sdaKx99AmSqnOGurOTgcv8thBfdApjQvtfTiqOIYl2qNxo73f8TIGvtjOAS3DtW5mBP2mQS22o59BTQexeH73REcSOsiCirLrIcJd4u7zBpViMGxRMjvEfUGbXBfdvUkGvk-KQxIyeiRzryEnai7GDwbLvPEji9PGb9O8i16K3S0OUEwOtjHhBE_QpSM0kraBRnwMMGKv0qa2G-1mnd-dk8JZNDMcsKjQxCPdp-81DsH34m5z-B4BrUWJ8O902nVWlTr_AiIqx8ktLirWKcKfiND_MzMZJmVVEDGk418WnJaxgV-aM_vB7_kTqo_xTJD_TB8r9LJu6gssPcil_DLBiEyoIuBEalARrDEzDVIDsv3eTRkvA0-1W0PunbMD0qCCGJZ4NWu413QzQf5EG0xTU971FQVdWxQR62zUNq8ndpiuzYMEDKLkVJ2AUfensbEDeb0-9Lh2-63kcsZSG7FjSSjTq3rfv-1J8EHnQfIW5pgZ5J-nTpiE6IQsqDVZHTEf4GJKjBGBVEdNuu0GQicT0GzORXUVPj0wFscqsiuv0Tv2Cw1SBKRl2r1lPrkEe_9Ka1BdACZoMRrbtfL2iCEOvFrbKNE_Z33Bd6ZuzW3E6tMFEMAonfSGgwDLn6gkygPoDazqH1zLg67WzJ4YaH8onbCk_4taWYgjGvLuGRm1zVGjLmNBcNWXECGwbSALccK3KYmvtCRKrKYWVTkej7q8rGYN2_hQngz2mR3S4vf1dwAW8XkqSsELvjM322QqTnVzO85HFLXtD5eKwsSLqMnGyBfKKQRSeYw1QqIWPwtx4T0L3oas-wxyTSQ2eLhPUliw8ql8C8O2pmPWoLBnRQOZUAgxNB6vHvS91m0km0N2E&cid=CAQSKQDUE5ymXfA4JiwvWngqv_RQC0tMDCC-hjAlXzFGhWSd-SfY1tNKxHmBGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.rinehartfarm.com&ds=l&xdt=1&iif=1&cor=9419217065652593000&adk=2191498966&idt=116&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

982ab4d8bc32fa0262edb5e56aa9536dd6ca6014f2634b43e4c6ef2e25047ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10959
x-xss-protection: 0
server: cafe
etag: 15636944064868061930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 05:03:54 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 285C 41 KB
15 KB 48ms
48ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 12:23:19 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame D5AE 28 KB
11 KB 57ms
55ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0YBYfdkK4A4cAfQSLJ6FKPuvnTBqz4NkAftgmD-IRW57VlugToYSLbxJB5qgzrBQV4Xhz8fynsqd3uF-xXY5xIKBZD4DjyEP7WBRwo3ZDMs6gDo4_1sN6aHmOxHB43FSpGbPGxBRGYwpe6PPpj8S82JILmLBEPEsZfTEn4SiTlb0bMxM&cry=1&dbm_d=AKAmf-DxiWvIXUrspbKQIbg--Jev13vE9_oUwmUaYd6AK1YCVs2fht9OT3C_9nMrF_22SoHbofIIXjgJw80wzOsfvChpgKj7cVdZUPC5YR9mvYji7LKMGG615yvmaiOcvDf7tgwOhBZxaJzGg8pj7uywuHuCIYyaqXs84DPaqO0TaI24ill4Yu9STZbYdo3h6BQ30S7853CAh07DxykLjH0aR2aFqAZqfL-zfA-OnGOd-MN0CTxrENgD80xuzFTWqk4f0C5RuaGE6YWc4VY8fOpAozmciCubGAhA9ESvpZT2JV8rkwjW25IMLd0anuEgb8PNIf4hWwT9pgFNB6lfwEePP1hFQm1dv-p3W35YIUMA9-FhS-6crtN-_c2cqEptihuqRsOEh6wODk930tHCawQG1b6NQNDbC8mD4z9rdNO5eA5xmbsOdHoQ1H3r2JYM3UPf7HrQXavszm9CVg1GsfffELYvXWM18Pp73DByjzkCfYAaeexeMCqZysWufmd99dBtlylabiQnmjH-O23i3GKdkW6LXxHfbqiDjuNte_c8wLXN-ZIDzXenb2fNz7I71zxV5D4HeoDeOGGq-W7WhPvXhDYxbOdkHYXC1UCFOQ5NXjQ5W-zQIjZXH0T5bUTtvTj1z2CIFftrHolGTzdN_0e6DVF6RnF2JtsI1TTlM_-C3WbliASwAV3kyD-n2F3M4MmS2iwDV2XP3LF5IoGq-DsDgbSspCAnLZW98ojjdiF3un0pi3Q8huu-jBMEg4I8MVtWVKfOH7jSmB2J8NJZrbJKOvT6JWDRlVc-JrA-OweMHexnh5xPdzwZ-PfAedKnP4T6Mku6prT9DRIjcegtVV7oA2-ZfNq3B0-74VmlAy0mX50xtF6cIAs-UtR6k8225NqnHX3ZHg0a7yINSwPfhWDGo_eewyG8ZBnh-UKkUyRel-1kewKwdt794G9p2hzryotIpf3eqgSN_otybcknuPDprRPaVgFKdTXgEJrtP-l-g7MwKNeS2pROHioOQo3im-YMMpQcomMsDBZZd0GO1NX_HboocOVOcc28c2aaXfcywdhW4rCzKOXazAJ2V8TQlnYg7XnCS719i6pJ0Ox8SFC83nkzRfzSpRPdD-8Upf17UvHe838OvvnvAeTaWvqeUNWPgqpvmJJ0bumhasssjl7gNN0e5T9eE4-q7PkkLkma4LqbCY7fw438456JwCBTm_YyKv8a56QLIGggyo47LCox2BXB6Pkb1GSW76q1WR7FAUrbsgTP5QxLwrzbn7YlvPHdKDg34KG8R36s8Kat7ArbP-4kPREwE6k5z9JkzTTQhVHOVi1VB6_o8QRByCHLzVi2J-6vM8saMtdD6erKUuqHtNohb4uMCa127KhT8_rAyU_iSgcKYwXvR-0Tpx4UXLBKL5yUg218URWbwi0Kvx0KEgqAPi1clTG_6p6cmkkmeXle0gKOGi6nTrQdcGT5BVSlTzN0Tza1gkZ1GzhAV-SRkNiXj7u6lhVdcTpHdhRnaMyDM4a1k6vGur-pSUWAaIXG5QsJojCLDHnabJdX6dU41aKQ9Ox5QqhgixCiWEMbexvv6DbXrv9r_UB6ZO7MQRPU562aFio31ToQce7C_Qqzyr7iII_htR8M72yMAaBH-7UNEZZmHmMdp68yONjYe9OG3kv1biTklERmBh05NOfGe2kaAlynbTfp2rqQhgpP3_D0gkt38USpO6ACJZlNSbhl2Kt-cjoCjQSyijAInwRRbITEFnnMt9sWKAKwidlSvnw4R2VpXZJiIrtS1PFIl9-MayO-sQKtAO8HaGp-g5ak_S7iZJgc3OdizU-o7xQZQKdgq8UzGGT0xxAlxcAmuWTbeng-WYLVkP61irz3sWrZo3V3-ryiKx3SAF-V1avR-F7__nGtFxtlOKGdSP4_y2iLuoCg60GEvXUEGYzYZyWrfB_uf1WruhcbpfKVeNstWzQLGN9QgBFzCCAK8D7a4PPjKserfNSPjsDpadNHvipj0adT99LTGXNB_pUkFwk5iYpTV5FyAlCziwIbktXmXggZPzNvT5RnBZGD64TB8VNvkJbpGwFUlWKi-GK-dtvBaXV7Vbs_28FXCJ2MkE_jaRMqKWwmgLAtHI6ArIvivNkquAjhPLEB0Dj4QnTe1EYDgEi3jpMK_rrfksbPqjVOU3egaB9Xl1mDED9zT2ohGVjzu6sWZbLc4nK7-15iVLDGNmaRVmeUoeNHkt8ncvfBSbdDI9mgK_nusBDC2AG3XemT2QydEimpS7bZcJQ-auHwmXt5bo2uvUACQsr4mEh-42p89SHJU9enSSS8hGKEgNxdNxKorKA6FmSlnHW_AHUBzpsR6Xo1CVQrX65fomDwPCJixozvwFjZi6BjE1Fg-mIYe10M_rYQqzoxUHe6lRbWwgtcJPiEimuVLxgwDosq0LXXkAcBrJT3SkyYQoeXSiqJWbIqpMVNonNEnBdpPTxzFkqrwxVeeDs_XsgAgwCoVBHIbNMkBj4Tit4ExZl6IXOSNbJFTWM1OqD5801acRuzE4vGqK7h5e6T-J0PLh7lfM9gUUEnhrDjMgl_4YRRZyQXhF62dF3sRyvt5IJURwl8jZUm_cFDpIdFbJfXCMItf7lWsiA4dPqjR3PvJYKEeUMRIsL_SM_4qKXjHtit560hK6XZaPMcoOw2LR3aUxWjVXyP1_s1TD5Jz3cmdLH-KI7xQfgeB5LEZB2RumzNTbDmVvCrVwukkqleDF7HTEcCkX1kSeQnl1AkLK-YktGoJ-XZ-hNCfmz9x15ccbiLAHnWurRjIQEkc69dopCI_2QQkyOc7Z9kz7YTClxTRdiW1ZyzeViDPUbo59G3eUJgTIWDG8IaHItN461j6vC_wDEYpvNl8SYKGL4o91djC8MXOU02yT4KtKbr66xyFL0Qsp-tf41fOTwz-DvNHW_0DH7T5gTVt-yjkBEHEbQWTKbaFTlIOhkpT9Imf06bUvHD_l8IRWr6fgT6MpJldMrkekGI3DywFwPySR95hRvleEgFk0fKZ3-DSYGQz0oEugk8muO073P0lWoenyjIvPRiuH-6IIKeA3J0wY9DixZ3Ls5ua0r0Kat6hbeI860E5jeM6P8fMbutRAKpRHXS-jA6bAEdsoooET-pDWxlLf5rdqEbILVWYlRso7cyQPLqBq_YMWRry_qNg5y8tIFtuNc_UkZkZc0BGRBbaAPNDF-yAdlXcL2-2ITpYkBwTasw2zlTQyqXOBIDiNfGhO2es0Ipr80NGziZZDG4ORdIO9gKWLjfSv1brtTmbW5PkkEMUQiTCOWTTl6uiwzDwPRLoSSj-Qk199VOamqnzK9m9pVXvPQCkAwiViGTRAAEeZAMyaGZthPMcDFbfyiCpyAQu9ItLdE3UL8npAnozYT_DeoLf8SSICzXnlhBB5TRxw&cid=CAQSKQDUE5ymAmTmNiccnEDp2aYSTcT3FXffOJUJIzAgfWJUB9Umyd8oFXuOGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.rinehartfarm.com&ds=l&xdt=1&iif=1&cor=13098166238546233000&adk=3336693039&idt=198&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

982ab4d8bc32fa0262edb5e56aa9536dd6ca6014f2634b43e4c6ef2e25047ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10959
x-xss-protection: 0
server: cafe
etag: 15636944064868061930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 05:03:54 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D5AE 41 KB
15 KB 92ms
91ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 12:23:19 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 211A 28 KB
11 KB 52ms
52ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ap8RfGqOwHSB039_VyAPdhJ_YmcWAgxjdauEjzBRKcs9kSyo_YMODt_ciMyZv9tgkyNEBi7ic-EvsnuhLk3bszUVMT05TooLJDXfQL3FwNy3hFAH4d1FZe_QzUj-srZmfT-apwxzzkaXpJgueaxMBQMUh2H14v64LRt5tock1PDiJ9HOA&cry=1&dbm_d=AKAmf-Ah1SJ3nqnuDGqKOHp92fOoDu0_sv4tk40bYbsQRv7fNJPGzx9dPJQsh2tKPX3FCOfYuqaiHVtJSy1AY-OdEHWf_WssrlWHVfW2_lpYwvGvg-tepJI7HQVUU-scQ1-Zx-PHwmo2qgPcWm_oCwHjFZ011cXsTvtyHMWQfF5dhu2CfNwm1zgxzAqJ0cHFBy6F7oMu7fJZpqFQm2vDMlzJEl925IjHl2lVtVBbOqSpt9JJ3boc32nUdeXyyl7_tnYdYXz5zW3kT_M6FVE8dng0x5uyowaOjWgQlnhUSdIXN--kP2i9nkhQvZzkOz9JAu5z5cAzurVWThU4fuW16ejbmXwL3enyxDeO3ZKqLdqmcH3G1vbTt-yMrTO61JbBMLxzSbpmNqaMutXHzQwFLviJgmsfnTOcspnrhVRd7n4VGklJoDlPRY4CUfMbM7viylSoz2PGiN7w8RGQpXYcaTGN6Ob5JXq4dROA34_jVGz_aOjp63F160pLYVm5jmKg-7wwUpkCDx_OPQLdkN5JWf2qxkVTRr2Nwfyypc1CqH7HdBazPD0MpwLPENL1W5WUAzcVm7OK9SsR6IXHD_MVZMWZNL8X_ipefxrmt6yyE4jjN0uOg2wqQJ66_dSTgIqD47j3-zw5rRATktYAVs4VPCODuXN4_a2TFWHt8VBXokYo-JstSlXDPYwfw4EDY1NOQEgWda5ULc293WeCfoAxGtl6rCwnn7Y1qhzugLkc5BvoTvmhd5cAWi5Ci2Z2npy5XDNaOYWdMK1DIJHm_tvRZSz08gBAnALFwyq3GkvgqCf4M0Qx6I2PPKs8dWrIPC3SR6RdzbWwhlWhh52hWZFg6g6MY57BAxd_NaIm_oPy3xwhygpmHTxXsJ7BlvYe1zqH0ZNJCSgUBAE9j_meS6SK0dSr4gX5f3NKzrW8KPQZ5aTm6lhNmd1a_AqO6DeWqDGFfDLIxrmOcBw1LeG-mRcEqjEI4Xn_CyPX3n_jsOxpg_MzwhtduCPEExYLfVIW2rTOCsy2rdhukT6GfGycUIhC8B-hfaD9oN2H77wnoVQaUO3iwi02u_ER6dpsNL0zkt2GOga9FUCUxCu_6hsDUYfxlqNBJLV9DokSOgcl1JcYB1fEfCbSkYoxGpJhjh--cITM4FGJz4el-hdvvIlAP8JY4jKjlKZ6kiUAWmdM_Xw_GCvOfRdDqlYusAVSqByGfLyehDV_3cFbGEDJcNF7Un7IlPEnKGV1LA8WZ422CJD2KjnM8wvl9V5Ll6mMTmpuYNu3KKfSQ_UFUVim7YxOvCkSTihcdrewevIBKrhv8Ia302O8_pcbA4Nn06ERlvOmBVSfuA1FVrdxBfHN23Om9Yq2KecOpCiUKhjSz2arC1nodWYkCfIrkGXOZGCccJUQy9k3L-O2Pwvq_UAeoNER71wLKj6T3-4lfNlmnPtRmPkf7nbq1sAE8CYXxh1nPQcj4ZQn5Pwazheixht2GVxAQ-o-0X-hCskwe6XToAnYDLgV3slc6jsMoNkz-PF06yN9lUa__AswWHS3BrrdVNovAsSM60iovtcvhT7m_grwSVhTuXEwRUFc_t4MViJi-ZTNRHDQk-78tpuIbfuphZKNc-MOktGeeyClZkIbnY2ywC8Reqnz1yIOhZyhjq3HNCbffIqVGAXZWI0Sh7PtzG2fl9GvYtwZSjr2LUNFb4k8KV00jjgjYY3j0saTxM63h4bTSbEEpP5-g-r_oZBbvst94PVrh4K3If2K_kz7f-d2xcZb0I7r1-KNHKgyceDBj_Y7rR4Tw_4opQtXYbHGaK4P-KobbS5-eV_oxzy3vCgUJJAOCY9NAfiPrk25pYe6flPEKIhLm26GGFOOYeZd6F6qeS5-azEWZFZ185xkelQ_T0z7BU_wDaHSQ5FDpjAEzsG8VHysNFNzFDt3yq24Mb8-qJIFmmGPgBbgWJ9Ti_fje2Z8FMy-Cam22awX5Aje6AGmojXfpbQcTt8KkMz6uLNerR0UXHGcUUC410A5Ndyh9QLdvoX9zDb53kSHMToM1E9LulaWx6ytFW_uB-MSOZ2PwhlQ_4gYqsdaEY79XcEwsMQP4jtK-X9E68dt5wHQpZEKJto5FEogMuE3RIHUcRB1Ine6iWixHA8FuFJiO1Pza6Ta2ZwKqnF05djq3TFLrME6pj8c3qwI9rDm8AKedi9YgSs1bxwLrS-rKu1DjWOodhs8rdgw9gTdXFvY-zfZRw2zfRAjCgnTrNhAgm5DRelSpmJ_2OhZi8xAzqwmZLSG-xqcXT9-AQy9qebEbG8O9bi94bK4ExJNfiVUHv_moJsWm1X551119KHenXE2vKc8pgwsXJ3X37-1bsPSgQ6J-gkyPwIq6_AG501Lk1gPXNCtdeaDjVfyoTc3aHb7aX1v4W4A-dRpqmOG5yI1SqyrlO0yz7zzqYpyDVGJuJs-OFTmUpBo84lrl_qVbh-GFTyRsaFCamIkeWnz81LsA2tQVeZO8tcUvtw7bkVCOf4XuN0xHFarqWfHJRs-fhivhQ_v0rW58E-GhD06IytlmElN3RaDx5xVG-2qI9lN7leVTw_qMXdLYY7NvEgnjIayVTzc0BvcGlMphWVg1KujoZuuqxTYE2rzqjXYn6DMTfdra8OXMNiBR8hdS7GN12i0dZ6vhZLJVHQTZgA30MtCX3CBOJ2_DEsCbqoqyC0tuwGb_np6aVNbSVYmf2DyZN1FgcCvgBbhY6N9Urx3f7qT96snnoFRo9Mt3Q3wv60MvZO4BjnASFr3ZFU96iWR6xk1eXHEZAYkfTSuu5g_22rak-NcfFtaPBIztiprSUCAY0E2o5gsiAM8fAKPQUGMoDg94cEyRgXEkyPC9Mli6NrV9x0nEezPo1br0zh8tJJ7d4G03EaK17_llUddb2wcj9Q-cLEj_oh7V-pjrDzNq77aur8ILQh371SYer7e7T24T5_gDshSDDOeCy1zY549VkQuRc720J_a3Vl_2puM-B83BOOev9uu4sT183kLU-msHrcrSMzOuTtCpr5vZvPyZolzm5AuiwcTiVX1-oTnUIjGRCXyRZdBzVVi9OV4nS4BFeyNEyiYslyB45PYBR8umHAJ87-0JSTdXhqMFgGM05XFACZBHRsiuQelUGy9-bQXzur5G89vvCQ_XbyC7eLFxYFH3WcbTkhrFvE7_4oEbN8ugWXhCLchHt1SElrzz9akQ-txt6BP0CDtkJZpud5OtBPw_Rkv-UTZPhYUySI20zIxi5rX7egD3V1qm3EHe_15zAXMH3oYEeOfz-Z9BOC6vPHnCWkCtal6zgwSN3zxJuX4y6RwwltKa25X_SeHHDnCdUPXHAyrpG7pEN3T-iPwk_vkfqtIiBse9nJu-1IvQJEadD-9PVmVsBMeJDAqURYV0GLHKtsj-abQZSkEYjR64LSAPw&cid=CAQSKQDUE5ymHuoO-SplsPF8NscA88tN2xbFj0q7mSveDS-LxhTHz6feYz7ZGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.rinehartfarm.com&ds=l&xdt=1&iif=1&cor=14495044957231167000&adk=608880704&idt=197&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

982ab4d8bc32fa0262edb5e56aa9536dd6ca6014f2634b43e4c6ef2e25047ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10959
x-xss-protection: 0
server: cafe
etag: 15636944064868061930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Mar 2023 05:03:54 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 211A 41 KB
15 KB 85ms
85ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 12:23:19 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 285C 43 KB
18 KB 353ms
93ms Script
application/javascript 65.109.27.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.27.133 Tuusula, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.27.109.65.clients.your-server.de
Software: nginx /
Resource Hash: 9260c08a529a83cdb2d978e829b597e3819152723e7b686bedb4d293acc34904

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Fri, 17 Mar 2023 15:32:33 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Fri, 17 Mar 2023 18:32:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4932 1 KB
643 B 255ms
46ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 11352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Sat, 18 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 285C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3117d3971f58516849e1f6c636ce3fc64faf6ae21d65700d49bd816272ae8119

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 66BB 22 KB
8 KB 98ms
51ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 520611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 14:55:42 GMT
expires: Sun, 10 Mar 2024 14:55:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 285C 0
20 B 80ms
80ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BH2prEIgUZMS7I92I9u8PidqxkAkAAAAAOAHgBAI

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame D5AE 43 KB
18 KB 258ms
96ms Script
application/javascript 65.109.27.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.27.133 Tuusula, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.27.109.65.clients.your-server.de
Software: nginx /
Resource Hash: 9260c08a529a83cdb2d978e829b597e3819152723e7b686bedb4d293acc34904

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Fri, 17 Mar 2023 15:32:33 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Fri, 17 Mar 2023 18:32:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 21BB 1 KB
643 B 83ms
48ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 11352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Sat, 18 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D5AE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3657e18bca9543e44c6bed6f48f74ce467897bc57b7a94c2294924250a7bfdcb

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bg Show response
ads.revjet.com/ Frame 211A 43 KB
18 KB 259ms
140ms Script
application/javascript 65.109.27.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.27.133 Tuusula, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.27.109.65.clients.your-server.de
Software: nginx /
Resource Hash: 9260c08a529a83cdb2d978e829b597e3819152723e7b686bedb4d293acc34904

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Fri, 17 Mar 2023 15:32:33 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Fri, 17 Mar 2023 18:32:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 171C 1 KB
643 B 78ms
50ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 11352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Sat, 18 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 211A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf303fa2f2c27124090def7f34ddaa544a097f60608a4d27da25220ed6a52f8b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B7C7 22 KB
8 KB 74ms
52ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 520611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 14:55:42 GMT
expires: Sun, 10 Mar 2024 14:55:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7B4E 22 KB
8 KB 72ms
55ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 520611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 14:55:42 GMT
expires: Sun, 10 Mar 2024 14:55:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 68E9 0
0 110ms
83ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031401&jk=2287542896518469&bg=!2tml2Y3NAAZEjmHWZI47ADkAdvg8WnuweOAZIIUk14NxcY_gMLG35SQlAyHC-HPH7Xjvx40X6qe-A7el570OP5l8LOOZmkno8PsCAAAGKFIAAAAEaAEHmQKxI6mj9RRvqECYa0l8PMo8UuRsauH-E5VT0O81V3r5VjiCkRWB1exOO4S118uKz6L755Rz_eB_uHV7mfiEhDIDL3LIaaxp61ThJ7D6A0Hvjg3w4_fiQ1gxp4rKOciPYPRMmlJLM4ip1gdHn-yHPDZzvxgpcTQloS-Dn0Zqx87zHrXzjWhyPzpO_3pNthTcrJtFwO9aMZ4uKcrq6NukMKm3dPfVZVjZh1TIKiFer6Nio8DCXh4wYll-xKWFy6LlMIZAFWBELsVW4ZzOantH5f2juOtYYIVjkxZbrvSYBLDlhoHAHY9cn3-DtnamwzFJZP6hDDtB9CqSrU0BY8nqqL1PDDlkB6q3bDy-xbL5WrEcJup1BJMGYhig06XlXjkZbnWk-1uXbHmZGw3KRirMPF-fwkNNZO-tJcZNT4xX1OT0RCnSiB66LAnIfUrsjLrvFACqLeC9uf40JUpDTh-SClJm3O1vQVlfKCtYTnlX7S41VYNBjNoFsLK_Fm5PP7Yds-AMIPirIqxnlgrFWoghTeNyd6BeMt-0DgluMi1W9BShtmA6X0nHcCnxo3OPPiuR0lyzUWOMONmrslH9jwMERKh-dw33aUvAu3hxR7M9w6-ruUz3gx3HYhj99CrlkqmhlZ1FVPtpIjFNhhQo_QmfsvNmi9sYuiH3OhJdt79WbQsffFZ_M8xArF95k48ssc_YvPk_ATYEZNK7MmM-j8Wv8nElgNmpzAGA4X_1iF_5pUDRcIj6E0I9lLc5enNQKfBT5MkIUB5Pkgj2sKyTESGybO-_Z7x8cfi5GypM2-Aafnc25pnKEhqf5-fAxIRRxXBCroZ8fvJSNl82Y7cn09SsSpaG5lm8cTI2V0XGKY0A5uRtP2KGLpLEuhEnMY89VTrR7ykIqvM3YDehwfAmWETWahe5lWU
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4932
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJLCIpWojQa5lZSnJvQDfeQ&google_cver=1&google_push=Aa02lx-SmpQaEzj17LhDpQWbj7gABkSzQPhbIRuIJiSlW5mGaOixOH5fNdNXuPqiX9xhzm85ocX9gzGZvAzo0P2D...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-SmpQaEzj17LhDpQWbj7gABkSzQPhbIRuIJiSlW5mGaOixOH5fNdNXuPqiX9xhzm85ocX9gzGZvAzo0P2DMsspa3WMcrQp

170 B
188 B

110ms
101ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-SmpQaEzj17LhDpQWbj7gABkSzQPhbIRuIJiSlW5mGaOixOH5fNdNXuPqiX9xhzm85ocX9gzGZvAzo0P2DMsspa3WMcrQp

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Mar 2023 15:32:33 GMT
Server: MT3 569 46451a0 master cdg-pixel-x28 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-SmpQaEzj17LhDpQWbj7gABkSzQPhbIRuIJiSlW5mGaOixOH5fNdNXuPqiX9xhzm85ocX9gzGZvAzo0P2DMsspa3WMcrQp
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 17 Mar 2023 15:32:32 GMT

GET
H2 502 setuid
px.ads.linkedin.com/ Frame 4932 0
0 361ms
204ms Image
text/html 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEHBzlYqRQYKqFxPCNNzlhJM&google_cver=1&google_push=Aa02lx_59-PEG_wRNu8764MZI2qwj3PXrcVzKqe49uVg9Ak4egGFNSrDNCtuzZXtT-znyMUBhP62UtkqIg-SfA0CQ5tvVZxJC2P4
Requested by: Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4932
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPLa472BUHgdW2RXcdLQjRM&google_cver=1&google_push=Aa02lx88qFDyIY7cHlcE7GCfbce4OnpxRQVpcCY5dRdxBmC6peKhjt2DlAFruXRpmNj8cnKunk0yilYZDdP...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx88qFDyIY7cHlcE7GCfbce4OnpxRQVpcCY5dRdxBmC6peKhjt2DlAFruXRpmNj8cnKunk0yilYZDdPT3TNYieUNtvHU3Feu&google_hm=pQMaO2QPRPCd3JHB5_7T8y8

170 B
188 B

58ms
56ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx88qFDyIY7cHlcE7GCfbce4OnpxRQVpcCY5dRdxBmC6peKhjt2DlAFruXRpmNj8cnKunk0yilYZDdPT3TNYieUNtvHU3Feu&google_hm=pQMaO2QPRPCd3JHB5_7T8y8

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:32 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx88qFDyIY7cHlcE7GCfbce4OnpxRQVpcCY5dRdxBmC6peKhjt2DlAFruXRpmNj8cnKunk0yilYZDdPT3TNYieUNtvHU3Feu&google_hm=pQMaO2QPRPCd3JHB5_7T8y8
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4932
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEKFpkF5kJOeBmVF3z9woZ0&google_cver=1&google_push=Aa02lx9w-JPt0RKvhEROFbcUVPpzZKbUeHt3WyMsVMkz_Id9V3QxMC907DyMcnNJwKBLPjdzUCRagKbQc1fqg_...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMTUzODUwOTkzMjEzMjQ5MQ%3D%3D&google_push=Aa02lx9w-JPt0RKvhEROFbcUVPpzZKbUeHt3WyMsVMkz_Id9V3QxMC907DyMcnNJwKBLPjdzUCRagKbQc1fqg_Q4pb...

170 B
188 B

64ms
59ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMTUzODUwOTkzMjEzMjQ5MQ%3D%3D&google_push=Aa02lx9w-JPt0RKvhEROFbcUVPpzZKbUeHt3WyMsVMkz_Id9V3QxMC907DyMcnNJwKBLPjdzUCRagKbQc1fqg_Q4pb8u0nvGn4yo

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMTUzODUwOTkzMjEzMjQ5MQ%3D%3D&google_push=Aa02lx9w-JPt0RKvhEROFbcUVPpzZKbUeHt3WyMsVMkz_Id9V3QxMC907DyMcnNJwKBLPjdzUCRagKbQc1fqg_Q4pb8u0nvGn4yo
Date: Fri, 17 Mar 2023 15:32:33 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4932
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFsoee20JZk4zSXp0W5nEfs&google_cver=1&google_push=Aa02lx8U8y2bKQau6p6dSYB76SuRoHpwPn6ZPFMtvipe6OB2r3p0NlUahMK76w-XWAcZOF_YGHkgWB92kfQK0iw1h6Nh0qt...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8U8y2bKQau6p6dSYB76SuRoHpwPn6ZPFMtvipe6OB2r3p0NlUahMK76w-XWAcZOF_YGHkgWB92kfQK0iw1h6Nh0qt81uEP&google_hm=eS1ETTBTUldwRTJwRzZDVG...

170 B
188 B

103ms
99ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8U8y2bKQau6p6dSYB76SuRoHpwPn6ZPFMtvipe6OB2r3p0NlUahMK76w-XWAcZOF_YGHkgWB92kfQK0iw1h6Nh0qt81uEP&google_hm=eS1ETTBTUldwRTJwRzZDVGxTeTEyaEhZcmlLTUdjZmhLUH5B

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Mar 2023 15:32:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8U8y2bKQau6p6dSYB76SuRoHpwPn6ZPFMtvipe6OB2r3p0NlUahMK76w-XWAcZOF_YGHkgWB92kfQK0iw1h6Nh0qt81uEP&google_hm=eS1ETTBTUldwRTJwRzZDVGxTeTEyaEhZcmlLTUdjZmhLUH5B
content-length: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 4932 0
44 B 929ms
290ms Image
text/plain 54.64.126.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEFXVJ9sfbvRD5TuxzKpnZWM&google_cver=1&google_push=Aa02lx-7e_h_61KFU5pke5R4o_9MZD4gYBVIWfFqzJVqVAuib_kJem6oXExTLpC-ea4pyygjv327-ueTkZPKNDdxTSEmxQV8LKuP
Requested by: Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.126.195 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-126-195.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:33 GMT
server: awselb/2.0

GET
H2

200

/
onetag-sys.com/match/ Frame 4932
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEC26gR9CJLqNC5qvbk_ITd4&google_cver=1&google_push=Aa02lx-H6SWZv1NP9P9EZZ0CG4PPA4foZwfKSdmpO0H2yN1SNrR-8qNl0F7enebk9GHKtvmidRefYU34_s5...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-H6SWZv1NP9P9EZZ0CG4PPA4foZwfKSdmpO0H2yN1SNrR-8qNl0F7enebk9GHKtvmidRefYU34_s5hRjvBvoENuKQHbCpqrw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

92ms
51ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4932 0
12 B 80ms
50ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2mA048TmuejZkVsfQKhjG-bAquSqz1yN_4AsRuJdTxfK7LXES9-0p8rodOKbVqmz7sjqvVA

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7DE4 0
0 83ms
83ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031501&jk=686452993253964&bg=!e3ileCzNAAZEjmHWZI47ADkAdvg8Wj5mkPu91qcaxTH7QyiQhXBsgWrlxvfjucykVMd1usv3v7ShhbMWLrmGEGM9A8rb4b-ssTMCAAAGy1IAAAAFaAEHmQK9K9SKSIt4nwCPZIYtZ5ZCMlRGL7AfP0Lhts5QT_HCG1LNDYljAvIBQJC8EjUFa1RKmSvCI0kKWN3kbBkx68QkMyOO3LzWL358IYF59KzNGiEugfS7QkM9JhRkFLOenctCkaZZkmBGcEN_oqiF_yrMjrjT1MCY60TTHTe81GLkwp6EKXQLyfBrPcCN0q0Zmx2XwyBxIpdtihNFA1YoPaPwrkhjZj-Dp0yr6wsl2s3qoHaHIpzW_n7YH0MIkp9FwtGX7WUXpGWaYu85eNM-rw9kvOU7_x4Ub95sDK8SdKBaSLyx1QarsSQ29Rq8EqhsCHcaYS0ju41R_Rj7hITW7KJ2uGQxRX-F4xKQ2wuhfQZkZ041hEO-to4ncbVm55fKcdoFg6zSvE9i1lyayPPeU5umF0m4lCBRu9OlslZfqvqW_EMiBG9GBDlxz4MNisIn5gqioV13IoMf6b28uVpbzZVJ0fzHSU2cpCzjVUF6MbLfGDLr0q07lcDPwCK16IhokFyzB_Fr28oKTgPJQ9Vmig_0dHG8SlPS3KyKSY4TKYaROMr1o7ebkcJvLaaRpZB1niE5__WhgQh6mA_17GnPeOOKyViffEMiD2o14vdX6dauV-TuDOD40Y_EK2WcRE9A-c5xSLz6e6pLdpTn9j-C3q1JUuJt1WZv3s0yks9zSCvWSnQFsSsi1B6bKRrr_CjZe8Y8VFfbTPGSGIq82j3u7J6y-ZHRnQujbZTvYpVw9YJSZEsfwBUSeEyrlt-Kh4LdQJZo57OhPjK9_3L2Yx-4YKeRUXSovyBlUQErmab76JPoy5AQPlS3H0aEGyp4PB79zO6EoSlgAXWqbty2-TatKsBcPqUwVhVUvmWsh5BmziXPzr4KqzKye4-kYRat-CGbRCD7mbHAYpmjEEJWMI3IgtmR9T6RhOIsCAHHo_a6GTU
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21BB
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFsoee20JZk4zSXp0W5nEfs&google_cver=1&google_push=Aa02lx8qq9cI4Q3-lGIEO7rcRM9MiTBGQA9YK9iXhnWm3i5lZfpmhgFYjXIdUrKM-j_QdEkM6bNn27HH1-ZcH22qxZQcbzG...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8qq9cI4Q3-lGIEO7rcRM9MiTBGQA9YK9iXhnWm3i5lZfpmhgFYjXIdUrKM-j_QdEkM6bNn27HH1-ZcH22qxZQcbzGGK5Bm6g&google_hm=eS1ETTBTUldwRTJwRzZD...

170 B
188 B

100ms
99ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8qq9cI4Q3-lGIEO7rcRM9MiTBGQA9YK9iXhnWm3i5lZfpmhgFYjXIdUrKM-j_QdEkM6bNn27HH1-ZcH22qxZQcbzGGK5Bm6g&google_hm=eS1ETTBTUldwRTJwRzZDVGxTeTEyaEhZcmlLTUdjZmhLUH5B

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Mar 2023 15:32:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8qq9cI4Q3-lGIEO7rcRM9MiTBGQA9YK9iXhnWm3i5lZfpmhgFYjXIdUrKM-j_QdEkM6bNn27HH1-ZcH22qxZQcbzGGK5Bm6g&google_hm=eS1ETTBTUldwRTJwRzZDVGxTeTEyaEhZcmlLTUdjZmhLUH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21BB
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJECV9EsxS3PL5pH72l_U74&google_cver=1&google_push=Aa02lx89lGGLGVrR7jdd0pMTtSBZ6H0bM4TPRv1HH_Z48ZCg9vTIzgkL5HkB3jSnwPfH7-LXKQC_ILrg5t9jgZt...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=M334y9tHXB5ZN1r8jJiTibBDVi8&google_push=Aa02lx89lGGLGVrR7jdd0pMTtSBZ6H0bM4TPRv1HH_Z48ZCg9vTIzgkL5HkB3jSnwPfH7-LXKQC_ILrg5t9jgZ...

170 B
188 B

59ms
58ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=M334y9tHXB5ZN1r8jJiTibBDVi8&google_push=Aa02lx89lGGLGVrR7jdd0pMTtSBZ6H0bM4TPRv1HH_Z48ZCg9vTIzgkL5HkB3jSnwPfH7-LXKQC_ILrg5t9jgZt4z72uZuH_87vTyQ

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=M334y9tHXB5ZN1r8jJiTibBDVi8&google_push=Aa02lx89lGGLGVrR7jdd0pMTtSBZ6H0bM4TPRv1HH_Z48ZCg9vTIzgkL5HkB3jSnwPfH7-LXKQC_ILrg5t9jgZt4z72uZuH_87vTyQ
Date: Fri, 17 Mar 2023 15:32:33 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21BB
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELWOcdMEr1reaVVoRMYGEcw&google_cver=1&google_push=Aa02lx-pByRATtqTQ_g0knfavw10P10QoUoi1LzjgUyO8GZc1XfZIE8GVcnp8_nG1MbM9NUy9SaYwD9AEukRagi9W...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELWOcdMEr1reaVVoRMYGEcw&google_cver=1&google_push=Aa02lx-pByRATtqTQ_g0knfavw10P10QoUoi1LzjgUyO8GZc1XfZIE8GVcnp8_nG1MbM9NUy9SaYwD9AEukRagi9W...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-pByRATtqTQ_g0knfavw10P10QoUoi1LzjgUyO8GZc1XfZIE8GVcnp8_nG1MbM9NUy9SaYwD9AEukRagi9WUKbuIEYavve&google_hm=GU4EsGZHRvKLygN8R_WRhw7u

170 B
188 B

57ms
56ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-pByRATtqTQ_g0knfavw10P10QoUoi1LzjgUyO8GZc1XfZIE8GVcnp8_nG1MbM9NUy9SaYwD9AEukRagi9WUKbuIEYavve&google_hm=GU4EsGZHRvKLygN8R_WRhw7u

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Mar 2023 15:32:33 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-pByRATtqTQ_g0knfavw10P10QoUoi1LzjgUyO8GZc1XfZIE8GVcnp8_nG1MbM9NUy9SaYwD9AEukRagi9WUKbuIEYavve&google_hm=GU4EsGZHRvKLygN8R_WRhw7u
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 21BB 0
35 B 278ms
39ms Image
text/plain 18.194.168.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMz5zIw5lTAP21M-luP8VKU&google_cver=1&google_push=Aa02lx9jhkx1t1bBvySBeMJnEnXB-auir7kxfnLq1Tc_mnxfPCOudWMWcN_TYI3aWKA6N-ojts6aYxkFBG25WjTDokPgKA4w13pQ_Us
Requested by: Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.168.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-168-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:33 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21BB
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEKGmD4CUHpdylgiGvoYrPJU&google_cver=1&google_push=Aa02lx-PRSzLzqXNMNfYyEMKN9lWsXV4hHMes0KURyawRXOYztAEg44srf-vbl0a98kiXrSIEi8HhGqaBxcd6vqXf6jKkgeff_Vqens
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YWU3MjRkZmYtOTI2NC00ZWRkLWE0YmItMDQ3Mjk5ZWYyYTM3&google_push=Aa02lx-PRSzLzqXNMNfYyEMKN9lWsXV4hHMes0KURyawRXOYztAEg44srf-vbl0a98kiXrS...

170 B
188 B

76ms
75ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YWU3MjRkZmYtOTI2NC00ZWRkLWE0YmItMDQ3Mjk5ZWYyYTM3&google_push=Aa02lx-PRSzLzqXNMNfYyEMKN9lWsXV4hHMes0KURyawRXOYztAEg44srf-vbl0a98kiXrSIEi8HhGqaBxcd6vqXf6jKkgeff_Vqens

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YWU3MjRkZmYtOTI2NC00ZWRkLWE0YmItMDQ3Mjk5ZWYyYTM3&google_push=Aa02lx-PRSzLzqXNMNfYyEMKN9lWsXV4hHMes0KURyawRXOYztAEg44srf-vbl0a98kiXrSIEi8HhGqaBxcd6vqXf6jKkgeff_Vqens
date: Fri, 17 Mar 2023 15:32:33 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 21BB
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEC26gR9CJLqNC5qvbk_ITd4&google_cver=1&google_push=Aa02lx9_co64aMq9N_bJ-slrG2eBgTS2vYghkfUN3znyxfQ4erpQpm60zPwn7z2AIOBegwZUhCPn6gM6T8c...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9_co64aMq9N_bJ-slrG2eBgTS2vYghkfUN3znyxfQ4erpQpm60zPwn7z2AIOBegwZUhCPn6gM6T8cTLGGmaRHBwg8eyouywuY
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

91ms
50ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21BB
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEI-Geko2_tgIjf1zCuY_21M&google_cver=1&google_push=Aa02lx_EH8qGnw3uWqWf256VDPZsWGHUWpnuxnnyxF5o0tXIqjaJMZalOKm1VW9Ct2wSYh-YlnpP0S2BwwiA9WFMsqie75hqq...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_EH8qGnw3uWqWf256VDPZsWGHUWpnuxnnyxF5o0tXIqjaJMZalOKm1VW9Ct2wSYh-YlnpP0S2BwwiA9WFMsqie75hqqzAFA2Q&google_hm=821d8b1c5ae...

170 B
188 B

54ms
53ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_EH8qGnw3uWqWf256VDPZsWGHUWpnuxnnyxF5o0tXIqjaJMZalOKm1VW9Ct2wSYh-YlnpP0S2BwwiA9WFMsqie75hqqzAFA2Q&google_hm=821d8b1c5ae7c24dd9a346e89e996ca0

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_EH8qGnw3uWqWf256VDPZsWGHUWpnuxnnyxF5o0tXIqjaJMZalOKm1VW9Ct2wSYh-YlnpP0S2BwwiA9WFMsqie75hqqzAFA2Q&google_hm=821d8b1c5ae7c24dd9a346e89e996ca0
date: Fri, 17 Mar 2023 15:32:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 21BB 0
12 B 65ms
60ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6kIzS9ZvGaNXXfdqwJdEZS6NxKi1bLDUrZjJO008GzGGhmiWkVjn4ryGz3Ec5P9Dhu31uKbg09A

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 171C 0
104 B 310ms
72ms Image
text/plain 64.158.223.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOlc0NSbm1MLpiXQR5Kgt2s&google_cver=1&google_push=Aa02lx_Xzgoy-IOpBSq8EaHKKnsJHhea_8sr7V1uSU0dYbYyb1pOkEOpP1MHzTRvrEbfFiE0mjQPUeQ3pYLjMroRT8jTc92ldGOu9A
Requested by: Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-nessy-float1.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 171C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKebJtux3sxMD0ltAxtN4p4&google_cver=1&google_push=Aa02lx_V4IQvnbuAq9a_L4JvPzoO_fqq-B4ygDIktC5LgijbtDFQld1gjpZaSjuVRLlnwhj20v4F0vMaj_u2yLLwa072fvwHstvDl...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKebJtux3sxMD0ltAxtN4p4&google_cver=1&google_push=Aa02lx_V4IQvnbuAq9a_L4JvPzoO_fqq-B4ygDIktC5LgijbtDFQld1gjpZaSjuVRLlnwhj20v4F0vMaj_u2yLLwa072fvwHstv...

43 B
418 B

220ms
219ms

Image
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKebJtux3sxMD0ltAxtN4p4&google_cver=1&google_push=Aa02lx_V4IQvnbuAq9a_L4JvPzoO_fqq-B4ygDIktC5LgijbtDFQld1gjpZaSjuVRLlnwhj20v4F0vMaj_u2yLLwa072fvwHstvDlg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_V4IQvnbuAq9a_L4JvPzoO_fqq-B4ygDIktC5LgijbtDFQld1gjpZaSjuVRLlnwhj20v4F0vMaj_u2yLLwa072fvwHstvDlg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a964a0e4b2d35c0-WAW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 7
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKebJtux3sxMD0ltAxtN4p4&google_cver=1&google_push=Aa02lx_V4IQvnbuAq9a_L4JvPzoO_fqq-B4ygDIktC5LgijbtDFQld1gjpZaSjuVRLlnwhj20v4F0vMaj_u2yLLwa072fvwHstvDlg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_V4IQvnbuAq9a_L4JvPzoO_fqq-B4ygDIktC5LgijbtDFQld1gjpZaSjuVRLlnwhj20v4F0vMaj_u2yLLwa072fvwHstvDlg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a964a0ca91835c0-WAW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 171C 0
173 B 276ms
40ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEF-nUkYJV5XorbA7ts1ZfdI&google_cver=1&google_push=Aa02lx-LQscsB2Hsy-LqXBXeCzwQALM9pS6gOPFah6gGuxLf2syKuk8qOX5j5Bg642KrjBh3bN3mFHAe1RS7mUCtMTYSdwuJB0IATw
Requested by: Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 171C 0
411 B 822ms
195ms Image
text/plain 72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAa02lx_nWr9AqBL71CkwIbFKPaLWNb5tbG45hemyjqEn2bpP4KDw1nhankpxbkwohoob2ixDPK7Y8DeZ8sxdXS2ZKCQ5-t4w_uU6og%26google_hm%3D%5BUID%5D&google_gid=CAESEFvaYHklXGNlxwXcqLJqyYQ&google_cver=1

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Mar 2023 15:32:34 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-29
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 171C
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHjsEWW98yoHQjXF0bQ4wFA&google_cver=1&google_push=Aa02lx_K6mHNFmYPPnLV_6sw50ERTuL2yHVKEeXYKqPW-TWodt-Bu9d2Lz_1Jeq-LGPi3oxWQIbOqCqKIOMssbZKcULrbOLFNyPq
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_K6mHNFmYPPnLV_6sw50ERTuL2yHVKEeXYKqPW-TWodt-Bu9d2Lz_1Jeq-LGPi3oxWQIbOqCqKIOMssbZKcULrbOLFNyP...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMjkxNzcwNzUxOTkzMzI0NjczMQ%3D%3D&google_push=Aa02lx_K6mHNFmYPPnLV_6sw50ERTuL2yHVKEeXYKqPW-TWodt-Bu9d2...

170 B
188 B

77ms
61ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMjkxNzcwNzUxOTkzMzI0NjczMQ%3D%3D&google_push=Aa02lx_K6mHNFmYPPnLV_6sw50ERTuL2yHVKEeXYKqPW-TWodt-Bu9d2Lz_1Jeq-LGPi3oxWQIbOqCqKIOMssbZKcULrbOLFNyPq

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMjkxNzcwNzUxOTkzMzI0NjczMQ%3D%3D&google_push=Aa02lx_K6mHNFmYPPnLV_6sw50ERTuL2yHVKEeXYKqPW-TWodt-Bu9d2Lz_1Jeq-LGPi3oxWQIbOqCqKIOMssbZKcULrbOLFNyPq
date: Fri, 17 Mar 2023 15:32:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 171C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAcjqs1_YCt9g56H0CcexAA&google_cver=1&google_push=Aa02lx8tWDa9ORIVp1vp4BdK6SiiWzUXNjtPnMyCNW7dDDBLTo0y09Vdi90AeXMl9P-KVgJr2S...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xeTVNT0gxRTJ1RXNzVWVCREVoR2dqMGhBMzc0aFFOWH5B&google_push=Aa02lx8tWDa9ORIVp1vp4BdK6SiiWzUXNjtPnMyCNW7dDDBLTo0y09Vdi...

170 B
188 B

61ms
60ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xeTVNT0gxRTJ1RXNzVWVCREVoR2dqMGhBMzc0aFFOWH5B&google_push=Aa02lx8tWDa9ORIVp1vp4BdK6SiiWzUXNjtPnMyCNW7dDDBLTo0y09Vdi90AeXMl9P-KVgJr2Sdyfe1_mWvYOEzkK1Z65ECGXD7fTAk

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xeTVNT0gxRTJ1RXNzVWVCREVoR2dqMGhBMzc0aFFOWH5B&google_push=Aa02lx8tWDa9ORIVp1vp4BdK6SiiWzUXNjtPnMyCNW7dDDBLTo0y09Vdi90AeXMl9P-KVgJr2Sdyfe1_mWvYOEzkK1Z65ECGXD7fTAk
date: Fri, 17 Mar 2023 15:32:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 171C 0
34 B 274ms
39ms Image
text/plain 18.194.168.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMz5zIw5lTAP21M-luP8VKU&google_cver=1&google_push=Aa02lx-UB71dDElDr2O4ztbWwCYT0H7g_tcD6kz4wcbIXWrMCZaNr9IKn9sWfXqZiIn_bWJO6iOHeryRVuBcwOtLQyT4iSg_3DeAJA
Requested by: Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.168.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-168-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:33 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 171C 0
12 B 64ms
61ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KcKeySc13AniWTgcvn7WS3zrHnqKlS8DK36q0-MpmMMb58DT27nUsBwHkJm8cD20Zh8ni3Yls

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.1/modules/ Frame 285C 20 KB
7 KB 236ms
23ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.1/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8D) /
Resource Hash: 194f002ce71750d685c32fe75211cbbe22d3383e7bc3d0a323b76d278ab46b98

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 07:30:07 GMT
server: ECS (wmi/FE8D)
age: 499
etag: "638857ff-5088+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7398
expires: Fri, 17 Mar 2023 15:42:33 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame ED4B 2 KB
1 KB 210ms
8ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Ff5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8B) /
Resource Hash: a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989

Request headers

Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

access-control-allow-origin: *
age: 72
cache-control: max-age=600
content-encoding: gzip
content-length: 943
content-type: text/html
date: Fri, 17 Mar 2023 15:32:33 GMT
etag: "63e39f32-744+gzip"
expires: Fri, 17 Mar 2023 15:42:33 GMT
last-modified: Wed, 08 Feb 2023 13:10:10 GMT
server: ECS (wmi/FE8B)
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.1/modules/ Frame D5AE 20 KB
7 KB 230ms
25ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.1/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8D) /
Resource Hash: 194f002ce71750d685c32fe75211cbbe22d3383e7bc3d0a323b76d278ab46b98

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 07:30:07 GMT
server: ECS (wmi/FE8D)
age: 499
etag: "638857ff-5088+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7398
expires: Fri, 17 Mar 2023 15:42:33 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame B5BC 2 KB
1002 B 228ms
31ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8B) /
Resource Hash: a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989

Request headers

Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

access-control-allow-origin: *
age: 72
cache-control: max-age=600
content-encoding: gzip
content-length: 943
content-type: text/html
date: Fri, 17 Mar 2023 15:32:33 GMT
etag: "63e39f32-744+gzip"
expires: Fri, 17 Mar 2023 15:42:33 GMT
last-modified: Wed, 08 Feb 2023 13:10:10 GMT
server: ECS (wmi/FE8B)
vary: Accept-Encoding
x-cache: HIT

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 66BB 36 KB
14 KB 49ms
44ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.1/modules/ Frame 211A 20 KB
7 KB 225ms
32ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.1/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8D) /
Resource Hash: 194f002ce71750d685c32fe75211cbbe22d3383e7bc3d0a323b76d278ab46b98

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 07:30:07 GMT
server: ECS (wmi/FE8D)
age: 499
etag: "638857ff-5088+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7398
expires: Fri, 17 Mar 2023 15:42:33 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame B667 2 KB
1002 B 223ms
43ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fda01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8B) /
Resource Hash: a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989

Request headers

Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

access-control-allow-origin: *
age: 72
cache-control: max-age=600
content-encoding: gzip
content-length: 943
content-type: text/html
date: Fri, 17 Mar 2023 15:32:33 GMT
etag: "63e39f32-744+gzip"
expires: Fri, 17 Mar 2023 15:42:33 GMT
last-modified: Wed, 08 Feb 2023 13:10:10 GMT
server: ECS (wmi/FE8B)
vary: Accept-Encoding
x-cache: HIT

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response
pagead2.googlesyndication.com/bg/ Frame B7C7 36 KB
14 KB 46ms
45ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B4E 36 KB
14 KB 54ms
54ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 936E 0
0 125ms
115ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031401&jk=912579993772664&bg=!UlGlUQXNAAZEjmHWZI47ADkAdvg8Wq0GYnQ2EHPE4pzjlWPbtRovUHNMNeHc_E5_-rqqVxiavPAEgqP-Y5EVBE27pU0MRhDmpc4CAAAGAVIAAAAJaAEHCgBzdgb8MSNdBT4Jv7BvdgTkuEffyEVmDhzA9I19uxeKnVNYWUEkM9cl405_ot3Q7V5YI5HsdKExzhIuoNpQW3GdTbobk6ox3ELSTEiKSjj-vbrINY5qGLtV27GcdJTHXiRXY52JVWpeK7vXZL7EiZJFmA59gpkCsQ5J3VAzW6j2B-f6MZ5Js8YsGH3rRktuARuXl6DBeMSna_rcyvYMQ9l5LuA8LLRx2AKBZCCdXxt7Sm_Ekip0mQgAg7C9olvLckmGmicIQj5ApIDvD1uPryD31CHsWgdWkJJhYHfM-yKvkmy65aRX-POnNYS8zQ7JGe6mxeFBCB7n9XuWBAe7cLODuEQyvn6cSBE5WimGR_jYdwkMul7pV3F6hUUVQ3VqdedNJWoPbkL7kOpv6XtHGfsPm773-moLEWSDzKzsoGYyQcvhV4_q3coFi9YeLPo_L6ThYwdfurUdgoWgg6Y12xBYUSghOo5w3NEwdKhGbeCY_1tjaALKeFI4ndB0UL3DHwjWimwQ7zhRou6WJXBofMus6t3ELQgXiiBZvykP7F3gzOSRKduezHw0H-cPeeSt28p3ksZe4OZVPjcL4kNxxLTOLjYMu_dkvktquxTRqYCScbpaEkNFort8UmdjtQbMLKshnA-bQwosFYX5qQ8ZlxPffdlsOtLhCWDU1lQWU5S6pWj7IR3JhMEyblXTL-4KRbrKI3VNHpSGIoTr54bIXWAWNmdSoNztO3hi874LoBnXsNEB2DP2s_gLfkVHigfTF8Gcw2sNHSj3PDleV0OnWXIivQGgg1Z9YNzHIUM6mJn5cioqy6SDWieDrkYKwN7pXJAMyNnmAJOG5ybBxrf5FisY-tSoph99JeAmQNIxCQxuSaiLVfGn8GkGn1PZ7jXGLj9Sru7sVKszW5oYSkH3kXXIzuEjs8C3ZAPV2Uo7UwQx0jszoeGvMR3qayEkx0Mhf26xJkbQHWax9ozwLKTcDIrpttD6G16Rd9-O-RcHdsFuTcvJnq3dlSSnMDshrkV7jUvoPT7d2rFGVlkBz2o6zucW7ZJ789fAAIpCDLsBzfVhhoY6Bpavyqdt
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 tag236648 Show response
ads.revjet.com/ Frame 285C 209 KB
32 KB 66ms
65ms Script
text/javascript 65.109.27.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236648?_plc_id=111757319&_key=1e6&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj68lD4gUZIXBH_qP7_UPkpG9qAn326u7bviOksXIEf_Ror3AARABIMqc9yNg6eTJhdgaoAG5rJCLKcgBCakCUPnr22nXsT6oAwGqBPQBT9CmJX1a5Q7IFDoVlxfk-KGRMcqaFHd8sLSI2-JCFKSlR6iPs4zzofkHOMFhNogM2lGJy-OA_gpJXxOUjiteFRr4Q92hYSyp6giB2SApG6Iq6WsJLz5umqdiAj5hk8gRpY--OIGLlmgjlcNt1C_TgWpY_2_vDW3kaEJa5fMZT_XWN9BJDsMNyQzDK8xw4vpWY06u7K4IjJBHSt4WHkhRKZU1fdFVYPLYxYp7RDOuHr0sZgJjxgzgOQi3DcT0a1pnoQiQpSm5T3xXM6YO2h7yIruDQ_t23e55xM7qh7XlsPr_XrfVsXjIdo6hIQ5g5sFkUilvZMAE9sb5nasE4AQDkAYBoAZNgAe55ODqA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE8HlsxLQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDUE5ymXfA4JiwvWngqv_RQC0tMDCC-hjAlXzFGhWSd-SfY1tNKxHmBGAE%26sig%3DAOD64_3dGwyKS_6GdQcUtBM_DCEi3H-IQA%26client%3Dca-pub-7382640443023261%26dbm_c%3DAKAmf-Ai7PkWr7BjSa3cTuPHH8nIDrU3UeOER_QMSnt2mjcuIJNo5MfhJmlyRvUqf0PjHF2aGvVdmyW0k8Tml0QeACBQhXXIsRnu1peOuNQMDqAqN0dU6q7MWAQO2dbkHOdroWSJfvX48_l9Daf7PMgU6HIvJ39g242Z2FoXxsZbL5cdrdCSgAs%26cry%3D1%26dbm_d%3DAKAmf-Dz60Tz95feBqU71iLjTklGTaGM94YHqLmQ8HU58W_Ig8nBsiW_PHe5V8TFscelfVvX8b_cjRH8A5mDhBXCtCuLCHolzVd8K25bKUkqSIfKM2ePyDP77yQcDvTW81YP8StayeKeHgBNuZQ3kupKLZUQItxcMbwYX2yYB1PylQ0rrUBS02G5NvQuH0iXqkCW7GSlqB-6gk1nU1_RZbu9687lhF_dAXmGJiPjPiOeQSdpb8rwcmW0Wv93oFpgSchBLmEWoljxw_an_eMBSuEF0F9SBUioVIOE4TjSB86Qgg3Ar1SFGtHEuhpr7O7y3pV_yx2Cqehvqsdvznfhw9fnQhLCXZhlrK7uMjawAX7Z8RS0HAQmeg09eiGJRqL9vEjBeJvkxAH7eeFiyzgueDgWBLZzPrXKDuUWlN9DRTO1gvGgkXKW__1vrJneAxp2RMV2lkeHjWItgb6MuGAO5opbOU9kPkKipAQT-a6l83pe080dvjZOD54KfdC45SkrNs285HUNXN0X8wqJDBtu5BOXogbSL9fuHOzHEU4d5uUwOmEjvLi9ly1T23jFKSeKnx_u7gcWoUPfFy2bRhjCEHsMSaO7fiK6J_BKTWUVKQ58huj6KR8MA22y_ZVaDTA0E9nFqYOMnX_7%26adurl%3D&dv360_cmp_id=19568699440&dv360_li_id=1010458177&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Ff5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&_js_site_ref=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=73672d375deac85c7b6f_1679067153675&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fs.yimg.com%2Chttp%3A%2F%2Fwww.rinehartfarm.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.1&_js_tstamp=1679067153699
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.27.133 Tuusula, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.27.109.65.clients.your-server.de
Software: nginx /
Resource Hash: cc4c5c3aaf85324fb340c27dec9ba238e684157be33b229b9789420c1b887829

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip51853
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 tag236646 Show response
ads.revjet.com/ Frame D5AE 212 KB
33 KB 129ms
111ms Script
text/javascript 65.109.27.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236646?_plc_id=111757295&_key=e5d&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbXNnD4gUZM3fJMGXjuwPraCooAO0iLy8bqK4-JW6EfT1iNbEBhABIMqc9yNg6eTJhdgaoAG5rJCLKcgBCakCUPnr22nXsT6oAwGqBPgBT9AMAXxh4TlGuvWVaNyHtUuRQsh3k13Ushz7cJFENsQ_ooserYDyRiOcBF4LTwZNy6OnXO3pOP4ZGRuT8y0toRslovsk6-zyYA8MJFHtdOvXkikRktS8WDAXBl3JAH7RAlmE9Z14ys_DioGliE66M8kxqzignaKqm6-jpve-HtBAGTYDoY7RFAAIFSHg_4wzYmuh46jvj_VyWgRyj8pVc70jdzkoSkQX9l3s-uaGA8z3GLTZseul0OLK29dyms639pdjtHboUGCk6JLnv3i70tzzyyXy6KG7E6t24CtNmBi9SQDvBIWYDVCcm_rpzFfJClKT33lgjNHABJ-Z7aaeBOAEA5AGAaAGTYAHueTg6gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBAgAoDmAsByAsBgAwBsBPB5bMS0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQDUE5ymAmTmNiccnEDp2aYSTcT3FXffOJUJIzAgfWJUB9Umyd8oFXuOGAE%26sig%3DAOD64_2DBlRLrvypqYeOm_kH00o1bFxPzA%26client%3Dca-pub-7382640443023261%26dbm_c%3DAKAmf-BjG2oZb_zjZ-uV2meYUfAdhojvsa5gygVRxbnf-RcbwQqE0ykvM2SDPTHDEyWWMXJORGJLgUPnzZiFAGWw-wmsuvG8Rvqn3FhemU8ZGYdTLdfnly0ZpIRx1s8pJMNZjkBAflys2ZY0JEHjLGM7v9qgvrwGhH8xpND3In61E5uQrR3CNUE%26cry%3D1%26dbm_d%3DAKAmf-DNWSlIcVIcRXdhmWMicZW_yOP9IoyuMQ0GFgazBSZ0DgfRCjnuszmwbLqx91B-ArHTul8ylrqXSAj_KjC8x5a-bdyWeAH2rQ0F7ppIVtpaHHS94LxLhvYBWOfZFwIl-GD4c5OmlMgd78v_m_v5NECa3ArHbD0LBVfSa6L7QgETrw9BiP8K3h_G07SQcZLjNqRmX4lBpErNmTkD7UPND6wpgX3B59awv7sZjer080Z4OXVlOzS0NGD8fLrqH5upYDTgBECrmq20YHg33jpZ1pOr0F4l14oAiTancyUkuNfFKy7SQkjK9gUETNhzy1X6GqHlhQc4CsGyWZQTH9DeChnlIq00TOSOlDxwnZ-92o9u8-IQqXOlIxaDxUASi3DY3rC0ouGFSR364XSZnpnxMiNSqICU-HEV-WrNEwKxTjmItA3WztMKiNcgpzlpsK7U6pDoEJv7ZZIRCqjXa1JOGgV-S-XnlLpHBad7il9OP9V1sG8ks2LE1INdDCPsehW_zXAre_fYaf6pv5NpjsdWWSFCN2RBbUOgn_SCvzD-IVqCFwm-4IM78LB2oV8Czceih103lzMQmKwB5pmYVzd_zRdLoxAfEbBB0AnevIem4aKWtPsncVQ%26adurl%3D&dv360_cmp_id=19568699176&dv360_li_id=1010458177&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&_js_site_ref=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=73672d375deac85c7b6f_1679067153675&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fs.yimg.com%2Chttp%3A%2F%2Fwww.rinehartfarm.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.1&_js_tstamp=1679067153726
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.27.133 Tuusula, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.27.109.65.clients.your-server.de
Software: nginx /
Resource Hash: edb49787e4cd98a3bc1b099b4cb6012cc691e1c251f842a5d643aac6e40cedb4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip51853
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 tag236646 Show response
ads.revjet.com/ Frame 211A 212 KB
33 KB 79ms
65ms Script
text/javascript 65.109.27.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236646?_plc_id=111757295&_key=e5d&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbFlDD4gUZMabK5ah9u8PmKW-2Au0iLy8bqK4-JW6EfT1iNbEBhABIMqc9yNg6eTJhdgaoAG5rJCLKcgBCakCUPnr22nXsT6oAwGqBPgBT9ArnBAADf4ynfXQDv26swCIKz8Wbl0nOGD2_nKmXAm37QWPnB1j2DL6ZljyaA_LDQevCGT4xljOcBw8ihzFvSmr8x_DBTDHnZ_1rQBwx8H7gPBmsy0rZFJPk6K4TsQHeHS3th6MQnhO2QAYCiqzza6nkNwH_zaWbbIFNZPnWR-ycJ-o6CycTi6tDCdzj_XuHBdpVTJXj6Q7kf_pITTuGlgYgPxbRQqgKaOHdjapFUFu970l0JqWde3KBPoILYoTb5RvximLgoEcEJoSVWlb9uXfvIrk2VnrLhhyicN-BkdEjhXJqPpKtkwAKPcJH5XD8cqZy5-Vin3ABJ-Z7aaeBOAEA5AGAaAGTYAHueTg6gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBAgAoDmAsByAsBgAwBsBPB5bMS0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQDUE5ymHuoO-SplsPF8NscA88tN2xbFj0q7mSveDS-LxhTHz6feYz7ZGAE%26sig%3DAOD64_3O23UmWutWphFu1EbLH4pP5mSMmw%26client%3Dca-pub-7382640443023261%26dbm_c%3DAKAmf-AGFy5srMzAtuceOy5AD9hgaxcOQdUv3BkABxqlDnPgMUVouyHogWrJDOeln0_XtdFQFF1LvLRCViailrHq57Tc6lcdLi9WMgpkYrziQ3zmT8S3voO-bam7bCdvQYned6TKX8TsfgfhKiZ2MyCskGOnhR2yTMkXnxcKSyt_sscOH3WrC9o%26cry%3D1%26dbm_d%3DAKAmf-D0M1kT1i1b07hT1P5x6q5Sa9LGe2keFp_ycuE8O7HHdDOt7le4uQTfMa49qIsww5fgvpV5UwR80nuTH5MERVeSeGpCnvPRFRFWeWlQkick7i4clZyteFEK3x37tYaPCi_GjqdTyZUX9DRaWvDkie5YS5SbAgNvtp0mItdoYWzUnEw0TR72mmXgwTqKoO3A0_jHzfMcwjExPLrh94WUR5T4okla3cCsnT9mCP6A7HWxj0swCs1i8nfqYhQsVxkwuUyMAgwhQUWkF4DRFe9w1BRu_7ZwyC_KsKV_CyfYlNCrDLcXnW_jryhm8Xl6pepfHvGlbtziCRcRAfKzgDcv6M6pPC8laBR9cORQ3H-9atQAsebqhzLgl3ZJmu7N_tqCo_CSbpM1flMnXWFzZTPpa6TB_eeMmoylYQKe7gRnigPwDU7vPO6lJ4V4oullewvaZQWa6sKkjKdurhBo9faffRJk66qys4V_GRVvGbfrkN7tD2vpCansp-r4GS1xRd0AulDMQMHgZXerEnAdRr-2_vqQzyYVGdPuE5StqPRE0y_9q9cGlxKuRN9f_rqc8uBZM5dh7Aspwqv1y8W_-xzxLyhwKqbpwsEUwQNH_fTRUZ8HaDp5gsU%26adurl%3D&dv360_cmp_id=19568699176&dv360_li_id=1010458177&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fda01d550c5d48615848150885a12d039.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&_js_site_ref=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fhtml%2Fr-sf.html&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=73672d375deac85c7b6f_1679067153675&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fs.yimg.com%2Chttp%3A%2F%2Fwww.rinehartfarm.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.1&_js_tstamp=1679067153731
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.27.133 Tuusula, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.27.109.65.clients.your-server.de
Software: nginx /
Resource Hash: 7cac8328e6f80b080b5a617d7f0c0bd939938cb1af9ac6b41a3e364ad791b476

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:33 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip51612
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame CBFD 165 KB
49 KB 161ms
63ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FF12) /
Resource Hash: 960b3610786dfefa02d7f8dffe22268d0f4553c5d5f0a390ea9a31263c7aa0b3

Request headers

Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
Origin: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2023 06:20:03 GMT
server: ECS (wmi/FF12)
age: 523
etag: "64097a93-293b5+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 49763
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame CBFD 43 B
278 B 190ms
60ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=5188da93631daa6aa5b68892bed168c7&__adt=8240602929706784935&__ade=1&vid=5067789859707651387
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame CBFD 33 KB
33 KB 40ms
33ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE91) /
Resource Hash: 3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 1719
x-amz-request-id: NJSB90K4SYEN0B33
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: F71kmqtgipnvcj5o4hsj479U6qpqr/L1HoBdgNn6jgbmNV002TSmYjmLmXRWtEVkHShjWQLZCi8=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (wmi/FE91)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame CBFD 56 KB
15 KB 39ms
31ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8B) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:32:04 GMT
server: ECS (wmi/FE8B)
age: 379
etag: "6283ce04-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame CBFD 3 KB
2 KB 46ms
39ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FF12) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 1753
x-amz-request-id: E7FZG9VPWXGJQKS6
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: NwXFcGH0RgxFX11PdrazFpgjU//y/AhRoqMcLbtXecubvhMVHIWMvTnPykQdS81F1uk5LetUQmY=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FF12)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame CBFD 632 B
626 B 54ms
48ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE87) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 1149
x-amz-request-id: MTGTBZCQF5JKH89S
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: uBi1RMvLks1y4DKNY0LSD9Q11NRgzuSFVmNR7cCYJgH5e91p/M5cNwDoeLxiQP//PEfJO49fmVs=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FE87)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2

200

B29251386.357500449;dc_pre=CMq5msqk4_0CFe6Kgwcd9RsBfw;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153735
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame CBFD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=16790671...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_pre=CMq5msqk4_0CFe6Kgwcd9RsBfw;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_chil...

42 B
118 B

109ms
61ms

Image
image/gif

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_pre=CMq5msqk4_0CFe6Kgwcd9RsBfw;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153735

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500449;dc_pre=CMq5msqk4_0CFe6Kgwcd9RsBfw;dc_trk_aid=548435070;dc_trk_cid=185424926;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153735
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame CBFD 43 B
277 B 173ms
68ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=5188da93631daa6aa5b68892bed168c7&__adt=8240602929706784935&__ade=1&vid=5067789859707651387
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame CBFD 34 KB
34 KB 84ms
29ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE88) /
Resource Hash: 0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62

Request headers

Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
Origin: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (wmi/FE88)
age: 36
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame E408 165 KB
49 KB 82ms
66ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FF12) /
Resource Hash: 960b3610786dfefa02d7f8dffe22268d0f4553c5d5f0a390ea9a31263c7aa0b3

Request headers

Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
Origin: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2023 06:20:03 GMT
server: ECS (wmi/FF12)
age: 523
etag: "64097a93-293b5+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 49763
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame E408 43 B
276 B 113ms
64ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=54f0aa204147b7bdc32bcda23bcdaeef&__adt=8240603734949663392&__ade=1&vid=5065670001289299298
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 Hero-Images_(3)_optimized.jpg
cdn.revjet.com/s3/csp/1671561686140/ Frame E408 16 KB
16 KB 32ms
30ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671561686140/Hero-Images_(3)_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8F) /
Resource Hash: 77c5cdbc83b0855ebaf60ef5c11294bd48264fe71b7d8cf2a691c280d3babb97

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
x-amz-version-id: 15hNKG4X6cxQlccGhxgsDtcMV_FNuJvm
age: 1818
x-amz-request-id: G50W903WB9P1KP8Q
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 16381
x-amz-id-2: kpWaNX/uBkmA+vjEyoXwZ78PWus8VD1ZcFR084TyF2gM7qN2oBlj5xJ8h3m9C2K+RHh1HfQIi+A=
last-modified: Tue, 20 Dec 2022 18:41:27 GMT
server: ECS (wmi/FE8F)
etag: "27c89caa7a8c1e2f9e1c222c49d2e484"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame E408 56 KB
15 KB 31ms
29ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8B) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:32:04 GMT
server: ECS (wmi/FE8B)
age: 379
etag: "6283ce04-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame E408 3 KB
2 KB 34ms
32ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FF12) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 1753
x-amz-request-id: E7FZG9VPWXGJQKS6
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: NwXFcGH0RgxFX11PdrazFpgjU//y/AhRoqMcLbtXecubvhMVHIWMvTnPykQdS81F1uk5LetUQmY=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FF12)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame E408 632 B
505 B 33ms
31ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE87) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 1149
x-amz-request-id: MTGTBZCQF5JKH89S
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: uBi1RMvLks1y4DKNY0LSD9Q11NRgzuSFVmNR7cCYJgH5e91p/M5cNwDoeLxiQP//PEfJO49fmVs=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FE87)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame E408 43 B
276 B 57ms
56ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=54f0aa204147b7bdc32bcda23bcdaeef&__adt=8240603734949663392&__ade=1&vid=5065670001289299298
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2

200

B29251386.357500440;dc_pre=CP2Hncqk4_0CFWaFgwcduwQO5A;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153771
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame E408
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=16790671...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_pre=CP2Hncqk4_0CFWaFgwcduwQO5A;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_chil...

42 B
107 B

76ms
74ms

Image
image/gif

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_pre=CP2Hncqk4_0CFWaFgwcduwQO5A;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153771

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_pre=CP2Hncqk4_0CFWaFgwcduwQO5A;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153771
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 6B7C 165 KB
49 KB 41ms
38ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FF12) /
Resource Hash: 960b3610786dfefa02d7f8dffe22268d0f4553c5d5f0a390ea9a31263c7aa0b3

Request headers

Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
Origin: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2023 06:20:03 GMT
server: ECS (wmi/FF12)
age: 523
etag: "64097a93-293b5+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 49763
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 6B7C 43 B
169 B 64ms
62ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=81b87738199c6bbafe20435e8a36fec7&__adt=8240604030584579854&__ade=1&vid=5067789859707651433
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 Hero-Images_(3)_optimized.jpg
cdn.revjet.com/s3/csp/1671561686140/ Frame 6B7C 16 KB
16 KB 40ms
27ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671561686140/Hero-Images_(3)_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8F) /
Resource Hash: 77c5cdbc83b0855ebaf60ef5c11294bd48264fe71b7d8cf2a691c280d3babb97

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
x-amz-version-id: 15hNKG4X6cxQlccGhxgsDtcMV_FNuJvm
age: 1818
x-amz-request-id: G50W903WB9P1KP8Q
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 16381
x-amz-id-2: kpWaNX/uBkmA+vjEyoXwZ78PWus8VD1ZcFR084TyF2gM7qN2oBlj5xJ8h3m9C2K+RHh1HfQIi+A=
last-modified: Tue, 20 Dec 2022 18:41:27 GMT
server: ECS (wmi/FE8F)
etag: "27c89caa7a8c1e2f9e1c222c49d2e484"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 6B7C 56 KB
15 KB 38ms
24ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8B) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:32:04 GMT
server: ECS (wmi/FE8B)
age: 379
etag: "6283ce04-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame 6B7C 3 KB
2 KB 43ms
28ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FF12) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 1753
x-amz-request-id: E7FZG9VPWXGJQKS6
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: NwXFcGH0RgxFX11PdrazFpgjU//y/AhRoqMcLbtXecubvhMVHIWMvTnPykQdS81F1uk5LetUQmY=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FF12)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 6B7C 632 B
505 B 44ms
29ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE87) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 1149
x-amz-request-id: MTGTBZCQF5JKH89S
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: uBi1RMvLks1y4DKNY0LSD9Q11NRgzuSFVmNR7cCYJgH5e91p/M5cNwDoeLxiQP//PEfJO49fmVs=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FE87)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 6B7C 43 B
277 B 76ms
62ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=81b87738199c6bbafe20435e8a36fec7&__adt=8240604030584579854&__ade=1&vid=5067789859707651433
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3

200

B29251386.357500440;dc_pre=CPK6oMqk4_0CFdMi4AodF-MJSg;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153780
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 6B7C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=16790671...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_pre=CPK6oMqk4_0CFdMi4AodF-MJSg;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_chil...

42 B
63 B

109ms
101ms

Image
image/gif

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_pre=CPK6oMqk4_0CFdMi4AodF-MJSg;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153780

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29251386.357500440;dc_pre=CPK6oMqk4_0CFdMi4AodF-MJSg;dc_trk_aid=548515291;dc_trk_cid=185781942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1679067153780
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Hero-Images_(3)_optimized.jpg
cdn.revjet.com/s3/csp/1671561686140/ Frame E408 16 KB
16 KB 48ms
31ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671561686140/Hero-Images_(3)_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8F) /
Resource Hash: 77c5cdbc83b0855ebaf60ef5c11294bd48264fe71b7d8cf2a691c280d3babb97

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
x-amz-version-id: 15hNKG4X6cxQlccGhxgsDtcMV_FNuJvm
age: 1818
x-amz-request-id: G50W903WB9P1KP8Q
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 16381
x-amz-id-2: kpWaNX/uBkmA+vjEyoXwZ78PWus8VD1ZcFR084TyF2gM7qN2oBlj5xJ8h3m9C2K+RHh1HfQIi+A=
last-modified: Tue, 20 Dec 2022 18:41:27 GMT
server: ECS (wmi/FE8F)
etag: "27c89caa7a8c1e2f9e1c222c49d2e484"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame E408 34 KB
34 KB 40ms
30ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE88) /
Resource Hash: 0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62

Request headers

Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
Origin: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (wmi/FE88)
age: 36
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7C7 0
20 B 91ms
90ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfXHKEIgUZOrQJpGSjuwP4I6UwAkAAAAAOAHgBAI&bg=!2Nul24_NAAZEjmHWZI47ADkAdvg8WvlR6w1PpUkpaHhDTyILRrUqNTO8FzPlP2XLPldgUuOmQ-G1S7YnCJGET-HEigrwVcz3hkgCAAACL1IAAAAEaAEHCgAKWF8MR_Ypx6kp55kDDBadAKlRfYMjSJIU8PkpHneSa0bf4HSi8cLIP7Xs7P5KhQaIUkjA6P_tLoNIFnekr26cD_DmtBZasMf6TQNjbQolnpAluZuzL-qdjZnMqVPOZSJmnYG3I4obs8-bk-vl26rTx2SliHCjDJ6TnwdUbP-n1VpLFFfDlxUgiwA9dky4RE41K8F4oKlueJKXQx64w1GXGKbrIy5sWzGSWh2Kr93J7o7q2yoMx2wT5VNaJN9bzn0TAYeEMB2efQKiaBpjk2aEvCt6yQSy7mvlkNKVCVuSOb4JS6mlvjmaWOMTEGSxgFo0uTj9Mg1fqOYy2p5yIKfENM-VTF3twqPxF6tBKCh3P2kGUza6tZ_BDVJIs7h89GzJfW4f2jsgZoxqK7Qoe289eStmkBtCjlFzLMwNtdiBiroxOL5WQCNEaI58D3Iv5rYHUw8ryiXao5vI2-6HyR6WPAeKtWUYarRH7xfpeFObltTk1cetQ1IoqZmKI-_S1P1x6SNKn-MGVc9fR3fPNNmpIs0_k7YRY_2YPheMgRgqz6S2JMouX__M_Xvdr0SN6oa5cwYf53NthRGYZXnMtFoD2PmxqZuiwzm3NDqjKuzXtKybEtxc1WilMFsLKCmo5zAQ1gU0DHOhLbaI2fgE9tW3-1C9gX6f-Lt-uICDeZOZPAFk6sX0Eb8DgQoYLG4Y0RxdVkxsmwXs74I5e1bGptncOxAUhFF6wb94EBpvIwzO7OGFksJ8-vYIeFXqgAjvVFXB0H6qv9DZYCKHZiwlhW_lXDLDj3WzC7LX3FbdcDw-Cl2nb-YiWGQ0BMvw9VUk50iY7JwGbwbHTbNz7Z5y7__9LJ3ySG4Vc3ZNuD4TMjq0YCgL5EN0bfRoPqmY9nLeb_9wleXHMOT00s_F7MzRv680RUitobl7LLixZF4Lp8TL2olfzr0v6Ky4bqCfvY-B4rxb4AolPkaem2XgSnkoppfal6fF2N65Teyyn46QAQMHuM2_rLE_Qr1YtOm44Ys3uRFgIOaVoe1FF0cGfAGlCxkPWcf665okOkI6KQ

Requested by

Host: 5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
URL: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Hero-Images_(3)_optimized.jpg
cdn.revjet.com/s3/csp/1671561686140/ Frame 6B7C 16 KB
16 KB 39ms
30ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671561686140/Hero-Images_(3)_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8F) /
Resource Hash: 77c5cdbc83b0855ebaf60ef5c11294bd48264fe71b7d8cf2a691c280d3babb97

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
x-amz-version-id: 15hNKG4X6cxQlccGhxgsDtcMV_FNuJvm
age: 1818
x-amz-request-id: G50W903WB9P1KP8Q
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 16381
x-amz-id-2: kpWaNX/uBkmA+vjEyoXwZ78PWus8VD1ZcFR084TyF2gM7qN2oBlj5xJ8h3m9C2K+RHh1HfQIi+A=
last-modified: Tue, 20 Dec 2022 18:41:27 GMT
server: ECS (wmi/FE8F)
etag: "27c89caa7a8c1e2f9e1c222c49d2e484"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 6B7C 34 KB
34 KB 33ms
32ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE88) /
Resource Hash: 0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62

Request headers

Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
Origin: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (wmi/FE88)
age: 36
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame CBFD 34 KB
34 KB 34ms
33ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE88) /
Resource Hash: 0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62

Request headers

Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
Origin: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (wmi/FE88)
age: 36
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 TiemposText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/ Frame CBFD 34 KB
34 KB 37ms
36ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/TiemposText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8D) /
Resource Hash: 5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c

Request headers

Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
Origin: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Tue, 31 Jan 2023 19:46:47 GMT
server: ECS (wmi/FE8D)
age: 552
etag: "63d97027-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame CBFD 632 B
505 B 46ms
43ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE87) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 1149
x-amz-request-id: MTGTBZCQF5JKH89S
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: uBi1RMvLks1y4DKNY0LSD9Q11NRgzuSFVmNR7cCYJgH5e91p/M5cNwDoeLxiQP//PEfJO49fmVs=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FE87)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame CBFD 3 KB
2 KB 47ms
45ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FF12) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 1753
x-amz-request-id: E7FZG9VPWXGJQKS6
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: NwXFcGH0RgxFX11PdrazFpgjU//y/AhRoqMcLbtXecubvhMVHIWMvTnPykQdS81F1uk5LetUQmY=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FF12)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame CBFD 286 B
460 B 35ms
34ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 1781
x-amz-request-id: WJMRQCRA68QMCR92
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: xKn3T2XfVL78ytk5irMTeTAS4WRBAmkd+vNREC2AehrXOayBAn4OkLWlZ8lPtzgNDY+S+Yw/Ntc=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (wmi/FE8C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 HelveticaNowText-Medium.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame CBFD 36 KB
36 KB 39ms
39ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Medium.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE87) /
Resource Hash: f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e

Request headers

Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
Origin: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (wmi/FE87)
age: 26
etag: "631b6705-8e74"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 36468
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame E408 3 KB
2 KB 169ms
6ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FF12) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 1753
x-amz-request-id: E7FZG9VPWXGJQKS6
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: NwXFcGH0RgxFX11PdrazFpgjU//y/AhRoqMcLbtXecubvhMVHIWMvTnPykQdS81F1uk5LetUQmY=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FF12)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66BB 0
20 B 254ms
152ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH2prEIgUZMS7I92I9u8PidqxkAkAAAAAOAHgBAI&bg=!MDOlM2fNAAZEjmHWZI47ADkAdvg8WtJGq8GOldjWwK3WbrBCgARvH7995uca4XlLAozGo6Vcff4Ej3ctvZVJsnl9DooulWDbGHQCAAADK1IAAAADaAEHCgBs6j9wNPVW6_2c4TE8C4Y9BYDYG6MxEZlZ2_EhgH7g-bUFNtcJZJ8WdXGlsyTEcTflJ-Zvxd9FaHtl3L7qpA-5djsTup9HZObA5axZjeGttVjEzIzINZK89DlMDQbmiYn03vobo6vgFTFHzeC2mQMJBVq0hv66y7uI5vGS1oUlI-AbCE_pXRDCJ9Hs7bqv5W6NEiA_qLPgZzkTJwddv0SDIN0j7hX5LJzMdp52ClhNPb-TMcOkZqE6hwVCGWK2hxM_szxzBio9VSZ-pInDgSK6tFvLJU3qYnnEx_3pCWH-HXjw0EIyNU6OvqajG-IR5MajxEBne6bV0SlrHr1_F43BLDv7kiVLEx7PNMdyfrTC_pOvRul_pzsuBvGa96jTznI54dXtomdiG2OQqXJaU3QrRi9of0vRpIw8ma-BOlCZDgJaZN9XrJB2tnNynz9haNUpEVf9d6xThyseUjDjEFTcFvE3apdYQUrAUm2uw7CQfSZms13ea-vaLDFPHQkeCdz8OlxZmu4UuQEIGH0h9jZsjqN7e7Z9dLXurJ3syz4AjTWMBard_VmzqYX06C_05F7LrEsL2IlePeKYpHDRA3b6JXiYhj17ZLuwhiEfHtK-ZO1qWK4LyQkNfujWNA2KlMWvW7II9URk7O_tI7ztiHVjMJRA1CKDMChaJTE1jZUVbI3hXhnnvSDPF4zD84OASZgP4krcZynQ4fMhHBVcZnuoZfxKG19rFPANw2-QpMHpidX_s8IJWLphJhr_w7cCHb7q0C_wpiJkc8D9VmP4YvFXG53BPE50wH--irrxNEqZu6pN75RlyxuzDw0yxmxrJ_PjYsBd9erT0qPrpUZbx_irzv2LZFUK3rBJ2JmCIaErJOfaahLwkLiuXiHRVBJXNLRkVKqCJK4lmFHt9-1vNpPPUt--J45fUcWe-yNVLRapRX6YFTdtiy0KURvYvJTdq8qRAzKEOIm63vrK4WkUDjwRjfVi7vixyOJSHn-8dX0CrjF2Hhukg0fZDriCe487V9RlqhmkgnoP35AIvT9mvNHVYa8oqyjBhZWSJEzpt79fUrYXlmyETrNIU4YMIs3MW9xMGEFgoHD141IlptGnXFfGkgmXNxnlwuK2kYy53g48nN93wwFFSmLQ-wH3THUYIUcA2Q59nOiNgokFuQ29jFAd5WPaexuWg9sm

Requested by

Host: f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
URL: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame E408 34 KB
34 KB 182ms
37ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE88) /
Resource Hash: 0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62

Request headers

Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
Origin: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (wmi/FE88)
age: 36
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame E408 286 B
315 B 180ms
0ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 1781
x-amz-request-id: WJMRQCRA68QMCR92
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: xKn3T2XfVL78ytk5irMTeTAS4WRBAmkd+vNREC2AehrXOayBAn4OkLWlZ8lPtzgNDY+S+Yw/Ntc=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (wmi/FE8C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 TiemposText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/ Frame E408 34 KB
34 KB 159ms
38ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/TiemposText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8D) /
Resource Hash: 5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c

Request headers

Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
Origin: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Tue, 31 Jan 2023 19:46:47 GMT
server: ECS (wmi/FE8D)
age: 552
etag: "63d97027-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame E408 632 B
505 B 157ms
0ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE87) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 1149
x-amz-request-id: MTGTBZCQF5JKH89S
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: uBi1RMvLks1y4DKNY0LSD9Q11NRgzuSFVmNR7cCYJgH5e91p/M5cNwDoeLxiQP//PEfJO49fmVs=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FE87)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 HelveticaNowText-Medium.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame E408 36 KB
36 KB 211ms
97ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Medium.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE87) /
Resource Hash: f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e

Request headers

Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
Origin: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (wmi/FE87)
age: 26
etag: "631b6705-8e74"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 36468
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B4E 0
20 B 218ms
150ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BE199EIgUZJnzJ7O8x_AP_vK6SAAAAAA4AeAEAg&bg=!i4iliNzNAAZEjmHWZI47ADkAdvg8Wo2VW0wXF9MEPqdYmIRdCc8PlcsY_uHDTbSzQZHYinmXsBn576d95os57kkPUHjsYzv53FACAAAC3lIAAAAHaAEHmQMEB99ZEcajEaRuGOb93_q_X1zAX0zYrj_-kSv1tkVQGUhtuvbO6gxGPnk83LuZ-bsAVNhiPTn36iWGyKfG_w9CRsgjOny9QzHRKx55ENZ9DvEc0FIPW4PJQJx0mrR9Njo2NMI3DCFiDWS3k1ca6tc-YKujlB5l9py7DvRe4HqeItl76ig35Il15GlnNGbI9pG4NhZ8JcIZfReA_X8I2VHX0yvRnNoOGsZzhVoa_3LhG9XkIN-ZRGhsxbdB_uV3N-XoNpm9FumSHpAassg82utY_Zav6oVswYXbMt0XIZGIBoDa6Y3Sm-QVhmhpBIlaE0EHHRtRVn2pOdrrDzvMtK6kTg2OB9tegnVj0C3KtCW0Lmjr51umHoXrTuy_eExic66nlmVtwunFmL5WLo4BUQ_9nz7rx1ts1fm-Nr_vaEc0pRot7OJ5BSMiXtGGrtue7araDNtYBWwdVOIY0KAurz1Mziie42ZBDhV8l3MYBg2nN2uW3Clp42CF3z369NL1FFr-ZNqsusqPvnQ9GKIfkTW6teUQ_6hEKu9WblxMbch8ibw6dHpIvO6hJdwYpONSiy0Mwk1KSNft7smn3A5PWhb0y_lrp_Fygh8HZRqBVC7rT1s2TjpmABp5CY6hfqI8skqZtKjKKxRb7dLccT7iMjorkCgMzxo-faG1x5dAdSgeXFsPwK5xC8hkU4IdjLRfaan5udoW_45hPkzedvuro61XAHp1YVc6nHoYsBZnf6ek5OaziAilmzG6Khzhf0_LLY9vstlnlIg_iMQi4yr1bp8Ysgq-DPDeyWhdgAlYU6QBsvx7FwsRhmuuC8UcgZqA9PRgWcMY4sFEhcYV1Lt6HQQDfytJCGXP-IVMC1jinBxft2sBQyo21N8Rm1zqcJvAC8ANezOdtZn0jw39WUZj9ltMF0qYzhQg0K0Dk1F9o7Rf5rnFGfGRA_0NEmeYp24gQ5FaON91-1EjoqzrbnosntEixtVitwkqx43WyhpLkPwGp3LBrJPbz8OALKNc_BtnY5o5pL4dzQ

Requested by

Host: da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
URL: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame 6B7C 3 KB
2 KB 122ms
20ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FF12) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 1753
x-amz-request-id: E7FZG9VPWXGJQKS6
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: NwXFcGH0RgxFX11PdrazFpgjU//y/AhRoqMcLbtXecubvhMVHIWMvTnPykQdS81F1uk5LetUQmY=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FF12)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 6B7C 34 KB
34 KB 110ms
22ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE88) /
Resource Hash: 0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62

Request headers

Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
Origin: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (wmi/FE88)
age: 36
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 6B7C 286 B
315 B 108ms
21ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 1781
x-amz-request-id: WJMRQCRA68QMCR92
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: xKn3T2XfVL78ytk5irMTeTAS4WRBAmkd+vNREC2AehrXOayBAn4OkLWlZ8lPtzgNDY+S+Yw/Ntc=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (wmi/FE8C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 TiemposText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/ Frame 6B7C 34 KB
34 KB 109ms
23ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/TiemposText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE8D) /
Resource Hash: 5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c

Request headers

Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
Origin: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Tue, 31 Jan 2023 19:46:47 GMT
server: ECS (wmi/FE8D)
age: 552
etag: "63d97027-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 6B7C 632 B
505 B 106ms
20ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE87) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 1149
x-amz-request-id: MTGTBZCQF5JKH89S
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: uBi1RMvLks1y4DKNY0LSD9Q11NRgzuSFVmNR7cCYJgH5e91p/M5cNwDoeLxiQP//PEfJO49fmVs=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (wmi/FE87)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 17 Mar 2023 16:32:34 GMT

GET
H2 200 HelveticaNowText-Medium.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 6B7C 36 KB
36 KB 103ms
24ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Medium.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (wmi/FE87) /
Resource Hash: f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e

Request headers

Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
Origin: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (wmi/FE87)
age: 26
etag: "631b6705-8e74"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 36468
expires: Fri, 17 Mar 2023 15:42:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 92E1 15 KB
11 KB 127ms
94ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

758cbaa99915bbbac51cb83dcf962a873d6f40c7f734b7ec3e4f299c3f2f7641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11317
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7FF6 15 KB
11 KB 105ms
102ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073179

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ec99d2693b31685b15478b27d24b802ad42f1efc85c56bd24c8b72f93e9a885c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11402
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 92E1 17 KB
6 KB 76ms
74ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js?cb=31073178

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 15:32:35 GMT

GET
H/1.1 200
OK p
geo.yahoo.com/ 43 B
618 B 76ms
76ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://geo.yahoo.com/p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=1183310220&pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-10-1&D_l=137%2C-1%2C-1%2C-1%2C-1%2C-1%2C-1%2C140%2C3484&D_m=0%2C%2C4g%2C1%2C&test=&D_e=&D_p=6%2C11101985%2CLDRB2%2C728x90%2C999999%2C999999%2C999999%2C0%2C0%2C6110%2C7%2C-1%2C26888736%2C-1%2C2%2CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%3A-1%3ALDRB2%2C2%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C6%2C1%2C6%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C3%2Chttp%253A%2F%2Fwww.rinehartfarm.com%2C%2C7%2C2%2C3%2C0%2C0%2C-1%2C0%2C-1%2C-1%2C-1%2C-1%2C-1%3B&D_res=%7B%22LDRB2%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgampad%2Fads%3Fpvsid%3D2993873594767416%26correlator%3D1455580222191215%26eid%3D31072029%252C31072879%252C31073178%252C31073204%26output%3Dldjh%26gdfp_req%3D1%26vrg%3D2023031501%26ptt%3D17%26impl%3Dfif%26gdpr_consent%3Dtcunavailable%26gdpr%3D0%26tcfe%3D3%26iu_parts%3D121124594%252Cad-exchange-gpt%252Cyahoo-nonmail%26enc_prev_ius%3D%252F0%252F1%252F2%26prev_iu_szs%3D728x90%26ifi%3D1%26adks%3D2919979242%26sfv%3D1-0-40%26prev_scp%3DADPOSITION%253DLDRB2%2526SITEID%253D222418%26eri%3D4%26sc%3D1%26cdm%3Ds.yimg.com%26abxe%3D1%26dt%3D1679067151464%26dlt%3D1679067148884%26idt%3D2323%26adxs%3D0%26adys%3D14%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26scr_x%3D-12245933%26scr_y%3D-12245933%26ucis%3Dddljli89pq5w%26oid%3D2%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26bc%3D23%26nvt%3D1%26nhd%3D1%26url%3Dhttps%253A%252F%252Ffinance.yahoo.com%252Fnews%252Fchinese-bitcoin-mining-company-delivers-084958533.html%26loc%3Dhttps%253A%252F%252Fs.yimg.com%252Frq%252Fdarla%252F4-10-1%252Fhtml%252Fr-sf.html%26top%3Dwww.rinehartfarm.com%26frm%3D24%26vis%3D1%26psz%3D728x0%26msz%3D728x0%26fws%3D256%26ohw%3D0%26ea%3D0%26ga_vid%3D1425467741.1679067151%26ga_sid%3D1679067151%26ga_hid%3D1154060573%26ga_fc%3Dfalse%22%2C%22dur%22%3A341%2C%22st%22%3A2815%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fweb-oao.ssp.yahoo.com%2Fadmax%2FadServe.do%3FbrxdSectionId%3D96306051%26brxdPublisherId%3D20459933223%26ypubblob%3Dlmsid%3Aa0V0W00000HOchMUAT%3Brevsp%3Acoindesk_75%3Blpstaid%3A58cd28cb-d225-3f64-a522-31500d475d2c%3Blu%3A0%3Bpct%3Astory%3Bpt%3Acontent%3Bsite%3Afinance%3Bver%3Aarticle%3Bpd%3Anon_modal%7CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%7C1183310220%7CLDRB2%7C562354421%26brxdSiteId%3D4451051%26yadpos%3DLDRB2%26pos%3Dipemeafinanceldrb2%26ybkt%3D_BUCKETID_%26us_privacy%3D%26gdpr%3D0%26euconsent%3D%26gpp%3D%26gpp_sid%3D%26wd%3D728%26ht%3D90%26of%3Djs%26csrtype%3D3%26req(url)%3Dhttps%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%22%2C%22dur%22%3A340%2C%22st%22%3A1054%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Ftag%2Fjs%2Fgpt.js%22%2C%22dur%22%3A149%2C%22st%22%3A1673%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fcdn.js7k.com%2Fix%2Ftalon-1.0.40.js%22%2C%22dur%22%3A141%2C%22st%22%3A1674%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2023031501.js%3Fcb%3D31073178%22%2C%22dur%22%3A103%2C%22st%22%3A2005%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%5D%7D&t=1679067154991
Requested by: Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/
Protocol: HTTP/1.1
Server: 188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: media-router-brb71.prod.media.vip.ir2.yahoo.com
Software: ATS /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:35 GMT
server: ATS
Age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
Connection: keep-alive
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B99E 15 KB
11 KB 96ms
96ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

d38366fd515d06caf14f099ecafb648a1ba56f2a01d2d48f76e7367aeb0330ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11383
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7FF6 17 KB
6 KB 71ms
63ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073179

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 15:32:35 GMT

GET
H2 200 opus-frame.html Show response
opus.analytics.yahoo.com/tag/ Frame 995C 10 KB
4 KB 149ms
31ms Document
text/html 152.199.23.180
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.180 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (wmi/FE97) /

Resource Hash

e65f88b906309e0531ef61775a5f45f2f8c152a0121840707ef109a44b9d24e3

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

Referer: http://www.rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 165121
content-encoding: gzip
content-length: 3645
content-security-policy: default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-type: text/html
date: Fri, 17 Mar 2023 15:32:35 GMT
etag: "a26f3818e8e781b7435cd7881cf5a29b+gzip"
last-modified: Wed, 15 Mar 2023 17:39:08 GMT
server: ECAcc (wmi/FE97)
vary: Accept-Encoding
x-amz-id-2: LJscXBdZdoEWiCn4jceqgSg+AaKvJGxt0koE+me19G2fV1UEITPY9ytZKsfT/6Xziay2fnTmfDE=
x-amz-request-id: Q9E880KA8TC6JKKM
x-cache: HIT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EFB5 13 KB
5 KB 51ms
46ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 9824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:48:51 GMT
expires: Sat, 16 Mar 2024 12:48:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E56C 783 B
534 B 63ms
63ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

df2f8de5e57fd499e924a697686bb07344d801814564f815c8b35645aff6ad7a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_74Bsgy2C-dFrCNKhUoxig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-_74Bsgy2C-dFrCNKhUoxig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:35 GMT
expires: Fri, 17 Mar 2023 15:32:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B99E 17 KB
6 KB 61ms
60ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 15:32:35 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7DE4 43 B
260 B 51ms
50ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=9&q=0&hp=1&vb=1&kq=1&lo=4&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147231&de=278175055980&cu=1679067147231&m=8100&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=432&lg=1&lh=155&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=1&ad=5214&cn=1311&gn=1&gk=5214&gl=1311&ik=5214&ic=5214&ez=1&co=1311&cp=1205&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5082&cd=1205&ah=5082&am=1205&rf=0&re=1&wb=2&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1133103788&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FD85 13 KB
5 KB 45ms
43ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 9824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:48:51 GMT
expires: Sat, 16 Mar 2024 12:48:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A213 783 B
535 B 54ms
53ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

daf96d13390cdcbd105d61803117076ec7980917a875f5235381ced9bf522fa3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j9eDr2Vvd3K-dO7pKRix2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-j9eDr2Vvd3K-dO7pKRix2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:35 GMT
expires: Fri, 17 Mar 2023 15:32:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 055F 13 KB
5 KB 105ms
55ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 9825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 12:48:51 GMT
expires: Sat, 16 Mar 2024 12:48:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 62EC 783 B
535 B 134ms
87ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

93a1b967e0fda822e378c6fed930f173bdbd782fef7448a73f366183dbc30267

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YxiTzrkeBqf6oGJxvohAUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-YxiTzrkeBqf6oGJxvohAUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 15:32:36 GMT
expires: Fri, 17 Mar 2023 15:32:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7DE4 43 B
260 B 170ms
160ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=9&q=1&hp=1&vb=1&kq=1&lo=4&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147231&de=278175055980&cu=1679067147231&m=8408&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=432&lg=1&lh=155&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=1&ad=5522&cn=5214&gn=1&gk=5522&gl=5214&ik=5522&ic=5522&ez=1&co=1311&cp=1205&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5423&cd=5082&ah=5423&am=5082&rf=0&re=1&wb=2&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1305266113&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:35 GMT

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response
pagead2.googlesyndication.com/bg/ Frame EFB5 36 KB
14 KB 44ms
44ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response
pagead2.googlesyndication.com/bg/ Frame FD85 36 KB
14 KB 44ms
43ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H/1.1 200
OK p
geo.yahoo.com/ 43 B
618 B 71ms
71ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://geo.yahoo.com/p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=1183310220&pvid=Cd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-10-1&D_l=137%2C-1%2C-1%2C-1%2C-1%2C-1%2C-1%2C140%2C3484&D_m=0%2C%2C4g%2C1%2C&test=&D_e=&D_p=6%2C11101812%2CLREC3%2C300x250%2C999999%2C999999%2C999999%2C0%2C0%2C6357%2C7%2C-1%2C26888710%2C-1%2C2%2CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%3A-1%3ALREC3%2C2%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C7%2C1%2C7%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C3%2Chttp%253A%2F%2Fwww.rinehartfarm.com%2C%2C7%2C2%2C3%2C0%2C0%2C-1%2C0%2C-1%2C-1%2C-1%2C-1%2C-1%3B6%2C11101914%2CLREC4%2C300x250%2C999999%2C999999%2C999999%2C0%2C0%2C6258%2C7%2C-1%2C26888711%2C-1%2C2%2CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%3A-1%3ALREC4%2C2%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C7%2C1%2C7%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C3%2Chttp%253A%2F%2Fwww.rinehartfarm.com%2C%2C7%2C2%2C3%2C0%2C0%2C-1%2C0%2C-1%2C-1%2C-1%2C-1%2C-1%3B&D_res=%7B%22LREC3%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgampad%2Fads%3Fpvsid%3D1553720110423206%26correlator%3D3950784706420798%26eid%3D31072020%252C31073112%252C31073196%252C44769662%26output%3Dldjh%26gdfp_req%3D1%26vrg%3D2023031301%26ptt%3D17%26impl%3Dfif%26gdpr_consent%3Dtcunavailable%26gdpr%3D0%26tcfe%3D3%26iu_parts%3D121124594%252Cad-exchange-gpt%252Cyahoo-nonmail%26enc_prev_ius%3D%252F0%252F1%252F2%26prev_iu_szs%3D300x250%26ifi%3D1%26adks%3D3343594225%26sfv%3D1-0-40%26prev_scp%3DADPOSITION%253DLREC3%2526SITEID%253D222418%26eri%3D4%26sc%3D1%26cdm%3Ds.yimg.com%26abxe%3D1%26dt%3D1679067151528%26dlt%3D1679067148896%26idt%3D2401%26adxs%3D0%26adys%3D14%26biw%3D-12245933%26bih%3D-12245933%26isw%3D300%26ish%3D250%26scr_x%3D-12245933%26scr_y%3D-12245933%26ucis%3D7q5brl7dd5j6%26oid%3D2%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26bc%3D23%26nvt%3D1%26nhd%3D1%26url%3Dhttps%253A%252F%252Ffinance.yahoo.com%252Fnews%252Fchinese-bitcoin-mining-company-delivers-084958533.html%26loc%3Dhttps%253A%252F%252Fs.yimg.com%252Frq%252Fdarla%252F4-10-1%252Fhtml%252Fr-sf.html%26top%3Dwww.rinehartfarm.com%26frm%3D24%26vis%3D1%26psz%3D300x0%26msz%3D300x0%26fws%3D256%26ohw%3D0%26ea%3D0%26ga_vid%3D641671137.1679067152%26ga_sid%3D1679067152%26ga_hid%3D1217700078%26ga_fc%3Dfalse%22%2C%22dur%22%3A318%2C%22st%22%3A2862%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fweb-oao.ssp.yahoo.com%2Fadmax%2FadServe.do%3FbrxdSectionId%3D96306051%26brxdPublisherId%3D20459933223%26ypubblob%3Dlmsid%3Aa0V0W00000HOchMUAT%3Brevsp%3Acoindesk_75%3Blpstaid%3A58cd28cb-d225-3f64-a522-31500d475d2c%3Blu%3A0%3Bpct%3Astory%3Bpt%3Acontent%3Bsite%3Afinance%3Bver%3Aarticle%3Bpd%3Anon_modal%7CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%7C1183310220%7CLREC3%7C562354430%26brxdSiteId%3D4451051%26yadpos%3DLREC3%26pos%3Dipemeafinancelrec3%26ybkt%3D_BUCKETID_%26us_privacy%3D%26gdpr%3D0%26euconsent%3D%26gpp%3D%26gpp_sid%3D%26wd%3D300%26ht%3D250%26of%3Djs%26csrtype%3D3%26req(url)%3Dhttps%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%22%2C%22dur%22%3A290%2C%22st%22%3A1122%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fjs%2Fsfext-min.js%22%2C%22dur%22%3A142%2C%22st%22%3A277%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2023031301.js%22%2C%22dur%22%3A132%2C%22st%22%3A1994%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Ftag%2Fjs%2Fgpt.js%22%2C%22dur%22%3A115%2C%22st%22%3A1686%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%5D%2C%22LREC4%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fweb-oao.ssp.yahoo.com%2Fadmax%2FadServe.do%3FbrxdSectionId%3D96306051%26brxdPublisherId%3D20459933223%26ypubblob%3Dlmsid%3Aa0V0W00000HOchMUAT%3Brevsp%3Acoindesk_75%3Blpstaid%3A58cd28cb-d225-3f64-a522-31500d475d2c%3Blu%3A0%3Bpct%3Astory%3Bpt%3Acontent%3Bsite%3Afinance%3Bver%3Aarticle%3Bpd%3Anon_modal%7CCd9QbTEwLjIkOLpXOFyA61l0MmEwMAAAAADsPPDc%7C1183310220%7CLREC4%7C562354434%26brxdSiteId%3D4451051%26yadpos%3DLREC4%26pos%3Dipemeafinancelrec4%26ybkt%3D_BUCKETID_%26us_privacy%3D%26gdpr%3D0%26euconsent%3D%26gpp%3D%26gpp_sid%3D%26wd%3D300%26ht%3D250%26of%3Djs%26csrtype%3D3%26req(url)%3Dhttps%3A%2F%2Ffinance.yahoo.com%2Fnews%2Fchinese-bitcoin-mining-company-delivers-084958533.html%22%2C%22dur%22%3A331%2C%22st%22%3A1066%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgampad%2Fads%3Fpvsid%3D1153669148437824%26correlator%3D2764003610827239%26eid%3D31072879%252C31073179%252C31071975%26output%3Dldjh%26gdfp_req%3D1%26vrg%3D2023031601%26ptt%3D17%26impl%3Dfif%26gdpr_consent%3Dtcunavailable%26gdpr%3D0%26tcfe%3D3%26iu_parts%3D121124594%252Cad-exchange-gpt%252Cyahoo-nonmail%26enc_prev_ius%3D%252F0%252F1%252F2%26prev_iu_szs%3D300x250%26ifi%3D1%26adks%3D4093080913%26sfv%3D1-0-40%26prev_scp%3DADPOSITION%253DLREC4%2526SITEID%253D222418%26eri%3D4%26sc%3D1%26cdm%3Ds.yimg.com%26abxe%3D1%26dt%3D1679067151638%26dlt%3D1679067148907%26idt%3D2442%26adxs%3D0%26adys%3D14%26biw%3D-12245933%26bih%3D-12245933%26isw%3D300%26ish%3D250%26scr_x%3D-12245933%26scr_y%3D-12245933%26ucis%3Dgv91off7u8yg%26oid%3D2%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26bc%3D23%26nvt%3D1%26nhd%3D1%26url%3Dhttps%253A%252F%252Ffinance.yahoo.com%252Fnews%252Fchinese-bitcoin-mining-company-delivers-084958533.html%26loc%3Dhttps%253A%252F%252Fs.yimg.com%252Frq%252Fdarla%252F4-10-1%252Fhtml%252Fr-sf.html%26top%3Dwww.rinehartfarm.com%26frm%3D24%26vis%3D1%26psz%3D300x0%26msz%3D300x0%26fws%3D256%26ohw%3D0%26ea%3D0%26ga_vid%3D256918436.1679067152%26ga_sid%3D1679067152%26ga_hid%3D1399063763%26ga_fc%3Dfalse%22%2C%22dur%22%3A273%2C%22st%22%3A2957%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fgeo.moatads.com%2Fn.js%3Fe%3D35%26qn%3D%25604%257BZEYwoqI%2524%255BK%252BdLLU)%252CMm~tM!90vv9L%2524%252FoDb%252Fz(lKm3GFlNUU%252Cu%255Bh_GcS%2525%255BHvLU%255B4(K%252B%257BgeFWl_%253DNqUXR%253A%253D%252BAxMn%253Ch%252CyenA8p%252FHm%2524%2560%25233P(ry5*ZRocMp1tq%255BN%257Bq%2560RP%253CG.ceFW%257CoG%2522mxT%253Bwv%2540V374BKm55%253D%25261fp%255BoU5t(K3%252BI%2524%253D!!t%2522lAk.JGfxECSR23_hFAkD%253Dv%253CN%255B.%2522%2524b_o%253FtVD%255D%255BpN%257CQF%2540Sy7%257B%252CNr1U*%2526ujMUU9%253C%2524kBjqI%26th%3D1219999633%26tf%3DnMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-%26vi%3D111111%26rc%3D1%252C1%252C0%252C3%252CChrome%2520PDF%2520Plugin*Chrome%2520PDF%2520Viewer*Native%2520Client%252C1%252C4%252C0%252Cprobably%252Cprobably%26os%3D%26qp%3D10000%26is%3DBBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB%26iv%3D8%26qt%3D0%26gz%3D0%26hh%3D0%26hn%3D0%26tw%3D%26qc%3D0%26qd%3D0%26qf%3D300%26qe%3D250%26qh%3D1600%26qg%3D1200%26qm%3D0%26qa%3D1600%26qb%3D1200%26qi%3D1600%26qj%3D1200%26to%3D000%26po%3D1-0020002000002120%26vy%3Dot%2524b%255Bh%2540%2522oD~T_Gr1%253E%253AB%2540NVt7%253BY%253EhyMmxNXJZPV8t6%253D%253Dh_GW3r4Aj!L%253E%252BbK0pH%2523H%26ql%3D%253B%255BpwxnRd%257Dt%253Aal9EU%2522y%252F.D%255B5%252F%255BGI%253Fi6%255EB61%252F%253DSqcMr1%257B%252CTu9LJJ(a.P%252B)s1(uA%26qo%3D0%26qr%3D0%26i%3DADTECHBRANDS1%26hp%3D1%26vb%3D-1%26cm%3D1%26kq%3D1%26hq%3D0%26hs%3D0%26hu%3D0%26hr%3D0%26ht%3D1%26dnt%3D0%26bq%3D0%26f%3D1%26nh%3D1%26j%3Dhttp%253A%252F%252Fwww.rinehartfarm.com%26lp%3Dhttp%253A%252F%252Fwww.rinehartfarm.com%26t%3D1679067150920%26de%3D523733359860%26m%3D0%26ar%3Dda8ed23e15-clean%26iw%3D7e8212f%26q%3D2%26cb%3D0%26ym%3D0%26cu%3D1679067150920%26ll%3D2%26lm%3D1%26ln%3D1%26r%3D0%26em%3D0%26en%3D0%26d%3D11100493%253A11101914%253A26888711%253A-%26zMoatBannerInfo%3D498041672%26zGSRC%3D1%26gu%3Dhttp%253A%252F%252Fwww.rinehartfarm.com%252F%26id%3D0%26ii%3D3%26zMoatS1%3D5113%26zMoatS2%3D374058%26zMoatS3%3D0%26zMoatS4%3D4830166%26zMoatAlias%3Dy402809%26zMoatMagicNum%3Dundefined%26gw%3Dadtechbrands092348fjlsmdhlwsl239fh3df%26fd%3D1%26ac%3D1%26it%3D500%26ti%3D0%26ih%3D1%26pe%3D0%253A-%253A-%253A0%253A0%26fs%3D182630%26na%3D1862015021%26cs%3D0%26callback%3DDOMlessLLDcallback_39679417%22%2C%22dur%22%3A191%2C%22st%22%3A2280%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fjs%2Fsfext-min.js%22%2C%22dur%22%3A145%2C%22st%22%3A265%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Ftag%2Fjs%2Fgpt.js%22%2C%22dur%22%3A121%2C%22st%22%3A1665%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%5D%7D&t=1679067155775
Protocol: HTTP/1.1
Server: 188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: media-router-brb71.prod.media.vip.ir2.yahoo.com
Software: ATS /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:35 GMT
server: ATS
Age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
Connection: keep-alive
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 285C 0
20 B 77ms
77ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=214450416005&version=m202301230201&ct=77&x=1&cor=9419217065652593000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 211A 0
20 B 78ms
77ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9075981397925&version=m202301230201&ct=77&x=1&cor=14495044957231167000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5AE 0
20 B 86ms
86ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=738080863156&version=m202301230201&ct=77&x=1&cor=13098166238546233000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 055F 36 KB
14 KB 49ms
49ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 13:32:53 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FD85 0
11 B 57ms
56ms Image
text/plain 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vx2jNw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EFB5 0
11 B 46ms
46ms Image
text/plain 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3e4W4A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 68E9 43 B
260 B 54ms
54ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=11&i=ADTECHBRANDS1&hp=1&vb=1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&k=&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147078&de=458311017842&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=4&cb=0&ym=0&cu=1679067147078&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101864%3A26888709%3A-&zMoatBannerInfo=498041668&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830145&zMoatAlias=y402807&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=1983594482&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:37 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 055F 0
11 B 50ms
49ms Image
text/plain 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JEDW1g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:32:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 936E 43 B
260 B 53ms
52ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=11&i=ADTECHBRANDS1&hp=1&vb=1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&k=&bq=0&f=1&nh=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147357&de=973385629132&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=4&cb=0&ym=0&cu=1679067147357&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=11100493%3A11101939%3A26888735%3A-&zMoatBannerInfo=498041664&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830144&zMoatAlias=y402804&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=182630&na=322430858&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:37 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame B99E 43 B
260 B 52ms
52ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=9&q=0&hp=1&vb=1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150983&de=923361839278&cu=1679067150983&m=6499&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=429&lg=1&lh=110&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5160&cd=218&ah=5160&am=218&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101812%3A26888710%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830146&zMoatAlias=y402808&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041670&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=853275174&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:37 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7FF6 43 B
260 B 52ms
51ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=9&q=0&hp=1&vb=1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150920&de=523733359860&cu=1679067150920&m=6579&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=586&lg=1&lh=155&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5168&cd=150&ah=5168&am=150&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101914%3A26888711%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830166&zMoatAlias=y402809&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041672&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1980869978&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 92E1 0
0 96ms
80ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031501&jk=2993873594767416&bg=!NzSlNGDNAAZEjmHWZI47ADkAdvg8WpfV2FnAAs9cv2aR-XOvapCYPBpDFeGikk-HvTWSeh5Vz4fj8qqzLErNVjgKuV25MuGF5vACAAAEOFIAAAADaAEHCgBb2HWUuM4nnIL40zVzR3dX9gkNhqPrKy4RA95UbpfYQz8jyhDtZMMyuBvShZhZyz8GDYZiYRDG2mqgZiqKyzbYjduJOYAySLy-jUivvCpR8km0wiGISEJQ1J7-WZkCtgYGO_HVT2aR88N7yq4XLTBGsxOj36OTmEPmmyARLHhT0vLQPeD1o6-JozNhucCE6vN19w9hd7k0gDjAh4k5blQJoopzvvLobWkPsVz-gPRbZAYxwoAiMw9O2uq3kzqqGpk6g_HjI0ut7ycOBateLMiXkA38p7aGFFa8I4JDuk3SRMUPobIgXbpkIgQx6Zoiu7PKyIw2cGFD6DkH4VrNP48HasXxyBcaMArnlKWwwm1R7bKtpI1uSuLLuqm63-ZrnbFC80eXaJluTTzsE3E0ADHy_zMYvOQqsZR38u0J1e5mqMOMP7XKlLg39IxYVfP7oPDs3NIJxOsXlLH1QaWBlu9N66zD0v8rWQPkv2B1mzRsIdf9i-FwUlrOOmugYBRPmm-dJ42O42RJytmypd_X06XOyVXGtxTh2aB2jXKrBg36iruugDdAKZ4Kb4YQHRyhtlmbHbTqfhpVjgDEVKvn5VJ0XZRILWsUyi4Jg9-PWbR-1095tkAV5u_sQczMtieddaD0YLg6G19ECQZVy67kZNeCtUOtp5kkHKOWWN3ARUadp9s3nE9_BkqPzWdxnqgFw_a5K2IN9iGT43TW-cToGcOt8rtAmN1C_6MmlghI4IU-c4vLwvp3UxIjCjCdGUa6Hj-s8AjDG--at_5n48a0f5Qcav81i5iaLmyfssk_5L-JJGoMkHeuSpZv4GiD_MUh9wpEDcgBOJmKBJyvw2kfXmrhO6nriQWW-u8EPI2-cLhdGkN_6xNQE2BdG2eLyJwL032MA9eq1DJpeMLfwM17AVHGR1ip7b_0Vp7AuwTRtO4atVNBvcUQ-jjWjk6l0P06OI_uKhXU9Ox0wXZAhdMo5ctWjRXk22Gkg0LzlH4CUQXMdyatHPNwdHQVeb5nKllv0zbPzuRQ2ZOz7YOzs3ZMBi1RJ_WcD-0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7FF6 0
0 126ms
101ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031601&jk=1153669148437824&bg=!YmGlYTXNAAZEjmHWZI47ADkAdvg8WgMWRmyUsub82CU6eYJsLF1VmfN-ZR3zjKgWoh81t2OhfN5WT_DVzukN3LkVI9GDfhR75NgCAAAD41IAAAA-aAEHmQLH2JGvudBqclDQhN-KdY9dqsf-7WChnrc0FbHqm41jEs7LvTrlOuT5ecD8KpZD5UTGIsO0rxadZO8StUKhBfW5yL0F69Cd1P_8ZrZ10EjSo8JoBhx07yl_-jHCP7YMpUgB35sYeLCI7t1_F2SIIgPQEdo60cVXO3eW86ZoNF46MFQL_MELZvH_Hl5U0ilG_bEf9jKkkD9UOTgRS7Ew5pn-kyxDSSO0JDMMxc5n6IStvKmKTaBv-gDoKV4am93uxuchSMeZ544V-0gjS_vVlud4U6SJx8zqO1r-gjmJPys9zSgmRXEMzSFd4LTpifCUb3ZLYWlLTowwDXpouFNnm91b4BM1Z9WvIFOnSBTW92yYaEy4VTR7ybK3K5ZfOsIn_jbYl5fMorR-cKnaC1mJb6rM4QMmt6GB18RQWgwIwUqW-eTtFHChPlgear7R-okfdAfFcElnb9U1CuwSp-ui-ZUJwdWmDGLeYJKWbEEG1CIPLrMG5SktG5H7PRVydlJZHaSr3fcyX5NYC54O__IkGNwYTp9x_7fzA4r4Gwbiyl0KcbrHKqQ6l_2EKgRaCsppfAwXjeXNmNbCQ-8MEZg1ycYjlAw7SWJ6-xDU0ZN2G_3VFRmU-b31LISGqnj5tmif2Dt8QEe5i_fgD5hbttHdSLCPV3fd9PTOXBRWWKGapJ8Oirig11oe0oVQ_eq7W4-LeeXcsTyV02D2EKzjiP_zAU73JOvCb1qGsI_Wd7oyQycT0hOiHPJ24Heqbfl4c1Z1Cb8BBDCPR4LoJCh1j7grnB-XQRf5jBsLcC64sLjO0_v9TYMOWq9XpHjmnuoVJ9EF4cgwYnmGSTjlrcMCpRXEh4_taBzTQogF7VgMlYACGb8eGXK3yuDQVOTagPDYpyOni9qPVaJ_go3ozU3-nJCvx4sTb9qNXSVKbj9FVw_LcKa0H5-d2k66w8h4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B99E 0
0 154ms
101ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031301&jk=1553720110423206&bg=!KCulK3_NAAZEjmHWZI47ADkAdvg8WkLcvalJwv6Eg8Fd11LDQbN9sq08GBSIyAAdwMnzAuxl-LW8asJv1RV8rSfdfrTN0xIQu58CAAADZlIAAAAsaAEHmQK5lenF68uHOWcl34yyPL7CgBVJclhy_C_yo7fi4nIU3VbtyeyZwyNOE4nXw3-jnWjOKmlJ3aY0N9WuwSMRAury3457mJjSj9vzr7Lp-TkoRRUcYlVtDEOyrzOrqd87iZv_K7ZYcoYxb9v0pAPKij1uc52DpEtj8nlHRz9PIM5khbRD1COWriqWXsuVGjjt9x20lwySy4j_wzBWKDg_BVZcbRM6IIvw0XPXywaW1ZUf_LII9E7nSaPxqd37uacVmGysD6KNaatuz1eLNVsc6_e0P8bR_R7PiJf4TFc4Sqf9FdiX4i4EQRP5Vg59UGe-3dGehGf7pi5B3Xj6FXfxOuMPUV_QlMRgq4jLnzRFImjABLBObM-iMZCwFEDhb_DCafpD15L_TOmftI6HKdXg7HOXOhv22a_5OOHJfB2ahUU1O4Ex2Dl-l0LRZ4E8cVIkjhmQneu2HZeMrsF_9TDUchlZpNe27SfMkVG4Cw1Zy6UoqhOf5cvCbt-Vr7JSlaXtq8zJaKHFx7OqxIoS6QEgMpK3ZChlNLs5z7e2eQBfiqAWKqAjwez-o0Ggv2rM1eM1VoVzMSDvBZZ3dw1uC6R4CECvrYzgn446Yght6wmbUDxNy9RH_sORp1STOtX5SG6K136MCaM_uuLbnmJFXVcdWeeI9EOeraJSJoARluugBqAEiN4xVykS90n16yPh4NNSfLfnsap869pPrYUlTsfRj8G35T6kVVqNXcyFioVdOYRPq-S6L4S-WsuZALGq6j1abI3mAQ5O7tM0Wy150YOpet7Q9dlkNz92GQJObZCHIymt4mlUUVB-gl9pAyGlil166Us9oWKmnLZLIjbDWjkH-VjBcPWHBvo2pxCFE87VDvde8oUUsia7osTsxqAQCC7zhbVnzXjvLFjSu4zJmm0-6GfNRgiYbe--EKj7Kw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

POST
H2

200

p
3p-geo.yahoo.com/
Redirect Chain

http://3p-geo.yahoo.com/p?s=1183310220&t=FYWrmAFkR1BmPBe7,0.37075517650537737&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%0...
https://3p-geo.yahoo.com/p?s=1183310220&t=FYWrmAFkR1BmPBe7,0.37075517650537737&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%...

43 B
265 B

77ms
70ms

Ping
image/gif

188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://3p-geo.yahoo.com/p?s=1183310220&t=FYWrmAFkR1BmPBe7,0.37075517650537737&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_cmi%03%7B%22AFT%22%3A2151%2C%22AFT1%22%3A2151%2C%22AFTNOAD%22%3A1878%2C%22STR%22%3A1679%2C%22VIC%22%3A5200%2C%22PLT%22%3A12141%2C%22DOMC%22%3A1217%2C%22HTTPC%22%3A121%2C%22CP%22%3A91%2C%22NCP%22%3A100%7D%04A_utm%03%7B%22DARLA_RSTART%22%3A2202%2C%22ADSTART_LDRB%22%3A2285%2C%22ADSTART_LREC%22%3A2329%2C%22ADSTART_LREC2%22%3A2344%2C%22DARLA_REND%22%3A2369%2C%22ADEND_LREC2%22%3A4869%2C%22ADEND_LDRB%22%3A4881%2C%22ADEND_LREC%22%3A5185%2C%22ADSTART_LDRB2%22%3A5698%2C%22ADSTART_LREC3%22%3A5708%2C%22ADSTART_LREC4%22%3A5734%2C%22ADEND_LDRB2%22%3A11816%2C%22ADEND_LREC4%22%3A12010%2C%22ADEND_LREC3%22%3A12092%2C%22CONNECTION_TYPE%22%3A%224g%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067159%04_ms%03134%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Protocol

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.rinehartfarm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:39 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

Redirect headers

Location: https://3p-geo.yahoo.com/p?s=1183310220&t=FYWrmAFkR1BmPBe7,0.37075517650537737&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03finance-US-en-US-def%04_bt%03rapid%04A_pr%03http%04A_tzoff%030%04A_sid%03CXaIjDLAxBd8QqZm%04_w%03www.rinehartfarm.com%2F%04_rid%03ajt4qvdhvr4fi%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03finance%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03Jamie%20Crawley%04pct%03story%04pd%03non_modal%04pstaid%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstaid_p%0358cd28cb-d225-3f64-a522-31500d475d2c%04pstcat%03business%04pt%03content%04ver%03article%04A_cmi%03%7B%22AFT%22%3A2151%2C%22AFT1%22%3A2151%2C%22AFTNOAD%22%3A1878%2C%22STR%22%3A1679%2C%22VIC%22%3A5200%2C%22PLT%22%3A12141%2C%22DOMC%22%3A1217%2C%22HTTPC%22%3A121%2C%22CP%22%3A91%2C%22NCP%22%3A100%7D%04A_utm%03%7B%22DARLA_RSTART%22%3A2202%2C%22ADSTART_LDRB%22%3A2285%2C%22ADSTART_LREC%22%3A2329%2C%22ADSTART_LREC2%22%3A2344%2C%22DARLA_REND%22%3A2369%2C%22ADEND_LREC2%22%3A4869%2C%22ADEND_LDRB%22%3A4881%2C%22ADEND_LREC%22%3A5185%2C%22ADSTART_LDRB2%22%3A5698%2C%22ADSTART_LREC3%22%3A5708%2C%22ADSTART_LREC4%22%3A5734%2C%22ADEND_LDRB2%22%3A11816%2C%22ADEND_LREC4%22%3A12010%2C%22ADEND_LREC3%22%3A12092%2C%22CONNECTION_TYPE%22%3A%224g%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031679067159%04_ms%03134%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Origin: http://www.rinehartfarm.com
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7DE4 43 B
260 B 51ms
51ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=25&q=2&hp=1&vb=1&kq=1&lo=4&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2F27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=7&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com%2F&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147231&de=278175055980&cu=1679067147231&m=12932&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=432&lg=1&lh=155&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=1&ad=10047&cn=5522&gn=1&gk=10047&gl=5522&ik=10047&ic=10047&ez=1&co=1311&cp=1205&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=10055&cd=5423&ah=10055&am=5423&rf=0&re=1&wb=2&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=239394661&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:40 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 92E1 43 B
260 B 54ms
53ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=9&q=0&hp=1&vb=1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150785&de=698571943793&cu=1679067150785&m=11281&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=98&le=1&lf=527&lg=1&lh=229&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=10083&cd=335&ah=10083&am=335&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101985%3A26888736%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830142&zMoatAlias=y402805&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041662&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1256790266&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:42 GMT

GET
H2 200 905
pix.revjet.com/interaction/ Frame CBFD 43 B
277 B 56ms
56ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/905?__ads=5188da93631daa6aa5b68892bed168c7&vid=5067789859707651387&__adt=8240602929706784935&__ade=1&latent=0&__stamp=1679067164688
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 15:32:44 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 905
pix.revjet.com/interaction/ Frame E408 43 B
276 B 73ms
57ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/905?__ads=54f0aa204147b7bdc32bcda23bcdaeef&vid=5065670001289299298&__adt=8240603734949663392&__ade=1&latent=0&__stamp=1679067164816
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 15:32:44 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 905
pix.revjet.com/interaction/ Frame 6B7C 43 B
277 B 58ms
58ms Image
image/gif 162.55.246.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/905?__ads=81b87738199c6bbafe20435e8a36fec7&vid=5067789859707651433&__adt=8240604030584579854&__ade=1&latent=0&__stamp=1679067164870
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.246.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.95.246.55.162.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Mar 2023 15:32:44 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H/1.1

200
OK

collectConsent
consent.yahoo.com/v2/ Frame 224E
Redirect Chain

https://finance.yahoo.com/pdarla/php/fc.php?tID=1&d=0&f=1183310220&l=LDRB%2CLREC&rn=1679067165117&en=utf-8&npv=1&lang=en-US&filter=no_expandable%253Bexp_iframe_expandable%253B&ref=https%253A//finan...
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=S5F8QbU&done=https%3A%2F%2Ffinance.yahoo.com%2Fpdarla%2Fphp%2Ffc.php%3FtID%3D1%26d%3D0%26f%3D1183310220%26l%3DLDRB%252CLREC%26rn%3D167906716511...
https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_4a281d57-48ab-4081-b330-a131ffe57ec9

0
0

326ms
94ms

Document
text/html

54.78.86.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_4a281d57-48ab-4081-b330-a131ffe57ec9

Requested by

Host: www.rinehartfarm.com
URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.86.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-86-90.eu-west-1.compute.amazonaws.com

Software

guce /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.rinehartfarm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 8376
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-RgSHIQ4dx1bcXDeh7DBDH+r52PuGehIn' https://s.yimg.com; style-src 'self' 'nonce-RgSHIQ4dx1bcXDeh7DBDH+r52PuGehIn' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Content-Type: text/html;charset=UTF-8
Date: Fri, 17 Mar 2023 15:32:45 GMT
Expires: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: guce
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 17 Mar 2023 15:32:45 GMT
Location: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_4a281d57-48ab-4081-b330-a131ffe57ec9
Server: guce
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7DE4 43 B
260 B 64ms
52ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=9&q=3&hp=1&vb=1&kq=1&lo=4&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=8&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067147231&de=278175055980&cu=1679067147231&m=17918&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=432&lg=1&lh=155&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A0&aa=1&ad=15032&cn=10047&gn=1&gk=15032&gl=10047&ik=15032&ic=15032&ez=1&co=1311&cp=1205&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=15041&cd=10055&ah=15041&am=10055&rf=0&re=1&wb=2&cl=0&at=0&d=11100493%3A11101861%3A26888708%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830165&zMoatAlias=y402806&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041666&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1136562583&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:45 GMT

POST
H2 204 csp
csp.yahoo.com/beacon/ 0
442 B 330ms
152ms Other
text/plain 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.yahoo.com/beacon/csp?src=guce

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.rinehartfarm.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 15:32:45 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
cache-control: no-store, no-cache, private, max-age=0
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 pixel.gif
apx.moatads.com/ Frame B99E 43 B
260 B 72ms
71ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=9&q=1&hp=1&vb=1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150983&de=923361839278&cu=1679067150983&m=16352&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=429&lg=1&lh=110&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=15022&cd=5160&ah=15022&am=5160&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101812%3A26888710%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830146&zMoatAlias=y402808&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041670&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1900598083&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:47 GMT

GET
H2 200 pixel.gif
apx.moatads.com/ Frame 7FF6 43 B
260 B 52ms
52ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apx.moatads.com/pixel.gif?e=9&q=1&hp=1&vb=1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk.JGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBB0rCBEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7Oxib8MxBtJYHCBBBBBBBIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBBBBBjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBwxBbBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=http%3A%2F%2Fwww.rinehartfarm.com%2F&id=0&ii=3&cm=1&f=1&j=http%3A%2F%2Fwww.rinehartfarm.com&lp=http%3A%2F%2Fwww.rinehartfarm.com&t=1679067150920&de=523733359860&cu=1679067150920&m=16499&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=258&le=1&lf=586&lg=1&lh=155&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=15090&cd=5168&ah=15090&am=5168&rf=0&re=1&wb=1&cl=0&at=0&d=11100493%3A11101914%3A26888711%3A-&zMoatS1=5113&zMoatS2=374058&zMoatS3=0&zMoatS4=4830166&zMoatAlias=y402809&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=498041672&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=26849016&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 15:32:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Mar 2023 15:32:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v1/finance/trending/US?count=5&useQuotes=true&fields=logoUrl%2CregularMarketChangePercent

Domain: guce.yahoo.com
URL: https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid

Domain: embed.fireplace.yahoo.com
URL: https://embed.fireplace.yahoo.com/_rcv/remote

Domain: udc.yahoo.com
URL: http://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1183310220&yhlCT=2&yhlBTMS=1679067145669&yhlClientVer=3.53.38&yhlRnd=isSQSYRbdwbtF2uO&yhlCompressed=0

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/quote?symbols=BTC-USD

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=ES%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=YM%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=NQ%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=RTY%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=CL%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=GC%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=SI%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=EURUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ETNX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EVIX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=GBPUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=JPY%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=BTC-USD&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ECMC200&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EFTSE&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EN225&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance

Domain: query1.finance.yahoo.com
URL: https://query1.finance.yahoo.com/v6/finance/markettime?lang=en-US&region=US

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rinehartfarm.com/	1970-01-20 20:00:27	Name: 3ab00 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE5ODg4XCI6MTY3OTA2NzE0M30sXCJjYW1wYWlnbnNcIjp7XCI2NTQwXCI6MTY3OTA2NzE0M30sXCJ0aW1lXCI6MTY3OTA2NzE0M30ifQ.mU31g3gLcvjL7VGL0i64xoyWAQ_ATxzBCKWD1qJV4-4
.yahoo.com/	1970-01-20 19:10:24	Name: A3 Value: d=AQABBAmIFGQCEMh_7VoRGPCM52toj_DdzNIFEgEBAQHZFWQeZO-V7L8A_eMAAA&S=AQAAAlVZheF8NtywH4gqSbTDmbs
www.rinehartfarm.com/	1970-01-20 11:09:05	Name: _subid Value: 1m48sub71jkg
.doubleclick.net/	1970-01-20 19:46:03	Name: IDE Value: AHWqTUkgERvm-aEUgst9bGIiI2dEDR4MkbIR1sT6ZywGVIrtfXreRYoTHKGNgHCdrg8
.doubleclick.net/	1970-01-20 10:24:30	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 19:10:03	Name: CMID Value: ZBSIEIDcoouT-gBojmZysAAA
.casalemedia.com/	1970-01-20 12:34:03	Name: CMPS Value: 3349
.casalemedia.com/	1970-01-20 12:34:03	Name: CMPRO Value: 3349
.openx.net/	1970-01-20 19:10:03	Name: i Value: 3a6f4014-d25c-4fe5-869a-cf529ce64f01\|1679067152
.adnxs.com/	1970-01-20 12:34:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTrd63J8!]tbPl1M>e)ZlrFUfJ+tGXxoHHT?nlA`j4FPS]ao@pfgoXS4?kb#ny-UTUjx3If)y3KL9D3I?*l`4zoJ
.adnxs.com/	1970-01-20 12:34:03	Name: uuid2 Value: 4767924904238791851
.spotxchange.com/	1970-01-20 11:04:46	Name: audience Value: ef7ea50e-c4d8-11ed-9f9b-19bfd3920406
.ctnsnet.com/	1970-01-20 19:10:03	Name: gid_CAESEPLa472BUHgdW2RXcdLQjRM Value: 1
.ctnsnet.com/	1970-01-20 19:10:03	Name: cid_a5031a3b640f44f09ddc91c1e7fed3f3 Value: 1
.adfarm1.adition.com/	1970-01-20 12:34:03	Name: UserID1 Value: 7211538509932132491
.mathtag.com/	1970-01-20 19:50:22	Name: uuid Value: 50176414-8811-4300-bc24-e0fd266bdcff
.mathtag.com/	1970-01-20 11:07:39	Name: mt_mop Value: 4:1679067153
.linkedin.com/	1970-01-20 19:10:03	Name: bcookie Value: "v=2&c7b48d17-c982-42f3-838e-d709ff4678ce"
.linkedin.com/	1970-01-20 14:43:39	Name: li_gc Value: MTswOzE2NzkwNjcxNTM7MjswMjESRN1qu6t02DIGOCqr+pNeVKvWrCxCpVXgjM3FMUhF4A==
.linkedin.com/	1970-01-20 10:25:53	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2490:u=1:x=1:i=1679067153:t=1679153553:v=2:sig=AQHoU0zX5oB-GOsgRoGZzKD20yUYulLy"
.analytics.yahoo.com/	1970-01-20 19:10:03	Name: IDSYNC Value: 18yx~2akf
.lijit.com/	1970-01-20 19:10:03	Name: ljt_reader Value: GU4EsGZHRvKLygN8R_WRhw7u
.3lift.com/	1970-01-20 12:34:03	Name: tluid Value: 2732917707519933246731
.blismedia.com/	1970-01-20 19:10:07	Name: b Value: 64148811F0F4F8DF62B6D9B0BLIS
.ads.avads.net/	1970-01-20 20:00:27	Name: av-mid Value: ae724dff-9264-4edd-a4bb-047299ef2a37
.ads.avads.net/	1970-01-20 10:44:36	Name: av-tp-gadx Value: 1
.mediago.io/	1970-01-20 19:10:03	Name: __mguid_ Value: 821d8b1c5ae7c24dd9a346e89e996ca0
.tribalfusion.com/	1970-01-20 12:34:03	Name: ANON_ID Value: apnseFRkP6i6eCno77TlnqfT3HtvtZbOSX0Va6SxpGlov7pVcrWHUwZaJDZcNQZdrkGZdDLL2F11vQQ4UjgqPaLoj
.revjet.com/	1970-01-20 10:25:53	Name: ads Value: 81b87738199c6bbafe20435e8a36fec7
sync.srv.stackadapt.com/	1970-01-20 19:10:03	Name: sa-user-id Value: s%3A0-337df8cb-db47-5c1e-5937-5afc8c989389.0o9AJkCGLEpqf5Seum9wedA7QzPR%2FS7hHCbPHTW%2Fy04
sync.srv.stackadapt.com/	1970-01-20 19:10:03	Name: sa-user-id-v2 Value: s%3AM334y9tHXB5ZN1r8jJiTibBDVi8.503f%2FUTm7hctYXm4JcnfXLrhCY1qfxJ948cxJiQWv4o
.srv.stackadapt.com/	1970-01-20 19:10:03	Name: sa-user-id-v2 Value: s%3AM334y9tHXB5ZN1r8jJiTibBDVi8.503f%2FUTm7hctYXm4JcnfXLrhCY1qfxJ948cxJiQWv4o
.revjet.com/	1970-01-20 20:00:27	Name: trx Value: 5067789859707651433

52 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://www.rinehartfarm.com/lander/vayt-masha-28.02-6/js/g-r-min.js Message: Unrecognized feature: 'vr'.
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to fetch at 'https://query1.finance.yahoo.com/v1/finance/trending/US?count=5&useQuotes=true&fields=logoUrl%2CregularMarketChangePercent' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://query1.finance.yahoo.com/v1/finance/trending/US?count=5&useQuotes=true&fields=logoUrl%2CregularMarketChangePercent Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to fetch at 'https://embed.fireplace.yahoo.com/_rcv/remote' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://embed.fireplace.yahoo.com/_rcv/remote Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://www.rinehartfarm.com/__rapid-worker-1.2.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'http://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1183310220&yhlCT=2&yhlBTMS=1679067145669&yhlClientVer=3.53.38&yhlRnd=isSQSYRbdwbtF2uO&yhlCompressed=0' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1183310220&yhlCT=2&yhlBTMS=1679067145669&yhlClientVer=3.53.38&yhlRnd=isSQSYRbdwbtF2uO&yhlCompressed=0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/quote?symbols=BTC-USD' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/quote?symbols=BTC-USD Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.yahoo.com/px.gif?ch=1&rn=5.302580804303001 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.yahoo.com/px.gif?ch=2&rn=5.302580804303001 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=ES%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=ES%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=YM%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=YM%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=NQ%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=NQ%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=RTY%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=RTY%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=CL%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=CL%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=GC%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=GC%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=SI%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=SI%3DF&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=EURUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=EURUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ETNX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ETNX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EVIX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EVIX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=GBPUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=GBPUSD%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=JPY%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=JPY%3DX&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=BTC-USD&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=BTC-USD&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ECMC200&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5ECMC200&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EFTSE&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EFTSE&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EN225&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v7/finance/spark?symbols=%5EN225&range=1d&interval=5m&indicators=close&includeTimestamps=false&includePrePost=false&corsDomain=www.rinehartfarm.com&.tsrc=finance Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.rinehartfarm.com/ Message: Access to XMLHttpRequest at 'https://query1.finance.yahoo.com/v6/finance/markettime?lang=en-US&region=US' from origin 'http://www.rinehartfarm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://query1.finance.yahoo.com/v6/finance/markettime?lang=en-US&region=US Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEHBzlYqRQYKqFxPCNNzlhJM&google_cver=1&google_push=Aa02lx_59-PEG_wRNu8764MZI2qwj3PXrcVzKqe49uVg9Ak4egGFNSrDNCtuzZXtT-znyMUBhP62UtkqIg-SfA0CQ5tvVZxJC2P4 Message: Failed to load resource: the server responded with a status of 502 ()
security	error	Message: [Report Only] Refused to frame 'https://consent.yahoo.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://consent.yahoo.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: http://www.rinehartfarm.com/ Message: The resource https://s.yimg.com/cv/apiv2/fonts/2019/YahooSansCond-XBold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

27607f2565849e241108e1494cf2eb7c.safeframe.googlesyndication.com
316a7d8546048e10a2cd990e0c513158.safeframe.googlesyndication.com
3p-geo.yahoo.com
5.ras.yahoo.com
5885309bf067a7019baacf22f94cfad1.safeframe.googlesyndication.com
793e5fb988953e704349b7bc3946e3d7.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ads.avads.net
ads.revjet.com
adservice.google.com
adservice.google.pl
aka-cdn.adtechus.com
ap.lijit.com
apx.moatads.com
cc.adingo.jp
cdn.ampproject.org
cdn.js7k.com
cdn.revjet.com
cm.g.doubleclick.net
consent.yahoo.com
csp.yahoo.com
da01d550c5d48615848150885a12d039.safeframe.googlesyndication.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
edge-mcdn.secure.yahoo.com
embed.fireplace.yahoo.com
eu-central-1-web-oao.ssp.yahoo.com
f5dcb7101d3564e2f52d8e933e4be649.safeframe.googlesyndication.com
finance.yahoo.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
geo.moatads.com
geo.yahoo.com
googleads.g.doubleclick.net
guce.yahoo.com
ib.adnxs.com
match.sharethrough.com
o.aolcdn.com
onetag-sys.com
openweb.jac.yahoosandbox.com
opus.analytics.yahoo.com
pagead2.googlesyndication.com
partners.tremorhub.com
pix.revjet.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
query1.finance.yahoo.com
s.tribalfusion.com
s.yimg.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
service.idsync.analytics.yahoo.com
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
udc.yahoo.com
ups.analytics.yahoo.com
us-u.openx.net
web-oao.ssp.yahoo.com
www.google.com
www.googletagservices.com
www.rinehartfarm.com
www.yahoo.com
embed.fireplace.yahoo.com
guce.yahoo.com
query1.finance.yahoo.com
udc.yahoo.com
104.18.24.173
104.75.89.75
13.107.42.14
13.248.245.213
13.32.121.17
142.250.184.202
142.250.184.226
142.250.185.130
142.250.185.161
142.250.185.226
142.250.185.66
142.250.185.98
142.250.186.100
142.250.186.129
142.250.186.33
142.250.186.67
152.199.21.65
152.199.23.180
162.55.246.95
172.217.16.198
172.217.18.2
18.194.168.240
185.29.134.248
185.80.39.216
185.89.210.153
185.94.180.125
188.125.72.139
192.229.221.24
192.229.233.6
213.226.126.234
216.52.2.86
23.211.10.211
3.126.56.137
3.210.74.157
3.71.149.231
34.243.115.23
34.254.81.77
34.96.105.8
35.186.193.173
35.205.207.25
35.208.249.213
35.244.159.8
51.89.9.251
52.28.203.152
52.30.219.75
54.164.155.52
54.64.126.195
54.78.86.90
64.158.223.137
65.109.27.133
72.34.250.75
85.114.159.93
87.248.100.208
87.248.100.216
87.248.119.251
87.248.119.252
010595716a334027c86b48c191484ca1ea5f758b4c239ffdedf69919ac480c6e
03518aada5ecf33e70801c928b493a96329cd2f787200470581acf2958737817
0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62
1236e3d07c5be99605a2ce51cf62277390130d7e1666e31757c7182173c31f1c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15918f765204761c643d2e0d39fc60e07eaddbb881df11f115878c6f71b2769a
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
17657f91dc8a7010a869b39af18f5bdee723126a7467f77f929aaef9c53f2e40
18c32790c19d6483d673c06a3d9cf7f6d717fb88bf3698afbae2b04b033ed537
194f002ce71750d685c32fe75211cbbe22d3383e7bc3d0a323b76d278ab46b98
20ab02ab4d58b6fad10d4ec2d856dd2fcc6984f5f43832cc09f490ba69ad9307
2886e7730a496ea348ef11f6b77bc48c78872904306ca1c314cf465f650726d8
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
2b3162b9d90ea855e1d140d94062ed56fb3b8d98193f1f37680f864320d481fc
2b8698b365967116c6d5923bd2876570010442a38bafc38a1d8f4a0c31faa4fe
2da8e6f60e9698291e4cfecbaf95ba806282637c28fa1cc7c2d7ef0e32e660e9
3016ee9e02f913a7cac4c4fdc28c5552afea273ee310d94f7520eb47d50669f9
30797f2f9f4f25064a692331c35f0216ef5225c11627cd1393847db1e8cff8ff
3117d3971f58516849e1f6c636ce3fc64faf6ae21d65700d49bd816272ae8119
314e1fe839edf550dc0b9df5652a95424a597f72fbc78c00f80976f297696a0d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31665c7c01527083a4492b70d9a202462499a041939f3cc381e02ec1939efd39
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33de9ebb711226b9d7ebc94f2c9e9eaea6ab6346ea7bfd79828ec1fb819de33f
344c047bd023bf7735dad087f56e67c775aac4cf0b9c20c8de483f244b82caa6
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3657e18bca9543e44c6bed6f48f74ce467897bc57b7a94c2294924250a7bfdcb
37eb6b336a6d92f1078d555e5c131af4526307dfc4d9fdf8df94b3a0882d2d96
3c56a32b9ea8908bf4bf80cbd3f4739ffa8de66248c9d200407d0280d1a889a2
3d7ffe1ecb061100760ab496bae435770032c862df220c02160bfd98fdaf07d1
3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b
3ec63d3cee297fa15b6e36ca69114f908ecbfe7c89f4e0625a84f6eb3d4dc29d
3f1fdef4f502d2db072df997a1b83e977c3e257521551a9e4de98b1c28fa8a39
444eb17b5e45f8497ffbba1c5d159235e8e0d6bd80a2871e83446e6f61ca9c5d
44f6b549a0b8cfc0643eda7af22d6d3c592f1b7e6335918b235f9f68ad2e6d48
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
4a66b92fc3985947226e9cba3cdd5687ed4746876da1c1f7e399a1cdd6c62409
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a94f6bee75aa79866b9b5e432a352b6e45c906c10eb348ca31b5b4317294d11
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
504e05e34c69c7ecb5293f3fb31be8600db94d8b1076675844bc0b94cabd54f1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506648db425e3801b3b45aca2382efaed10698e5af1dcb90fc8cffb2b090704e
52d9389cd526906e929ccece229fc8122685205a9a2a0aaf667d0907ef933576
5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569ea3817eb4c6220aa0bef06154b2a2e0e77dc611d91911cd14b370771837d1
56b39aafd32c6d5dd1bfa2663cc899b86b7b277e7bc97e79ba56df1a50f46c27
58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621
58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416
5ae9552d446982cedbbeb56c92ec7461d79f2e7734efa66bd0633e095b12d645
5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c
5c91e5a423b545e6cf71afe04e0888d05dbf73753666f25e1af5bc31ba8839ff
5cb2b348029a5c8cad5342d73f5f78ac09ad0cf6ebde80b5a1ed069f08332ddc
5d7860d5f0def7ec1422ac15a605762bf80bbdb4d335d325d1dac16300faf4a3
5f86ec9907f6433f430f9caa406d5244809b9623f8ebac90868ae331775438c5
5fea1a0dbbe96d453e3c8d4b47e1f8f646a7ecc4abcbf7779862f491ac4a09e0
60a7550cfbb885a0a9f7007c8efcc3c0d9c2f968f87d263b5061d5cf8322c80b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67abefd44cdbe95de18cacac973e61226611e6c1bf7c76ca9cd2f7289afc8332
68b6d95d23388dfe19a9e50f5697c58fa43418da4cf7bc8571e065afc730d767
6a6b1b44b39e91e4b3fbdbef63f9d28f34da997f245fe9eeba6444237443c6d0
6aeefa6462f12c949256e6eedae1aaa00c39e26d3c5c0a29f447e298dd8d3eb1
6df75e91352dff7a5d6c9827c27612ff26c7954cf2fea7c6da459773865c6bc9
6f7a221421a9db31bf31276a2f25df81368ab815ec5f822b1d917af2647b2596
70b8bcda8f0e83b8d1c027bde67dc8ccfbf4e916e89e6cf2052904b01eeda559
71b68ef61fe4a64d7d8914a428759ca0109ebebd458b9cf258d9f929fe50757d
758cbaa99915bbbac51cb83dcf962a873d6f40c7f734b7ec3e4f299c3f2f7641
77c5cdbc83b0855ebaf60ef5c11294bd48264fe71b7d8cf2a691c280d3babb97
7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f
7cac8328e6f80b080b5a617d7f0c0bd939938cb1af9ac6b41a3e364ad791b476
7e926fbc63ec1370ffa4ca3778637b9b183d6da7a7a1539b78329cafc2f22f0e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
81871a231bd7e95f87d000c40a52a9e9670d4895e46824e030ac11ddc93e11ce
839bbc532e50b418067796dc2dbfee591f47b4c497d2148dcae3a28221cf83d2
856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92
879c22d7d11e8394e045a7ab8dfd514a9f9f8ef27adf8070a8372f69e07943b1
87cae86ffab4a825efd06a602c30563b9e29208314ba093a26a3550013358080
8845be6e7a95e3a872fbe0c447d743096b3adf8ee1b6f0d59bcdbdec18aeea36
8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749
8aeac920ec9dbdec2102d5790c0c97031685bae8f252caed19125ae08cad9a0d
8c6a14a96e308f070f495f999af4e39027527d649157fe1a3ffc116870e14697
91882a111dbec666e8404ba19b8f74516939ae2b2d9304c187b5adfce509c10d
92048fe17ab99379696001bc409ad3456f8bc3d01670f6e2993e9d93b2d55874
9260c08a529a83cdb2d978e829b597e3819152723e7b686bedb4d293acc34904
93a1b967e0fda822e378c6fed930f173bdbd782fef7448a73f366183dbc30267
93b4d7141f0235efab12760ea30046e4640c1ea82e336561ff918435b04c1673
955ed60b4f42403984860c90db75c5e897f3845c2874e44c4f3c744229bdc44e
95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0
960b3610786dfefa02d7f8dffe22268d0f4553c5d5f0a390ea9a31263c7aa0b3
96f838c93651f504f8c24a5c7b43058ee9aa1e30b2320b0275c701bc0211d01f
97aebd5817a78473c11e44b3133e7524915b11b3fcc45a42313d46e978f19345
982ab4d8bc32fa0262edb5e56aa9536dd6ca6014f2634b43e4c6ef2e25047ff4
983142f7f74bc016f252894067351b2af7d87a59d31a201376e08f374413eaeb
98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0f5bd19b94b9bb307b1c49ec849938d78679587c2d714cca8c27ff3a4a3cba
9d3ec62d4604767f2f3f0a690531f98c2e0bca117efeb25d0a70a947709d7fcb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a0db2bd28c98bd3023a5f63cd4c4fa1e180bfeb8a220f8ed07ed7cc2a7dc2607
a1060b6dd1609d1165ffc70733edcc780fd8192fd74d229cba17f1fd402a43a4
a18f1f61513a044194cece1b38c0e512126976c8e590f800fe4bd406e697dc57
a20c6fca1545a35f9ecd601cc41f9df7b24f55cfced32d55abe50b46b5842a95
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa4e97176c42a995d917905a61e9933fa29d6f04912b3e2f9e683276a96de194
ad24df8561b589323813953f7fd01e7aac1253b8570e78c9c2d07ac6488ea0e4
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a
b168be397ac36dbca02b07547dad2a928427e765df9b49a931f05db057f3a83c
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b4a02324ddd8805824e8cb386acf7d1405bb1147c32791b4651d5a2fc17f04bd
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
baa52e8ac769d702e14fd1fa5a4363a1fc7e6462115ab6bcdbb317ce0e99da8b
bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c
bf303fa2f2c27124090def7f34ddaa544a097f60608a4d27da25220ed6a52f8b
c11192f57c358070871144f88e07df44fb0df9f26d047a3e12d46b2a41308954
c25eb9ef13d4c6fc1509e8f478899f196165bdf32f17acb2163cb329820f1c7d
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c367c34df7f218533f2f60eba8b46dfb29926b357126608d18a8d1ff08eb1018
c4785a51adadef034b8274f06cd3ba259f313f67269f1c8f06bb9ce88ae9137a
c67c77e7757e42a7c7a8e394e3a162dc2ea087d2f09afd7a1e39c3660a86c62b
c730dcc6034e3953cdd2ad7e1769dd692c43a2ee57c2b8b62c0a10f61755b4a9
c77ac0aa1aa3c9715cacb1fc76feaf226e30927a9636e5c75c4dfeb75c0f8f98
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c893d71d5cfbf9c9a691589c30003d348c0b1ed93c5baf09fa6dfb27dc3c2fb7
c99e18f340da3013a89d08357f05aa510393fdbfc400c364f85439f6f8bcda9f
c9bbc35341f4aeaffb38d9d1a98b84e59eda553ce1faeaba1410006b90df518d
cc4c5c3aaf85324fb340c27dec9ba238e684157be33b229b9789420c1b887829
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6e8632455597e764c74736941b8859a7458b4de5f2294947a4abdf1662751b
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d1d43bc5e2499d449c36abb0db438f7f5b7e58b44c568d351c2e0a8cd1bf56d4
d28377f1af0c55467353355bf408fc6faf7d9de21ddbf99513ccade70a2ea7cf
d38366fd515d06caf14f099ecafb648a1ba56f2a01d2d48f76e7367aeb0330ef
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d636b7c6e03c525b4bb0030d0a9d2908fb6e1e51bfbfc0ea0b25fb7b8da50321
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
daf96d13390cdcbd105d61803117076ec7980917a875f5235381ced9bf522fa3
dc29b878d0de77b881475726149efbdc770c6eb6f4997acd482dd23b2586a855
dc85247b4034d72a283958d72065ec4e1b937a3b3572944b948c5cdd12dd6f67
df2f8de5e57fd499e924a697686bb07344d801814564f815c8b35645aff6ad7a
df8c74a629c51de014bce7844daf00de4572feb98bc1023a4010e5ab17db20e7
dfdfd45ff45df936750142130afa1fd5781410a300088470c0b54849e96cac44
dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4202fdaa44bd24962e5cc9943e81f3880c07261b70240417755975eff513bcc
e4747850a5b4d1e9920a61fb7f0e247efaae09920c22cc0f0d86ed70fbf2e10f
e4ee215e9c740c7eb984b200253336cbd8c65695492c9d443f4a6e3e256f870d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e65f88b906309e0531ef61775a5f45f2f8c152a0121840707ef109a44b9d24e3
e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e
eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d
ec99d2693b31685b15478b27d24b802ad42f1efc85c56bd24c8b72f93e9a885c
ecf8ce0589030ddd4cdad1e8bda6ab78bb89aa9912aa01078b3c8ff69abfe550
edb49787e4cd98a3bc1b099b4cb6012cc691e1c251f842a5d643aac6e40cedb4
edf9650e6e7b5e9f6cbfa379ada4eeeb903f2f4ebb3bcea00c5c436ff0e5ce59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dd2f7d37cfa51424fc969bde8bfa6ee89c0616ef07fb62b61732ac156bf153
f1c5cc39ece1de53f6288d53ff3847e660425d77debd81a7ac493903d74926be
f204ab420a5067e50cf449c161ca633301e47849248e691863bae78110990e60
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fceb35a57280efd77522839a3be8424586eca77604b5d02d41aee13f16ba4ce3
fe4db8848e2badc0361eed7dd59b1991e2eb65d78de9cb32382a62aa41e503a9

www.rinehartfarm.com Open in urlscan Pro 213.226.126.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

472 Requests

76 %HTTPS

0 %IPv6

40 Domains

72 Subdomains

46 IPs

11 Countries

6384 kBTransfer

18399 kBSize

33 Cookies

15 Outgoing links

Redirected requests

472 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rinehartfarm.com Open in urlscan Pro
213.226.126.234 Public Scan

Screenshot
Live screenshot

Full Image

472
Requests

76 %
HTTPS

0 %
IPv6

40
Domains

72
Subdomains

46
IPs

11
Countries

6384 kB
Transfer

18399 kB
Size

33
Cookies

472 HTTP transactions
8 data transactions