www.wtnzfox43.com Open in urlscan Pro
2606:4700::6812:1e0d  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM68WSViVUdu-Aawr-Ct6g&google_cver=1

Request Chain 85

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-V14mnZj8cF7gz9NDL8UAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM68WSViVUdu-Aawr-Ct6g&google_cver=1

Request Chain 86

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEJiXpxkle3ce6ayqBUawnMU&google_cver=1

Request Chain 87

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMTQ0OTk1NTU2MzU5MDE4MA%3D%3D

Request Chain 111

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB4FEq6XnLxQmmCFOHfQCOc&google_cver=1

Request Chain 113

• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
• https://sync.teads.tv/um?eid=3&uid=CAESELp3p9mdR6G3JihwUP6iO2s&google_cver=1

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request advanced-bitcoin-chain-opens-crypto-mining Show response www.wtnzfox43.com/story/48415779/	251 KB 29 KB	257ms 142ms	Document text/html	2606:4700::6812:1e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2208721aee7326c115b7611f67a358c0c5fd3da1876cb18a98c1180a27932f91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control public, max-age=120 cf-cache-status HIT cf-ray 79d418531fd930f4-FRA content-encoding gzip content-type text/html; charset=utf-8 date Wed, 22 Feb 2023 01:54:39 GMT expires Wed, 22 Feb 2023 01:56:39 GMT server cloudflare vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-response-time 1892ms x-xss-protection 1; mode=block
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/	118 KB 20 KB	89ms 29ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 1029 age 1802300 cdn-cachedat 01/02/2023 00:17:59 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:03:59 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"2f624089c65f12185e79925bc5a7fc42" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 88ca15c93c35b53bdde3eedc6f26c4e6 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 79d418547f19361b-FRA cdn-requestpullsuccess True
GET H2	200	app-6e3c36362be58f83ef28.css ngw-static.franklyinc.com/assets/10775/	306 KB 49 KB	133ms 34ms	Stylesheet text/css	2606:4700::6812:10d4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngw-static.franklyinc.com/assets/10775/app-6e3c36362be58f83ef28.css Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10d4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f98b9fcb90d32f2ab2d6f0583f8fb8143627813d3278cf5e161695c2fbffd45c Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 13 Dec 2022 18:21:19 GMT server cloudflare x-amz-request-id TPGAK9TM1CD0BJ2V age 2657 etag W/"c6abe9e28e3ac40deafaf0d1c3be1010" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 79d41854beef5b74-FRA x-amz-id-2 /wpP543Gyri9y5led7ntsJ2lJqxj3QAk4KuwS4XoZudwYwtNZdLV3f6ehGXtT/oU1F1acms5MLo= expires Thu, 22 Feb 2024 01:54:39 GMT
GET H2	200	custom-global-breaking-template.css ftpcontent.worldnow.com/professionalservices/globalcss/	6 KB 2 KB	207ms 123ms	Stylesheet text/css	2606:4700::6812:1e8d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ftpcontent.worldnow.com/professionalservices/globalcss/custom-global-breaking-template.css Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e8d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 29 Jun 2020 13:40:44 GMT server cloudflare x-amz-request-id 4PRKD2KRDC45M7R2 etag W/"4b357b45b8d5b6f57aefc58b78723684" vary Accept-Encoding content-type text/css cache-control public, max-age=300 cf-ray 79d41854ae7b2c77-FRA x-amz-id-2 XUxX7mfJIzaym+hW1DIFoiBqQ3n7kWIDW6t7YSN68jbrfYWyVpcTKACPoX2snBUwUkmvfEJD+lk= expires Wed, 22 Feb 2023 01:59:39 GMT
GET H2	200	logo.css ftpcontent.worldnow.com/professionalservices/globalcss/	3 KB 1 KB	206ms 122ms	Stylesheet text/css	2606:4700::6812:1e8d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e8d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 07 Feb 2022 19:27:28 GMT server cloudflare x-amz-request-id 8Y6XQMMNQMWMH7ZH etag W/"498e7c8c50bbb38d5b281f7ad6edd08c" vary Accept-Encoding content-type text/css cache-control public, max-age=300 cf-ray 79d41854ae7e2c77-FRA x-amz-id-2 d7SHMS4+6lYDqcLhFZ7EzqXLGy5ofpsILt5gprbpct8gxuZ4UtBWqrHAQYCnSmnt/E2RrLrJW0k= expires Wed, 22 Feb 2023 01:59:39 GMT
GET H2	403	Derrick.css ftpcontent6.worldnow.com/wrde/	0 0	131ms 28ms	Stylesheet text/html	2606:4700::6812:1f8d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ftpcontent6.worldnow.com/wrde/Derrick.css Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1f8d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers
GET H2	200	wrde_ngw.css ftpcontent.worldnow.com/professionalservices/clients/wrde/	5 KB 2 KB	210ms 127ms	Stylesheet text/css	2606:4700::6812:1e8d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ftpcontent.worldnow.com/professionalservices/clients/wrde/wrde_ngw.css Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e8d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 15 Jul 2020 14:00:46 GMT server cloudflare x-amz-request-id D93A5YD61E9NKJSD etag W/"8d5d25c637f71dec04c5a416682b6a1a" vary Accept-Encoding content-type text/css cache-control public, max-age=300 cf-ray 79d41854ae7d2c77-FRA x-amz-id-2 aDbhDrPustShB+RWSdp2A7qquzbmyBmR+SeHZ6iP/pzEmNn6lPGRl7g88FDVgCXElfBW7ueWau4= expires Wed, 22 Feb 2023 01:59:39 GMT
GET H2	200	countdown-external-public.min.css statics.foxsports.com/static/orion/css/	3 KB 1 KB	344ms 196ms	Stylesheet text/css	2a02:26f0:480:f::213:7eca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://statics.foxsports.com/static/orion/css/countdown-external-public.min.css Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7eca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash bc65b2cf8cbc369a154d0dce05de830f757b0219f27980d63b51a5d9633fa259 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-cache-hits 1 x-edgeconnect-origin-mex-latency 15, 12, 441 strict-transport-security max-age=300 content-encoding gzip date Wed, 22 Feb 2023 01:54:39 GMT x-edgeconnect-midmile-rtt 16, 34, 0 content-length 832 x-served-by cache-iad-kjyo7100066-IAD last-modified Thu, 26 Jan 2023 21:13:37 GMT x-timer S1675315234.945428,VS0,VE1 etag "62d70403dea1fcf97cf4fc3695fd315c" access-control-max-age 86400 access-control-allow-methods GET content-type text/css access-control-allow-origin * cache-control public, max-age=403 access-control-allow-credentials false vary Accept-Encoding accept-ranges bytes access-control-allow-headers * expires Wed, 22 Feb 2023 02:01:22 GMT
GET H2	200	jquery-2.2.0.min.js Show response code.jquery.com/	84 KB 29 KB	81ms 24ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.0.min.js Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip last-modified Fri, 12 Aug 2022 13:47:02 GMT server nginx etag W/"62f659d6-14e55" vary Accept-Encoding x-hw 1677030879.dop151.fr8.t,1677030879.cds245.fr8.hn,1677030879.cds235.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 29875
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/	36 KB 11 KB	83ms 28ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 894 age 1802300 cdn-cachedat 06/22/2022 17:21:28 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:03:59 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 server cloudflare etag W/"c5b5b2fa19bd66ff23211d9f844e0131" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid c27c39d43db1989da4cdc52e32451177 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 79d418547f1a361b-FRA cdn-requestpullsuccess True
GET H2	200	iframeResizer.contentWindow.min.js Show response cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/	13 KB 5 KB	86ms 29ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/iframeResizer.contentWindow.min.js Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2834767 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4430 last-modified Mon, 04 May 2020 16:11:11 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e9f-349a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1NSF7NLbCjzVke%2BTd%2FMa0NKX0UOW7Z7kGDi9%2F2zTAlpvfO4FOSHkc%2FiIjeiNb2UgYGldvPYMCEEgkurUEe3iEeJRGRzRUObNnZKQhmoWD1gP0fdaaHLgi7hiSp%2BOhlfgDJSpZyX%2BFbFEF%2FP8xGeUawk"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 79d41856ac719186-FRA expires Mon, 12 Feb 2024 01:54:39 GMT
GET H2	200	WNVideo.js Show response wtnz.images.worldnow.com/interface/js/	2 KB 1 KB	118ms 43ms	Script application/x-javascript	2606:4700::6812:16ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wtnz.images.worldnow.com/interface/js/WNVideo.js Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:16ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09061c6edd1088f5c30cc04c0a845762619c6407a339010738e6858486009435 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 14 Nov 2018 14:25:16 GMT server cloudflare age 4907 x-amz-request-id MJ85PMASYY94BJF0 etag W/"9725d80ca65bff6d5a14bd2d463057e5" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=14400 cf-ray 79d418549cef3a7a-FRA x-amz-id-2 +SmCYHjDJVKqy220gI8jN2J8yHqXA+9MmJt80BqqOuIsTwvMfeXH1G/3wSTTzzJv5H/4i5DYXoU= expires Wed, 22 Feb 2023 05:54:39 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	94 KB 37 KB	94ms 34ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0898672d212ceb2d5f36d796106d636aa8c9124bc38aa8339a6cacdba1b3ec40 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37968 x-xss-protection 0 last-modified Wed, 22 Feb 2023 00:37:46 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 22 Feb 2023 01:54:39 GMT
GET H2	200	email-decode.min.js Show response www.wtnzfox43.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 824 B	24ms 22ms	Script application/javascript	2606:4700::6812:1e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.wtnzfox43.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 15 Feb 2023 14:31:01 GMT server cloudflare etag W/"63ececa5-4d7" vary Accept-Encoding x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 79d41854289630f4-FRA expires Fri, 24 Feb 2023 01:54:39 GMT
GET H2	200	app-5b9f93f28db5b7224e66.js Show response ngw-static.franklyinc.com/assets/10775/	5 MB 1 MB	127ms 31ms	Script application/javascript	2606:4700::6812:10d4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngw-static.franklyinc.com/assets/10775/app-5b9f93f28db5b7224e66.js Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10d4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16d89f10cca7d2b76612fa0be5cc8e35cff46a1db1fe9b8102e1cfb92ad22ef5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 13 Dec 2022 18:21:19 GMT server cloudflare x-amz-request-id FKSJ0BWJTHGKFK5M age 3169 etag W/"ab409faf1c5a84ecdac17fb186f0eb5a" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 79d41854bef05b74-FRA x-amz-id-2 8SB2xOKphH8Gc6rlo8Hzf4VFRkTsN4roTlD6XB1cLO2HzyEQ/i6lSlYXT0C11WWO6JOtDdk8m2U= expires Thu, 22 Feb 2024 01:54:39 GMT
GET H2	200	ccpa.js Show response ftpcontent.worldnow.com/professionalservices/globalcss/	1 KB 865 B	111ms 29ms	Script application/javascript	2606:4700::6812:1e8d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ftpcontent.worldnow.com/professionalservices/globalcss/ccpa.js Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e8d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 29 Jun 2020 18:52:15 GMT server cloudflare x-amz-request-id 9X7VP04JCS13WZS6 age 21 etag W/"0ee412381eea4aba59e8a80ef1b33cb2" vary Accept-Encoding content-type application/javascript cache-control public, max-age=300 cf-ray 79d41854ae7f2c77-FRA x-amz-id-2 YSmCygdTnagFRS708Z7eotivvrZNEOhD9imsgi5QPmh49F4XJJLB2tJRbB66AkXymeXckAM808o= expires Wed, 22 Feb 2023 01:59:39 GMT
GET H2	200	css2 fonts.googleapis.com/	4 KB 1 KB	149ms 58ms	Stylesheet text/css	2a00:1450:400d:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: ftpcontent.worldnow.com URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ftpcontent.worldnow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 22 Feb 2023 01:29:34 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 22 Feb 2023 01:54:39 GMT
GET H2	200	off-platform.min.css content.worldnow.com/global/css/_pub/	89 KB 27 KB	123ms 32ms	Stylesheet text/css	2606:4700::6812:1e8d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://content.worldnow.com/global/css/_pub/off-platform.min.css?ver=7.15.0-5 Requested by Host: wtnz.images.worldnow.com URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e8d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3f85c3cb8f5f6ab30693af71ed31af143382408ff1b3af1d93b1168ce020751 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 26 Oct 2022 13:44:24 GMT wn IISCOM01 server cloudflare age 326147 etag "02cede41e9d81:0" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 accept-ranges bytes cf-ray 79d4185709a39969-FRA content-length 27881 expires Wed, 22 Feb 2023 05:54:39 GMT
GET H2	200	wtnz.config.js Show response content.worldnow.com/global/js/_pub/	12 KB 4 KB	562ms 474ms	Script application/x-javascript	2606:4700::6812:1e8d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://content.worldnow.com/global/js/_pub/wtnz.config.js?ver=7.15.0-5 Requested by Host: wtnz.images.worldnow.com URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e8d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba Request headers Referer https://www.wtnzfox43.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 22 Feb 2023 01:54:40 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 15 Sep 2021 16:12:54 GMT wn IISCOM02 server cloudflare age 337071 etag W/"0c7fc894caad71:0" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 79d4185709a59969-FRA expires Wed, 22 Feb 2023 05:54:40 GMT
GET H2	200	wnaffiliateconfig.js Show response wtnz.images.worldnow.com/interface/js/	40 KB 7 KB	37ms 35ms	Script application/x-javascript	2606:4700::6812:16ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wtnz.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5 Requested by Host: wtnz.images.worldnow.com URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:16ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 394159b02671775ccf6c16620657f75d1ba4046174e6b1a9f3e119bccd888a5d Request headers Referer https://www.wtnzfox43.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 01 Jan 2023 15:57:53 GMT server cloudflare age 4905 x-amz-request-id 9QDBPGQ0107H78FB etag W/"20cd5279fca85418932ac0bb3dc2e909" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=14400 cf-ray 79d418568e3e3a7a-FRA x-amz-id-2 KIdm+en1p5qthVjzviAqFIH1OyLnINPZThrd21YltEVtjNMae1IJdCDVUPAW5nlmlok3aj6oJ7w= expires Wed, 22 Feb 2023 05:54:39 GMT
GET H2	200	off-platform.min.js Show response content.worldnow.com/global/js/_pub/	2 MB 473 KB	132ms 44ms	Script application/x-javascript	2606:4700::6812:1e8d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5 Requested by Host: wtnz.images.worldnow.com URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e8d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a303fc30ad954f56a3117017a6127ab3286b3c38d5d23876a980b0a44db7a56 Request headers Referer https://www.wtnzfox43.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 22 Feb 2023 01:54:39 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 26 Oct 2022 13:44:24 GMT wn IISCOM02 server cloudflare age 558343 etag W/"02cede41e9d81:0" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 79d4185709a69969-FRA expires Wed, 22 Feb 2023 05:54:39 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	361 KB 121 KB	105ms 29ms	Script text/javascript	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: content.worldnow.com URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8dc4d387c4e74a24ffeacb473c5cec08143808458cc0dd8efa153608af4f66f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:40 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123572 x-xss-protection 0 expires Wed, 22 Feb 2023 01:54:40 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	157 KB 56 KB	39ms 38ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 71df496a75340e2767cd72d09e421c9518b1000798d959b1750342f5a86dda3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56879 x-xss-protection 0 last-modified Wed, 22 Feb 2023 00:37:46 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 22 Feb 2023 01:54:40 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	157 KB 56 KB	46ms 46ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4bb60a205f118b1d9ff87aed0610cd0fa15b02256484ef68fa6256ac2f5334c2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56790 x-xss-protection 0 last-modified Wed, 22 Feb 2023 00:37:46 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 22 Feb 2023 01:54:40 GMT
GET DATA	200 OK	truncated /	68 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	2iO5YNY.woff2 ngw-static.franklyinc.com/assets/10775/	75 KB 76 KB	169ms 127ms	Font font/woff2	2606:4700::6812:10d4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngw-static.franklyinc.com/assets/10775/2iO5YNY.woff2 Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-6e3c36362be58f83ef28.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10d4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://ngw-static.franklyinc.com/assets/10775/app-6e3c36362be58f83ef28.css Origin https://www.wtnzfox43.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:40 GMT cf-cache-status HIT x-amz-request-id 9DG7Q2WJWGQ3P8SB content-length 77160 x-amz-id-2 yzvnYB8LjTV6RezyRTIqdqwUl1xysavgpjPFCJadH28xna6jKIR3zbCt6h/j2a0KS1AGRl8jgs8= last-modified Tue, 13 Dec 2022 18:21:17 GMT server cloudflare etag "af7ae505a9eed503f8b8e6982036873e" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 79d4185aad52900d-FRA expires Thu, 22 Feb 2024 01:54:40 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	125ms 34ms	Font font/woff2	2a00:1450:400d:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.wtnzfox43.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 12:23:05 GMT x-content-type-options nosniff age 480695 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 16 Feb 2024 12:23:05 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	132ms 42ms	Font font/woff2	2a00:1450:400d:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.wtnzfox43.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 13:13:56 GMT x-content-type-options nosniff age 477644 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 16 Feb 2024 13:13:56 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	228 KB 78 KB	47ms 47ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-F3QMS4WPJ8&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 24ca86e2a7b0d2c508b8e28eb0678cff43926d4edc2609771e40e2d9b898ad43 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80039 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 22 Feb 2023 01:54:40 GMT
GET H2	200	4-5b9f93f28db5b7224e66.js Show response ngw-static.franklyinc.com/assets/10775/	145 B 386 B	34ms 34ms	Script application/javascript	2606:4700::6812:10d4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngw-static.franklyinc.com/assets/10775/4-5b9f93f28db5b7224e66.js Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-5b9f93f28db5b7224e66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10d4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b93a43ddebeef4110f72523965c1ef0d245c10e05a90add2b87133361324c75 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:40 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 13 Dec 2022 18:21:18 GMT server cloudflare x-amz-request-id SDN30FFFK43DY6Y3 age 1748 etag W/"999f29a5d2cf4c211d55105a19243c1d" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 79d4185b4a225b74-FRA x-amz-id-2 3QKgnHwN5EyCeECnZ7P5C1YECO52tJHpHqNo02rM8Sty3glg4dNTSedQmCdxFnxS0aQuNdGHA2w= expires Thu, 22 Feb 2024 01:54:40 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	76 KB 26 KB	89ms 38ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: content.worldnow.com URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 79c5ff3bba77ab9e97397805206f41b76ff73fa9e49819356e6749c294eb3a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26538 x-xss-protection 0 server sffe etag "1490 / 252 of 1000 / last-modified: 1677020724" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 22 Feb 2023 01:54:40 GMT
GET H2	200	videojs.ima.1.5.1-3.js Show response ftpcontent.worldnow.com/platform-files/plugins/	85 KB 17 KB	392ms 390ms	Script application/x-javascript	2606:4700::6812:1e8d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ftpcontent.worldnow.com/platform-files/plugins/videojs.ima.1.5.1-3.js Requested by Host: content.worldnow.com URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e8d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:40 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 28 Oct 2019 19:35:47 GMT server cloudflare x-amz-meta-user-agent-id professionalservices@s-d08b37440bfd4618b x-amz-request-id JHMCG6TTHQY6PJ1G etag W/"8adaa86214cf79d9c87e21aed1384592" x-amz-meta-user-agent AWSTransfer vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=300 cf-ray 79d4185bdb612c77-FRA x-amz-id-2 yAUrmnGXhx7nqmQxAWHTUiAymJcU38j+b+xocaMIzKrGOVUZHeRuVGD0WAxD3XQnUacfKMK7w5w= expires Wed, 22 Feb 2023 01:59:40 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 256 B	84ms 27ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-F3QMS4WPJ8&gtm=45je32f0&_p=1125097185&cid=1854642565.1677030881&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677030880&sct=1&seg=0&dl=https%3A%2F%2Fwww.wtnzfox43.com%2Fstory%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining&dt=Advanced%20Bitcoin%20Chain%20Opens%20Crypto%20Mining%20-%20WTNZ%20-%20Fox43&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-F3QMS4WPJ8&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.wtnzfox43.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	resources Show response www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[0],/	140 B 318 B	136ms 135ms	XHR application/json	2606:4700::6812:1e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[0],/resources?id=48415779&slug=advanced-bitcoin-chain-opens-crypto-mining Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-5b9f93f28db5b7224e66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef433318964493c3633452d864bd04c3ba138cde3cc448f5a67e6309dc405406 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT x-dns-prefetch-control off content-length 129 x-xss-protection 1; mode=block x-response-time 58ms server cloudflare etag W/"8c-8eMiPLS40hxRAM1//Nd1uyMEGkY" x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=180 accept-ranges bytes cf-ray 79d4185d680c30f4-FRA expires Wed, 22 Feb 2023 01:57:40 GMT
GET H/1.1	200 OK	serve.js.php Show response trends.revcontent.com/	4 KB 2 KB	784ms 194ms	Script text/html	54.201.4.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/serve.js.php?w=178625&t=rc_771&c=1677030880883&width=1600&referer=https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-5b9f93f28db5b7224e66.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.201.4.129 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-201-4-129.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 820944a7ada8874e71dd441751a9df3b078ea7f3853a291818c72cf6366000b7 Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers X-RC-Region us-west-2c Date Wed, 22 Feb 2023 01:54:41 GMT content-encoding gzip Strict-Transport-Security max-age=931536000; includeSubDomains Server openresty vary Accept-Encoding Content-Type text/html; charset=UTF-8 access-control-allow-origin https://www.wtnzfox43.com access-control-allow-credentials true Connection keep-alive Content-Length 1422
GET H2	200	addthis_widget.js Show response s7.addthis.com/js/300/	353 KB 114 KB	157ms 40ms	Script application/javascript	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/js/300/addthis_widget.js Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-5b9f93f28db5b7224e66.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip date Wed, 22 Feb 2023 01:54:41 GMT last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag "5f971164-5834c" vary Accept-Encoding x-distribution 99 content-type application/javascript cache-control public, max-age=600 x-host s7.addthis.com content-length 116332
GET H2	200	status Show response www.wtnzfox43.com/api/closings/	15 B 160 B	133ms 133ms	XHR application/json	2606:4700::6812:1e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.wtnzfox43.com/api/closings/status Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-5b9f93f28db5b7224e66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a2c2ea5065da01756d3890c77cfb78a8efc9ff5fff002ef58d7af9e5640deb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT x-content-type-options nosniff cf-cache-status HIT x-dns-prefetch-control off content-length 15 x-xss-protection 1; mode=block x-response-time 215ms server cloudflare etag "f-/bIYGMuMX5eJx+88HDS9T15FmIw" x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=120 accept-ranges bytes cf-ray 79d4185d982d30f4-FRA expires Wed, 22 Feb 2023 01:56:41 GMT
GET H2	200	resources Show response www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget,/	852 B 593 B	417ms 417ms	XHR application/json	2606:4700::6812:1e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget,/resources Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-5b9f93f28db5b7224e66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 886c2b976d5c534871658ccd321983643f403c64f911c86587af4c329c621a1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT x-dns-prefetch-control off content-length 466 x-xss-protection 1; mode=block x-response-time 169ms server cloudflare etag W/"354-WquHZNklKV1CO0ITmlz7XbNVH/M" x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=180 accept-ranges bytes cf-ray 79d4185d982f30f4-FRA expires Wed, 22 Feb 2023 01:57:41 GMT
GET H2	200	19731324_G.png wtnz.images.worldnow.com/images/	10 KB 10 KB	34ms 34ms	Image image/png	2606:4700::6812:16ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wtnz.images.worldnow.com/images/19731324_G.png?auto=webp&disable=upscale&dpr=2&height=70&fit=bounds Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:16ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7ffa7aa8477e27b87fff8a97ed675d26bd393874dcc8c1b2c17d8c2ad84a80f Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:40 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT content-length 9961 cf-resized internal=ok/h q=0 n=18+0 c=16+41 v=2023.1.3 l=9961 last-modified Wed, 29 Jul 2020 19:17:03 GMT cf-bgj imgq:96,h2pri server cloudflare etag "cf4kXu0rLgdRQ8PGfClHiVO2w47tOAz62Z4I335VEMDQ:da568d830f07a77bd14eb1eb2468778c" vary Accept, Accept-Encoding warning cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here" content-type image/png access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 79d4185e1ba83a7a-FRA
GET H2	200	24149560_G.png 247press.images.worldnow.com/images/	22 KB 23 KB	169ms 129ms	Image image/jpeg	2606:4700::6812:16ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://247press.images.worldnow.com/images/24149560_G.png?auto=webp&disable=upscale&height=560&fit=bounds&lastEditedDate=1676950883000 Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:16ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6a64a3b9ee9eff6189dcb975e1d47a5f81497a2ae2dec6084832e4788cf144d Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT content-length 22854 cf-resized internal=ok/r q=0 n=58+0 c=2+42 v=2023.2.4 l=22854 last-modified Tue, 21 Feb 2023 08:41:24 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfRFDvAlk3YopZ2fOO93NY0ntlcSfZf4oIkKCpwqlIDQ:a84fd3fbdd45fb862a7f7f022b216aa8" vary Accept, Accept-Encoding warning cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here" content-type image/jpeg access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 79d4185e5bcc3a7a-FRA
GET H2	200	19313808_G.jpg wdfx.images.worldnow.com/images/	10 KB 10 KB	174ms 135ms	Image image/jpeg	2606:4700::6812:16ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wdfx.images.worldnow.com/images/19313808_G.jpg?auto=webp&disable=upscale&width=300 Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:16ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT content-length 10183 cf-resized internal=ok/h q=0 n=9+0 c=0+19 v=2023.2.4 l=10183 last-modified Mon, 06 Apr 2020 17:47:16 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfMmGmjnEXzM0uYEAJ2vtWqtRTEJoZU4G6ZTvfUGVIDQ:e9d429ee90f3d05de4962461e425af56" vary Accept, Accept-Encoding warning cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here" content-type image/jpeg access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 79d4185e5bcd3a7a-FRA
GET H2	200	19788360_G.jpg wtnz.images.worldnow.com/images/	20 KB 21 KB	129ms 128ms	Image image/jpeg	2606:4700::6812:16ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wtnz.images.worldnow.com/images/19788360_G.jpg?auto=webp&disable=upscale&width=auto Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:16ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ae4275135f4c12a49b2282a8c707ed2d10dab1e564f7bdc146dfcc964f1e158 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT content-length 20991 cf-resized internal=ok/h q=0 n=13+0 c=0+0 v=2023.2.1 l=20991 last-modified Thu, 06 Aug 2020 19:33:38 GMT cf-bgj imgq:0,h2pri server cloudflare etag "cfwAfsZbet8yAOGKJTiAyApaqi7QEfqoyZ4pjHkwoaDQ:34b7b6a707b2c3ee4fa0b79d12644080" vary Accept, Accept-Encoding warning cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here" content-type image/jpeg access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 79d4185e1ba93a7a-FRA
GET H2	200	pubads_impl_2023021601.js Show response securepubads.g.doubleclick.net/gpt/	382 KB 130 KB	137ms 21ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 22:47:34 GMT content-encoding gzip x-content-type-options nosniff age 11227 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 132097 x-xss-protection 0 last-modified Thu, 16 Feb 2023 09:35:44 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 21 Feb 2024 22:47:34 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	152 B 647 B	135ms 30ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wtnzfox43.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e8732738c8d9b84847149da2af6743a915b0cb89f19bada9001fea3fe004561f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 105 x-xss-protection 0 expires Wed, 22 Feb 2023 01:54:41 GMT
GET H2	200	can-autoplay.3.0.0-1.js Show response ftpcontent.worldnow.com/platform-files/plugins/	8 KB 2 KB	125ms 124ms	Script application/x-javascript	2606:4700::6812:1e8d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ftpcontent.worldnow.com/platform-files/plugins/can-autoplay.3.0.0-1.js Requested by Host: content.worldnow.com URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e8d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 28 Oct 2019 19:35:47 GMT server cloudflare x-amz-meta-user-agent-id professionalservices@s-d08b37440bfd4618b x-amz-request-id 0YSC97Y6BETYP9VE etag W/"cee92fb89ab4f849569bd1354aeb4618" x-amz-meta-user-agent AWSTransfer vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=300 cf-ray 79d4185e5d112c77-FRA x-amz-id-2 R3PEplJ9klxePZ71+4vOt37CpBgZmwmPnY8qQpOQSJm10Jbp2XevK6jxbiCDjhqkW+YGL7jKHHU= expires Wed, 22 Feb 2023 01:59:41 GMT
GET H2	200	moatframe.js Show response z.moatads.com/addthismoatframe568911941483/	2 KB 1 KB	101ms 21ms	Script application/x-javascript	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/addthismoatframe568911941483/moatframe.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers unused62 8096267 date Wed, 22 Feb 2023 01:54:41 GMT content-encoding gzip last-modified Fri, 08 Nov 2019 20:13:52 GMT server AmazonS3 x-amz-request-id D5503D14AA2F06AA etag "f14b4e1f799b14f798a195f43cf58376" vary Accept-Encoding content-type application/x-javascript cache-control max-age=8830 accept-ranges bytes content-length 948 x-amz-id-2 JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 531 B	100ms 30ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.wtnzfox43.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	180ms 57ms	Script application/javascript	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.wtnzfox43.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	812 B 963 B	183ms 181ms	XHR text/plain	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1751001215231520&correlator=484979992077167&eid=31071662&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fif&iu_parts=43459271%3A22684687957%2Cloc-desktop%2Cwtnz%2Cweb%2Cweather&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=88x30&ifi=1&adks=3182753813&sfv=1-0-40&prev_scp=wnsz%3D124&cust_params=wncid%3D48415779%26wnpt%3DS%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wtnzfox43.com&sc=1&cookie_enabled=1&abxe=1&dt=1677030881243&lmt=1677030881&dlt=1677030879346&idt=1852&adxs=1382&adys=44&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wtnzfox43.com%2Fstory%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining&frm=20&vis=1&psz=88x0&msz=88x0&fws=512&ohw=0&ga_vid=1854642565.1677030881&ga_sid=1677030881&ga_hid=1125097185&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3e0403cfbe58332f077a210ad6c215865558ac476d10a907a39359851e233182 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 451 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.wtnzfox43.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	53 KB 13 KB	367ms 366ms	XHR text/plain	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1751001215231520&correlator=484979992077167&eid=31071662&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fif&iu_parts=43459271%3A22684687957%2Cloc-desktop%2Cwtnz%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90&ifi=2&adks=3085882104&sfv=1-0-40&prev_scp=wnsz%3D41&cust_params=wncid%3D48415779%26wnpt%3DS%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wtnzfox43.com&sc=1&cookie_enabled=1&abxe=1&dt=1677030881252&lmt=1677030881&dlt=1677030879346&idt=1852&adxs=95&adys=174&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wtnzfox43.com%2Fstory%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining&frm=20&vis=1&psz=1410x0&msz=1410x0&fws=0&ohw=0&ga_vid=1854642565.1677030881&ga_sid=1677030881&ga_hid=1125097185&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c91ae20d61f2cc1cef345034cf8560e245d6be85c3ed0cf9d70de54a7a959389 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13036 x-xss-protection 0 google-lineitem-id 6084843041 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138400628316 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.wtnzfox43.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	25 KB 10 KB	1097ms 1095ms	XHR text/plain	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1751001215231520&correlator=484979992077167&eid=31071662&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fif&iu_parts=43459271%3A22684687957%2Cloc-desktop%2Cwtnz%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=3&adks=1896545879&sfv=1-0-40&prev_scp=wnsz%3D43&cust_params=wncid%3D48415779%26wnpt%3DS%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wtnzfox43.com&sc=1&cookie_enabled=1&abxe=1&dt=1677030881258&lmt=1677030881&dlt=1677030879346&idt=1852&adxs=1175&adys=214&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wtnzfox43.com%2Fstory%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining&frm=20&vis=1&psz=330x0&msz=330x0&fws=0&ohw=0&ga_vid=1854642565.1677030881&ga_sid=1677030881&ga_hid=1125097185&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7db196fea41bcaccbb73008980fe6c9b698d13aa17f7ce766530ad97402a5e58 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9862 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.wtnzfox43.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	15 KB 7 KB	802ms 800ms	XHR text/plain	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1751001215231520&correlator=484979992077167&eid=31071662&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fif&iu_parts=43459271%3A22684687957%2Cloc-desktop%2Cwtnz%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600&ifi=4&adks=4001668881&sfv=1-0-40&prev_scp=wnsz%3D52&cust_params=wncid%3D48415779%26wnpt%3DS%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wtnzfox43.com&sc=1&cookie_enabled=1&abxe=1&dt=1677030881261&lmt=1677030881&dlt=1677030879346&idt=1852&adxs=1175&adys=620&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wtnzfox43.com%2Fstory%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining&frm=20&vis=1&psz=330x0&msz=330x0&fws=0&ohw=0&ga_vid=1854642565.1677030881&ga_sid=1677030881&ga_hid=1125097185&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 008b31386130e511a334c4cc03470e5db0a39290c4b289d0ceb6d2d787d52a45 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6708 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.wtnzfox43.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	619 B 498 B	581ms 581ms	XHR text/plain	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1751001215231520&correlator=484979992077167&eid=31071662&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fif&iu_parts=43459271%3A22684687957%2Cloc-desktop%2Cwtnz%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90&ifi=5&adks=564924334&sfv=1-0-40&prev_scp=wnsz%3D46&cust_params=wncid%3D48415779%26wnpt%3DS%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wtnzfox43.com&sc=1&cookie_enabled=1&abxe=1&dt=1677030881264&lmt=1677030881&dlt=1677030879346&idt=1852&adxs=95&adys=3427&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wtnzfox43.com%2Fstory%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining&frm=20&vis=1&psz=1410x0&msz=1410x0&fws=0&ohw=0&ga_vid=1854642565.1677030881&ga_sid=1677030881&ga_hid=1125097185&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cf3741082bbd8d93c4bb6419a64c8ce07b39dea84aa4a58b38a4526eed8db33a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 321 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.wtnzfox43.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F23D	6 KB 3 KB	123ms 28ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.wtnzfox43.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 01:54:41 GMT expires Thu, 22 Feb 2024 01:54:41 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	resources Show response www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/	852 B 535 B	141ms 139ms	XHR application/json	2606:4700::6812:1e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/resources?zipcode=37923 Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-5b9f93f28db5b7224e66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 886c2b976d5c534871658ccd321983643f403c64f911c86587af4c329c621a1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT x-dns-prefetch-control off content-length 466 x-xss-protection 1; mode=block x-response-time 156ms server cloudflare etag W/"354-WquHZNklKV1CO0ITmlz7XbNVH/M" x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=180 accept-ranges bytes cf-ray 79d418603a2630f4-FRA expires Wed, 22 Feb 2023 01:57:41 GMT
GET H2	200	resources Show response www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/	844 B 620 B	1096ms 1095ms	XHR application/json	2606:4700::6812:1e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/resources?zipcode=37801 Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-5b9f93f28db5b7224e66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 447343db50cbc1524d0edc5e637cafb49a9845938607a9329f0290878a28bb61 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED x-dns-prefetch-control off content-length 461 x-xss-protection 1; mode=block x-response-time 881ms server cloudflare etag W/"34c-n7+dSbIxqkyIT42opPJTKgcLQNM" x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=180 accept-ranges bytes cf-ray 79d418603a2730f4-FRA expires Wed, 22 Feb 2023 01:57:42 GMT
GET H2	200	27_mostlycloudy_night.png ngw-static.franklyinc.com/assets/static/	2 KB 3 KB	28ms 27ms	Image image/png	2606:4700::6812:10d4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ngw-static.franklyinc.com/assets/static/27_mostlycloudy_night.png Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10d4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 646f822b200d3945414f6d39a6218348f33974446ae17193bfaf2c8e1fd8bb4a Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT cf-cache-status HIT x-amz-request-id CPK3GKJZ4ETKSCDJ age 2641 content-length 2470 x-amz-id-2 7HqCo6wkJ0yCSX05PUC3wrQGx9CUiR2BiM9eOyuXBVuua037fcfpsickRUI3cJUhDXTHwBKNWrQ= last-modified Tue, 03 Mar 2020 16:10:12 GMT server cloudflare etag "c7510f3ec8473a041c7d6030355ac287" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=14400 accept-ranges bytes cf-ray 79d418612c945b74-FRA expires Wed, 22 Feb 2023 05:54:41 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 393E	0 0	60ms 59ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscF_ypjZIGADZK247nlqM9_53xLQD_Ty7SB9S72hRPwj7bW-wzlyDLNlG4cBEOhRcVTHXUAcUwuyOrPOP9oNMRVRYuniB6gSUlZe2ZXgU7sk0TFUC_cZ--_4LPnZ4cb9aAQldIuhpfGksM7WfO8OgOUvad0lrAn1mhaxgv4xoS7j4LRFQmUy48Yr7Jf7KvkEWgnL5WNr3gpnI3vPn8bUH4NHuJSm-2-GFNst7Cwl6CHhPwAzYp0BbXJ480JJCzSG-fGy8J33NnwLw3Li4i3j0_tzFT2idKLoS724SHSqxzcUjJV2gOPkCk0UNq2Kg9rnFqyT9APQVn72eQFw_ypEFunkcvi9nPf5PyRdtBlA&sai=AMfl-YT_rHfBNnzMwIZqaGXjCAIvwBz92L33TdM6it4PH8etnVxumKrXWhcmBJSzVb8Yh7_CSfpZ6KaVk_amV9BkGXcHqPiMZkaz7flZRHRV8xJdJRPDACi8OmNpZshN5jA50y5rmaVdf2LoJo-vy50&sig=Cg0ArKJSzDV3oa0lu6V0EAE&uach_m=[UACH]&adurl= Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 22 Feb 2023 01:54:41 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 393E	3 KB 2 KB	113ms 21ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 23:21:56 GMT content-encoding br x-content-type-options nosniff age 9165 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Mar 2023 23:21:56 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 393E	156 KB 48 KB	30ms 29ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48814 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1676465787912926" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 22 Feb 2023 01:54:41 GMT
GET H/1.1	200 OK	dvtp_src.js Show response cdn.doubleverify.com/ Frame 393E	8 KB 4 KB	155ms 41ms	Script application/javascript	2a02:26f0:6c00::210:ba29 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138400628316&splc=/43459271/loc-desktop/wtnz/web/news&adu=138111031&unit=728x90&btreg=6084843041138400628316&btadsrv=6084843041138400628316&ctx=19955922&cmp=DV451308 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 5851da0728ca1ed1f661c31af12e7c5731230af08613c1a6d2654befe4f7a697 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Wed, 22 Feb 2023 01:54:41 GMT Content-Encoding gzip Last-Modified Wed, 15 Feb 2023 17:46:13 GMT Server Microsoft-IIS/10.0 ETag "80e03a656541d91:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=900 Connection keep-alive Accept-Ranges bytes Content-Length 3337
GET H2	200	15987589154495016189 tpc.googlesyndication.com/simgad/ Frame 393E	37 KB 38 KB	113ms 22ms	Image image/jpeg	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15987589154495016189 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6326db643a16b70d7c71478482f73c3291422fe31cf17a775fd74054e45174fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 20:15:28 GMT x-content-type-options nosniff age 538753 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38336 x-xss-protection 0 last-modified Mon, 08 Aug 2022 14:54:31 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 15 Feb 2024 20:15:28 GMT
GET DATA	200 OK	truncated / Frame 393E	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 054d32e05fcc41a350004705ccbbc0c1b66b5a89b649fdb5d214991f7d8b2320 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
POST H/1.1	200 OK	serve.js.php Show response trends.revcontent.com/	82 KB 25 KB	300ms 300ms	XHR text/javascript	54.201.4.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/serve.js.php?w=178625&t=rc_771&c=1677030880883&width=1600&site_url=https%3A%2F%2Fwww.wtnzfox43.com%2Fstory%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining&referer=&skip_iab=true Requested by Host: trends.revcontent.com URL: https://trends.revcontent.com/serve.js.php?w=178625&t=rc_771&c=1677030880883&width=1600&referer=https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.201.4.129 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-201-4-129.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 90e23a9c7395cd1df98ceba55da7d88c5d9ac3f658e16e4b2394dc17215f68bf Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers Referer https://www.wtnzfox43.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers X-RC-Region us-west-2c Date Wed, 22 Feb 2023 01:54:41 GMT Strict-Transport-Security max-age=931536000; includeSubDomains Content-Encoding gzip Server openresty Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8 access-control-allow-origin https://www.wtnzfox43.com access-control-allow-credentials true Connection keep-alive
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 393E	0 0	58ms 57ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRDb9H1utE7Cxo7QdP5SwxSdD0hkAR5CdmsLvChQSCvxGaBokxig6QhhRhTvS_lDQOuNxl7ayTn82RxcYwtWITsuoBO96404t7049yM5lWDn7xZJLxN87HbUM0d3MgYDubttFDS6oO57B_lFtT7D73qBMyIgQ_Bb078pB3nm8k2AEZP_QqL_cFJoojonsaSitElA4FOpaDTDWI3lYBu52a5ffnGITQJK2So8C9x9s5UsTSFiDBhEIDtoRhY8hQ65-jGxanQgk05ZitczrZNUDlKil0zXFnWzILa3y-YnlbS_XyMCuJNMf4JoEpo63wPGNOxhr7DAb_6yG0W267a0E7uw&sai=AMfl-YStGNlKxROubsAygUqOMwgemRh7qT89jogs5t30lVvdCzDNVXHOBnBwzOKNQNs87V9ymHcDHwSWXAAH1fED97XpBn4Q1BAjG5ZLjTNMixvo7PnYPzSP5MBzyI9AzIX52_VkH25jvVvJg-tNXuk&sig=Cg0ArKJSzAUARQhdoACyEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:41 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 22 Feb 2023 01:54:41 GMT
GET H/1.1	200 OK	dv-measurements3536.js Show response cdn.doubleverify.com/ Frame 5564	555 KB 106 KB	44ms 44ms	Script application/javascript	2a02:26f0:6c00::210:ba29 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dv-measurements3536.js Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 30780bf3c21b05a7eeada22b3169a49d934102323c7302f437e5cad8867e0166 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Wed, 22 Feb 2023 01:54:41 GMT Content-Encoding gzip Last-Modified Wed, 15 Feb 2023 15:14:41 GMT Server Microsoft-IIS/10.0 ETag "80c6f9395041d91:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080900 Connection keep-alive Accept-Ranges bytes Content-Length 108460
GET H/1.1	200 OK	visit.js Show response tps.doubleverify.com/ Frame 5564	694 B 704 B	112ms 28ms	Script text/javascript	34.149.12.213 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=112&ttfrms=33&brid=3&brver=110.0.5481.100&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DHE%3FK7%40Icb%5D4%40%3ETauDE%40CJTaucgc%60dffhTau25G2%3F465%5C3%3AE4%40%3A%3F%5C492%3A%3F%5C%40A6%3FD%5C4CJAE%40%5C%3E%3A%3F%3A%3F8U2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DHE%3FK7%40Icb%5D4%40%3ETar9EEADTbpTauTauHHH%5DHE%3FK7%40Icb%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DHE%3FK7%40Icb%5D4%40%3ETauDE%40CJTaucgc%60dffhTau25G2%3F465%5C3%3AE4%40%3A%3F%5C492%3A%3F%5C%40A6%3FD%5C4CJAE%40%5C%3E%3A%3F%3A%3F8&srcurlD=0&aUrlD=0&ssl=https:&dfs=12&ddur=156&uid=1677030881955163&jsCallback=dvCallback_1677030881955899&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.100%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3536&tgjsver=3536&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.wtnzfox43.com%2Fstory%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining&fwc=0&fcl=265&flt=68&fec=353&fcifrms=3&brh=2&sdf=2&dvp_epl=428&noc=4&nav_pltfrm=Win32&ctx=19955922&cmp=DV451308&btreg=6084843041138400628316&btadsrv=6084843041138400628316&adsrv=104&unit=728x90&seltag=1&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138400628316&splc=/43459271/loc-desktop/wtnz/web/news&adu=138111031&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1027652848902.6141&dvp_tukv=1196651595.4780238&dvp_tuid=1062146619889&jurtd=3005530326 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements3536.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 213.12.149.34.bc.googleusercontent.com Software / Resource Hash 8c6351914e5969ca60fb633e80acd4e4437e60649a1a4499f61e58bfdb323c86 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Feb 2023 01:54:42 GMT Content-Encoding br Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Connection keep-alive Expires 02/21/2023 01:54:42
GET H2	200	container.html Show response 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8DF4	6 KB 3 KB	22ms 21ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.wtnzfox43.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 01:54:41 GMT expires Thu, 22 Feb 2024 01:54:41 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 3300	624 B 689 B	85ms 31ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuwcxCfx6UCGMeUneEBMAE&v=APEucNUtVGvH03feyWJgHhKbsQHCBgSncgN1M7xWwPWrpu0TeY99fjE_lrwz2d91s14V8YDibmx6chgeQ_FgES-Kb3DgySYmgeZo76O_LLfCy9LuJu1FEbpnmGFZ1FB3CZrzFjHuAm_KXS2vnlGFGnVcRHWWDjmK-saQR0DkYcaft0UMbDodqgY Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 01:54:42 GMT expires Wed, 22 Feb 2023 01:54:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 8DF4	78 KB 28 KB	87ms 34ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27790 x-xss-protection 0 server cafe etag 3677590245327912432 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Wed, 22 Feb 2023 01:54:42 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8DF4	42 B 173 B	106ms 53ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BXboNv_eFoZWdUTp_-w-Eu7DFk7fV9XGGOWwd-4VEOV1xRE-OK9r6BQDM1IkLSw2tlZ_ybaT0k1ZjDn6lN8ywxorxeJ-GK-M2xetTMh4EIqITjW9w Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8DF4	0 58 B	109ms 56ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11428273821934918882&x=1&ct=76 Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 8DF4	3 KB 1 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 23:21:56 GMT content-encoding br x-content-type-options nosniff age 9166 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Mar 2023 23:21:56 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 8DF4	20 KB 8 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 23:21:55 GMT content-encoding br x-content-type-options nosniff age 9167 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8274 x-xss-protection 0 server cafe etag 9471482037410804447 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Mar 2023 23:21:55 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8DF4	156 KB 48 KB	35ms 33ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48814 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1676465787912926" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 22 Feb 2023 01:54:42 GMT
GET H2	200	rev2.min.css cdn.revcontent.com/build/css/	83 KB 23 KB	92ms 25ms	Stylesheet text/css	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.revcontent.com/build/css/rev2.min.css?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86 Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software / Resource Hash cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT content-encoding gzip last-modified Fri, 17 Feb 2023 19:02:14 GMT etag "1676660534" x-hw 1677030882.cds323.fr8.hn,1677030882.cds327.fr8.c content-type text/css access-control-allow-origin * cache-control max-age=59618 accept-ranges bytes content-length 23124
GET H2	200	rev2.min.js Show response cdn.revcontent.com/build/js/	280 KB 84 KB	111ms 44ms	Script application/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.revcontent.com/build/js/rev2.min.js?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0 Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software / Resource Hash eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT content-encoding gzip last-modified Fri, 17 Feb 2023 19:02:14 GMT etag "1676660534" x-hw 1677030882.cds323.fr8.hn,1677030882.cds148.fr8.c content-type application/javascript access-control-allow-origin * cache-control max-age=40 accept-ranges bytes content-length 85555
GET H2	200	/ img.revcontent.com/	1 KB 1 KB	90ms 26ms	Image image/png	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software / Resource Hash 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT last-modified Thu, 02 Jun 2022 15:22:42 GMT etag "1654183362" x-hw 1677030882.cds108.fr8.hn,1677030882.cds260.fr8.c content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 1351
GET H2	200	6148852e05efc4-74795207.jpg images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/	7 KB 7 KB	102ms 35ms	Image image/webp	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/6148852e05efc4-74795207.jpg Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Cloudinary / Resource Hash 130aebbf4fee851a76beb88f1acf27106403786583361614128d9619185ce1e2 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="6148852e05efc4-74795207.webp" server-timing fastly;dur=128;cpu=0;start=2023-01-09T04:48:20.652Z;desc=hit,rtt;dur=0 content-length 7118 last-modified Mon, 20 Sep 2021 13:11:33 GMT server Cloudinary etag "0e794209383d9056916f873d0ee0533c" vary Accept x-hw 1677030882.cds286.fr8.hn,1677030882.cds278.fr8.c content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	61487d41c96912-76839975.jpg images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/	40 KB 41 KB	103ms 36ms	Image image/webp	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/61487d41c96912-76839975.jpg Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Cloudinary / Resource Hash d8cc2da8c4a6b7d1269c9b6d78619ee4498c2c0417336e8d1a416e19a4deddaa Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="61487d41c96912-76839975.webp" server-timing fastly;dur=113;cpu=1;start=2022-06-17T20:38:28.995Z;desc=hit,rtt;dur=0 content-length 41252 last-modified Mon, 20 Sep 2021 12:43:10 GMT server Cloudinary etag "b2d687b14b2ab6bec069b9dea801c77e" vary Accept x-hw 1677030882.cds286.fr8.hn,1677030882.cds215.fr8.c content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	61488425e43805-33775925.png images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/	19 KB 20 KB	128ms 62ms	Image image/webp	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/61488425e43805-33775925.png Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Cloudinary / Resource Hash 26def577802cf88861212a920f618205060195156cefdf23b9b1a1ae6f332de9 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="61488425e43805-33775925.webp" server-timing fastly;dur=2;cpu=1;start=2023-01-06T12:06:09.884Z;desc=hit,rtt;dur=0 content-length 19736 last-modified Mon, 20 Sep 2021 13:12:13 GMT server Cloudinary etag "9d49a47803f3ac1301f06e0aa86b8178" vary Accept x-hw 1677030882.cds286.fr8.hn,1677030882.cds211.fr8.c content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	6148810502b0a9-36735616.jpg images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/	35 KB 35 KB	136ms 69ms	Image image/webp	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/6148810502b0a9-36735616.jpg Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Cloudinary / Resource Hash 100c7542ada3af84ff0dce132ae7b8076794d69b91a04f5647f0c1b409407f98 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="6148810502b0a9-36735616.webp" server-timing fastly;dur=2;cpu=0;start=2022-12-17T23:38:13.455Z;desc=hit,rtt;dur=0 content-length 35882 last-modified Mon, 20 Sep 2021 12:53:56 GMT server Cloudinary etag "78d021dddb801cf6b9603cb8531476cc" vary Accept x-hw 1677030882.cds286.fr8.hn,1677030882.cds052.fr8.c content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	61487fc8866237-84261723.jpg images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/	9 KB 9 KB	149ms 83ms	Image image/webp	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/61487fc8866237-84261723.jpg Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Cloudinary / Resource Hash 885174a0191099a5b2288a2fabb396e1eae5f1a133300d1ddb03290ca0cc410e Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="61487fc8866237-84261723.webp" server-timing fastly;dur=2;cpu=1;start=2022-12-28T18:19:21.841Z;desc=hit,rtt;dur=0 content-length 8722 last-modified Mon, 20 Sep 2021 12:53:25 GMT server Cloudinary etag "9770fcd22c2c43e412de2167cd2a1551" vary Accept x-hw 1677030882.cds286.fr8.hn,1677030882.cds331.fr8.c content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	61487ce55f1c30-68050708.jpg images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/	12 KB 12 KB	151ms 85ms	Image image/webp	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/61487ce55f1c30-68050708.jpg Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Cloudinary / Resource Hash 7683800a1039b42f02510cd5626dba98c5067c15f10e8736eeff9f5e42fd0466 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="61487ce55f1c30-68050708.webp" server-timing fastly;dur=126;cpu=1;start=2022-06-17T20:38:29.065Z;desc=hit,rtt;dur=0 content-length 12172 last-modified Mon, 20 Sep 2021 12:43:12 GMT server Cloudinary etag "d07377a4095643a8fe342602a7249db0" vary Accept x-hw 1677030882.cds286.fr8.hn,1677030882.cds166.fr8.c content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, immutable, max-age=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	P4KU09_.woff ngw-static.franklyinc.com/assets/10775/	79 KB 79 KB	149ms 149ms	Font application/font-woff	2606:4700::6812:10d4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngw-static.franklyinc.com/assets/10775/P4KU09_.woff Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-6e3c36362be58f83ef28.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10d4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d212c4e67cb437939d8af0fff3f3d30f58fda432be6f0cd03107855c1b8aa057 Request headers Referer https://ngw-static.franklyinc.com/assets/10775/app-6e3c36362be58f83ef28.css Origin https://www.wtnzfox43.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id F4NQNT5FJ3G5H2K8 x-amz-id-2 VuGPLysEWTkwNWFcvC7AW8KOPQbaSkpVJqB1D6+GTP2niSW0aomem5UsBd2Wq0TtY4laaFIgxCg= last-modified Tue, 13 Dec 2022 18:21:18 GMT server cloudflare etag W/"42dd505fb0243062f35e1b3b46210151" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type application/font-woff access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 79d41865cb87900d-FRA expires Thu, 22 Feb 2024 01:54:42 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 3300 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM68WSViVUdu-Aawr-Ct6g&google_cver=1	43 B 766 B	26ms 26ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM68WSViVUdu-Aawr-Ct6g&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuwcxCfx6UCGMeUneEBMAE&v=APEucNUtVGvH03feyWJgHhKbsQHCBgSncgN1M7xWwPWrpu0TeY99fjE_lrwz2d91s14V8YDibmx6chgeQ_FgES-Kb3DgySYmgeZo76O_LLfCy9LuJu1FEbpnmGFZ1FB3CZrzFjHuAm_KXS2vnlGFGnVcRHWWDjmK-saQR0DkYcaft0UMbDodqgY Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Feb 2023 01:54:42 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM68WSViVUdu-Aawr-Ct6g&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 3300 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-V14mnZj8cF7gz9NDL8UAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM68WSViVUdu-Aawr-Ct6g&google_cver=1	43 B 766 B	26ms 26ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM68WSViVUdu-Aawr-Ct6g&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuwcxCfx6UCGMeUneEBMAE&v=APEucNUtVGvH03feyWJgHhKbsQHCBgSncgN1M7xWwPWrpu0TeY99fjE_lrwz2d91s14V8YDibmx6chgeQ_FgES-Kb3DgySYmgeZo76O_LLfCy9LuJu1FEbpnmGFZ1FB3CZrzFjHuAm_KXS2vnlGFGnVcRHWWDjmK-saQR0DkYcaft0UMbDodqgY Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Feb 2023 01:54:42 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM68WSViVUdu-Aawr-Ct6g&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 3300 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEJiXpxkle3ce6ayqBUawnMU&google_cver=1	43 B 1 KB	22ms 22ms	Image image/gif	37.252.171.149 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEJiXpxkle3ce6ayqBUawnMU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuwcxCfx6UCGMeUneEBMAE&v=APEucNUtVGvH03feyWJgHhKbsQHCBgSncgN1M7xWwPWrpu0TeY99fjE_lrwz2d91s14V8YDibmx6chgeQ_FgES-Kb3DgySYmgeZo76O_LLfCy9LuJu1FEbpnmGFZ1FB3CZrzFjHuAm_KXS2vnlGFGnVcRHWWDjmK-saQR0DkYcaft0UMbDodqgY Protocol HTTP/1.1 Server 37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Feb 2023 01:54:42 GMT AN-X-Request-Uuid 98673273-66f2-4779-97b0-ed8e2f339381 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.114.218.28; 217.114.218.28; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEJiXpxkle3ce6ayqBUawnMU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 3300 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMTQ0OTk1NTU2MzU5MDE4MA%3D%3D	170 B 243 B	34ms 33ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMTQ0OTk1NTU2MzU5MDE4MA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuwcxCfx6UCGMeUneEBMAE&v=APEucNUtVGvH03feyWJgHhKbsQHCBgSncgN1M7xWwPWrpu0TeY99fjE_lrwz2d91s14V8YDibmx6chgeQ_FgES-Kb3DgySYmgeZo76O_LLfCy9LuJu1FEbpnmGFZ1FB3CZrzFjHuAm_KXS2vnlGFGnVcRHWWDjmK-saQR0DkYcaft0UMbDodqgY Protocol H2 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Wed, 22 Feb 2023 01:54:42 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.114.218.28; 217.114.218.28; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 14ad3961-bbae-4d05-b070-823c184c9f4b Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMTQ0OTk1NTU2MzU5MDE4MA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8DF4	0 56 B	53ms 53ms	Ping image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7131051075210&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8DF4	0 56 B	54ms 54ms	Ping image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7131051075210&version=m202301230201&ct=76&x=1&cor=11428273821934920000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 8DF4	83 KB 35 KB	52ms 51ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvzhEJuIKHPQARFqcZF386elCUsbQKznhF1ibj9C59cRQRuzclMLSZPwXYST2JlRW2vQ1mqNTxv9MIZzMPe8E4ttLpzA&cry=1&dbm_d=AKAmf-BSVVWCsnmPLRSV21bYoOp_yIeBa0px76hTMIJss-o0uxJDeACjPpJXXEJfsQtUxsAXAFvh-4PJr80c7-fcoxCu6yzdBj0GgTgcut3IN_NmORskC9Rbd2R5x5CdKboxvbL9pLhBFHnqkALeDrpQEymZAvm9jcw9j8t8iEC9M92XXR1rJSLTgP2nOPLpahUbCQi9d6VN-nHAgbFp0hqfWHvJk2DRfVzJ1itVMMaaYHXDan9Oatjtq3z4LtnfwLOkXbMkSqmwe7PI3EhR6xWaO2njXOIr7qGsR3iVAuL49NyTWfsZbdtcdoufCyXGPiT6rTNwG7oGuW6olotOlI7-FxElsmSfDQK_ZOi-Ex2TZ8y54vh4RFslPk7jqRuhULvPQDe3ckxM3cAoycBBFqbstQ-LcXhJq0QVZIeVl9N4Ho-WtoUQzsnQ3lj5aEMHJFVb_x1O_io1tG9-QQ724FRohz1fA5LDcusgEfwk45F5WBZcOp29aBpu6MF1tTs4GK3w2HToDzKTXaMmaTFG7bSPO4BZ307yE0nQHyhuq_WBdQ-qw4rvIDvEOi96FV5S0NUAS4RkYSs_0lXcapSKRuzjpsdFEdFHF2RIFGItkm36pffjoKZzq_ZuzQ5zxWsb4HastWBybtwgkRiXgafrkv5Lg1EmnDuyvBoUN8TKJSgr_Q4AxpBlfMHveK3ytvCvO5SQ_eJup1_A4Wwfgi3vVrh0U0s-R9gT3Fhgea6z5pRDjH7V8PnqnYWcZ_VKjvo98BnrCGS5M3pBTGKrD9oT9iFlN5PR6xofUSfQEVjsRYy5nWtZmQxkpRfj5LkPCdGGTpqmPcXbZ1SoYwi_TrgCPGaR7TDss4mTPLBRjD6N94hVpaEo-enMyV-jy2hQIO1En-hcmqrG9pN5Ld2fWUD7gerLCobFD3bz5X_DQLhUIVI4uTc-dAVGFIvGQnB1bW8wVtpQ-GNTk8Ha_wlnVyFrzz2DOlwEZUaRTQlMcNPZNMl1hUSOTvSvNpCH5dAocRszAj0WGnU2bnJT45mhK-XTN7T7YGhB5-6K_9y38ZakmUt6Z773zOaSB9TrVUiXbLD9f08F7Iome97sH1RnrEHj4DBVaggNpXOxVR3-BSVNCwmIY6cKvPK8SLElkjwfqgEDo08fX35MRpnATtmDOfEY3ZZvkRFM7i9LU42ql25fD7FxUlRac7mHUOAvSub7GqOyB8BBQmSxfQCUxlsYeO4_YhOiMEaCqkaHiBeYsjsqiwuFHeGsIlnLIREMY3ZeNCA6EnCZosVFSkBMkKxaEJftLVYDH-3_78PYF-x_Sk4nPfEhnhzQxyfGFF7c6FvYbUtzEEXp6TXN5LNP0_Xg3xI3GddVkMdZkoG4Zyy_LejcM4Vh0BgT2IRsHUApeft0dgyJHBbyzOXgvtaZEim-fVKGBrMjHFCrXV3mgQLuIF83dJJHcrwwEzm7xpfHWMiJ-bWwtr3-T_lzGY9ce8mCQ45QLxxarrY9_QIS0PYtz1Ep3Tp_JnNCa-eJiz9p7zwtEBaqCLyuWWIO7r4slw8SvFf3STF5k32Ur-4G0xXQGIUu2mexyW7u6zenTccw-xaQ-v5LbaY6Z8-l1rVSstBRs8L8ZGuiq5uqeLbie2ltYXnbvahFyLwI7JyoSE6m79c4-lii5hftCNDXDqT90hn_xxYxZA-x0Nbyqb0eVYXcSi9DVCJ_tfWutP2mICzNl3GCBhoRAaceHPZffupuyMxL78fFS6vvfZFEtCjkrJJa8tUAF7nK4M4r5iV44Othg9EfUURQd3gAPpSA3hjYFw3j6F2XO7f4LwPo_2mnOWu750Czajyr77jDu1WHCynM9KSH8mk6CjA5Qk3tnTXFFNwzMYZZsd0oF4MJp19AqAMqlBIGT49kHpiHyc1qZ6cF70-yC5J5-PrK998FNpeLsvAmeibDfzclw8F3GdBMh2eM3JrXiM418Vm3GgybWhSTgOnsfgGrstVZbeHx9NqhWmwC9eLNtwfiiQ3Vi2CPNKBtZVV1meRO7J3aBMRAuhmR90V3AX3U0afhGh9UQfgj0_H74ztHr_E4Fy2JEkZIptqMufsBUzjIJb6EOCs2IVc5V0CAarQVsypYkKfW5v_5J5poX8b4c79NynyvVNZRSLB9FBqHtuZzbOkZ6e4wt0Kz9so1-KSEMyffFgDnTgkv0JrQmuu2WAhKNRsTdM5-42CrMYnndkVOc_YkL2TnrRlAk-yBq4ZLmfQgu-VaRD-sZJJt4DVyz_rVnYJBTPnBuWnSYzT7BzkKyXdGtK1YLbII8TiW6XNneJj-y2aMJ2jhxGity_7Y0sUYtzkDIrvYrVH8eD4CSoDi-7W1xI8ZQD57yIz-cxuE3-H9GGPaUf__lJDE5Nm8pSyULnAmQkGUck91isgfmidVUGPWJID2wS01GWe51vQ2sFIY155ddQdRtYau5NMcbm94vhxZEqUSnENltKb67SYV_aUjk4AJFZXrxHvJB3TJ129ZnPVLeOIHs1FTH5yoVsBy8JqRAwuG6CL22XeYwIsM88QkEfWpKniMxm9rL71s7pP-ixSNCspXxBc-nLiqKioQFnqCqLgVPelUHMUPcIhdrXuxnHadPYJgeqcOTtqZ-obL6F8VdVVFzGwiDQyM-4-NwFBOndy2AxU8TgYmhB1FJMG0GsVJxZxAJOuHAgEXwep9TxKVa5km54wjaDajfYBGkZ4VrbQhgCv9raKymb-8-ol8fEqcs-XAL6XyWsA1ETtg7kx38t7WJkh6Yaib2YojizYo7Po_RL9U5VWaWeawam8DGxvRiiYxGtctSpjxxjumLzb4JkW1UFouN9-TCB9SuOKtm2gK5OwRLV6q1Y9XzdvLM84hQKpflXZlQsHJxcUCqDhluvaAw2fUY4lWblGvb0GcOwcNwhnBZKGctU30FEZ_cFOKbqQcAAiA9Iy1-1I5d0zyZg8pt66m_nQfJroC8_dycU1VGdHxjLiOCJ5HP4Juul-fpufDlSLpvXv8Qc4yzlowc5zsgils7bBQRYP86LGjz3D30ryGPfzdLy643EREKBIXE1xPMV5ey5up_iivSWigucthklhGyyCBA49aoDrdBGcdDUW-TEJxb-IeeVvT83f01Sy86hQWKmCWtKGl5n1sglLwEKXWLdxpERjahVfTtNtOE-u8yaf_l183qQisLOql48l_mXq1K-aQwQmdG-HDsV5rgSorf5fy7b1keJkfWDJMlZY6LnsjqZzn8D4Il159IQdBBD13cz1TRNuXNR_UHE9OUQuNSrDEQRwTnjbLAhESHiK9Nfq0QW8GYUvvnRiGSyW4gur_pXjIJfnuCJDjElOu9d-A1rmy6JmdBkE4OCRGivfkn6DQDOpwhpns9fZb7OCEvD_AM7N46gIoib-34xrL&cid=CAQSTADUE5ymx9J_RthbzGpk3cgrAnaU1lIuQzA2p3ZGc65D9JofQI2VZGT6zlOC32v_Ix17eVWlw8PEOJ9ZyeapSJmAi9xy6oCQgtmeovgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.wtnzfox43.com%2F&ds=l&xdt=1&iif=1&cor=11428273821934920000&adk=250412560&idt=110&cac=0&dtd=6 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3d1701536d228615a1d8e25fbf9fb814c1d720d08d5b7b6a0a9f988f6a36465a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35479 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	express_html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame 8DF4	106 KB 37 KB	88ms 21ms	Script text/javascript	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ Origin https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 23:10:48 GMT content-encoding gzip x-content-type-options nosniff age 9834 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37872 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 22 Feb 2023 23:10:48 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/ Frame 8DF4	8 KB 3 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvzhEJuIKHPQARFqcZF386elCUsbQKznhF1ibj9C59cRQRuzclMLSZPwXYST2JlRW2vQ1mqNTxv9MIZzMPe8E4ttLpzA&cry=1&dbm_d=AKAmf-BSVVWCsnmPLRSV21bYoOp_yIeBa0px76hTMIJss-o0uxJDeACjPpJXXEJfsQtUxsAXAFvh-4PJr80c7-fcoxCu6yzdBj0GgTgcut3IN_NmORskC9Rbd2R5x5CdKboxvbL9pLhBFHnqkALeDrpQEymZAvm9jcw9j8t8iEC9M92XXR1rJSLTgP2nOPLpahUbCQi9d6VN-nHAgbFp0hqfWHvJk2DRfVzJ1itVMMaaYHXDan9Oatjtq3z4LtnfwLOkXbMkSqmwe7PI3EhR6xWaO2njXOIr7qGsR3iVAuL49NyTWfsZbdtcdoufCyXGPiT6rTNwG7oGuW6olotOlI7-FxElsmSfDQK_ZOi-Ex2TZ8y54vh4RFslPk7jqRuhULvPQDe3ckxM3cAoycBBFqbstQ-LcXhJq0QVZIeVl9N4Ho-WtoUQzsnQ3lj5aEMHJFVb_x1O_io1tG9-QQ724FRohz1fA5LDcusgEfwk45F5WBZcOp29aBpu6MF1tTs4GK3w2HToDzKTXaMmaTFG7bSPO4BZ307yE0nQHyhuq_WBdQ-qw4rvIDvEOi96FV5S0NUAS4RkYSs_0lXcapSKRuzjpsdFEdFHF2RIFGItkm36pffjoKZzq_ZuzQ5zxWsb4HastWBybtwgkRiXgafrkv5Lg1EmnDuyvBoUN8TKJSgr_Q4AxpBlfMHveK3ytvCvO5SQ_eJup1_A4Wwfgi3vVrh0U0s-R9gT3Fhgea6z5pRDjH7V8PnqnYWcZ_VKjvo98BnrCGS5M3pBTGKrD9oT9iFlN5PR6xofUSfQEVjsRYy5nWtZmQxkpRfj5LkPCdGGTpqmPcXbZ1SoYwi_TrgCPGaR7TDss4mTPLBRjD6N94hVpaEo-enMyV-jy2hQIO1En-hcmqrG9pN5Ld2fWUD7gerLCobFD3bz5X_DQLhUIVI4uTc-dAVGFIvGQnB1bW8wVtpQ-GNTk8Ha_wlnVyFrzz2DOlwEZUaRTQlMcNPZNMl1hUSOTvSvNpCH5dAocRszAj0WGnU2bnJT45mhK-XTN7T7YGhB5-6K_9y38ZakmUt6Z773zOaSB9TrVUiXbLD9f08F7Iome97sH1RnrEHj4DBVaggNpXOxVR3-BSVNCwmIY6cKvPK8SLElkjwfqgEDo08fX35MRpnATtmDOfEY3ZZvkRFM7i9LU42ql25fD7FxUlRac7mHUOAvSub7GqOyB8BBQmSxfQCUxlsYeO4_YhOiMEaCqkaHiBeYsjsqiwuFHeGsIlnLIREMY3ZeNCA6EnCZosVFSkBMkKxaEJftLVYDH-3_78PYF-x_Sk4nPfEhnhzQxyfGFF7c6FvYbUtzEEXp6TXN5LNP0_Xg3xI3GddVkMdZkoG4Zyy_LejcM4Vh0BgT2IRsHUApeft0dgyJHBbyzOXgvtaZEim-fVKGBrMjHFCrXV3mgQLuIF83dJJHcrwwEzm7xpfHWMiJ-bWwtr3-T_lzGY9ce8mCQ45QLxxarrY9_QIS0PYtz1Ep3Tp_JnNCa-eJiz9p7zwtEBaqCLyuWWIO7r4slw8SvFf3STF5k32Ur-4G0xXQGIUu2mexyW7u6zenTccw-xaQ-v5LbaY6Z8-l1rVSstBRs8L8ZGuiq5uqeLbie2ltYXnbvahFyLwI7JyoSE6m79c4-lii5hftCNDXDqT90hn_xxYxZA-x0Nbyqb0eVYXcSi9DVCJ_tfWutP2mICzNl3GCBhoRAaceHPZffupuyMxL78fFS6vvfZFEtCjkrJJa8tUAF7nK4M4r5iV44Othg9EfUURQd3gAPpSA3hjYFw3j6F2XO7f4LwPo_2mnOWu750Czajyr77jDu1WHCynM9KSH8mk6CjA5Qk3tnTXFFNwzMYZZsd0oF4MJp19AqAMqlBIGT49kHpiHyc1qZ6cF70-yC5J5-PrK998FNpeLsvAmeibDfzclw8F3GdBMh2eM3JrXiM418Vm3GgybWhSTgOnsfgGrstVZbeHx9NqhWmwC9eLNtwfiiQ3Vi2CPNKBtZVV1meRO7J3aBMRAuhmR90V3AX3U0afhGh9UQfgj0_H74ztHr_E4Fy2JEkZIptqMufsBUzjIJb6EOCs2IVc5V0CAarQVsypYkKfW5v_5J5poX8b4c79NynyvVNZRSLB9FBqHtuZzbOkZ6e4wt0Kz9so1-KSEMyffFgDnTgkv0JrQmuu2WAhKNRsTdM5-42CrMYnndkVOc_YkL2TnrRlAk-yBq4ZLmfQgu-VaRD-sZJJt4DVyz_rVnYJBTPnBuWnSYzT7BzkKyXdGtK1YLbII8TiW6XNneJj-y2aMJ2jhxGity_7Y0sUYtzkDIrvYrVH8eD4CSoDi-7W1xI8ZQD57yIz-cxuE3-H9GGPaUf__lJDE5Nm8pSyULnAmQkGUck91isgfmidVUGPWJID2wS01GWe51vQ2sFIY155ddQdRtYau5NMcbm94vhxZEqUSnENltKb67SYV_aUjk4AJFZXrxHvJB3TJ129ZnPVLeOIHs1FTH5yoVsBy8JqRAwuG6CL22XeYwIsM88QkEfWpKniMxm9rL71s7pP-ixSNCspXxBc-nLiqKioQFnqCqLgVPelUHMUPcIhdrXuxnHadPYJgeqcOTtqZ-obL6F8VdVVFzGwiDQyM-4-NwFBOndy2AxU8TgYmhB1FJMG0GsVJxZxAJOuHAgEXwep9TxKVa5km54wjaDajfYBGkZ4VrbQhgCv9raKymb-8-ol8fEqcs-XAL6XyWsA1ETtg7kx38t7WJkh6Yaib2YojizYo7Po_RL9U5VWaWeawam8DGxvRiiYxGtctSpjxxjumLzb4JkW1UFouN9-TCB9SuOKtm2gK5OwRLV6q1Y9XzdvLM84hQKpflXZlQsHJxcUCqDhluvaAw2fUY4lWblGvb0GcOwcNwhnBZKGctU30FEZ_cFOKbqQcAAiA9Iy1-1I5d0zyZg8pt66m_nQfJroC8_dycU1VGdHxjLiOCJ5HP4Juul-fpufDlSLpvXv8Qc4yzlowc5zsgils7bBQRYP86LGjz3D30ryGPfzdLy643EREKBIXE1xPMV5ey5up_iivSWigucthklhGyyCBA49aoDrdBGcdDUW-TEJxb-IeeVvT83f01Sy86hQWKmCWtKGl5n1sglLwEKXWLdxpERjahVfTtNtOE-u8yaf_l183qQisLOql48l_mXq1K-aQwQmdG-HDsV5rgSorf5fy7b1keJkfWDJMlZY6LnsjqZzn8D4Il159IQdBBD13cz1TRNuXNR_UHE9OUQuNSrDEQRwTnjbLAhESHiK9Nfq0QW8GYUvvnRiGSyW4gur_pXjIJfnuCJDjElOu9d-A1rmy6JmdBkE4OCRGivfkn6DQDOpwhpns9fZb7OCEvD_AM7N46gIoib-34xrL&cid=CAQSTADUE5ymx9J_RthbzGpk3cgrAnaU1lIuQzA2p3ZGc65D9JofQI2VZGT6zlOC32v_Ix17eVWlw8PEOJ9ZyeapSJmAi9xy6oCQgtmeovgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.wtnzfox43.com%2F&ds=l&xdt=1&iif=1&cor=11428273821934920000&adk=250412560&idt=110&cac=0&dtd=6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 23:11:08 GMT content-encoding br x-content-type-options nosniff age 9814 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2986 x-xss-protection 0 server cafe etag 3296546412363819624 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Mar 2023 23:11:08 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/ Frame 8DF4	28 KB 11 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvzhEJuIKHPQARFqcZF386elCUsbQKznhF1ibj9C59cRQRuzclMLSZPwXYST2JlRW2vQ1mqNTxv9MIZzMPe8E4ttLpzA&cry=1&dbm_d=AKAmf-BSVVWCsnmPLRSV21bYoOp_yIeBa0px76hTMIJss-o0uxJDeACjPpJXXEJfsQtUxsAXAFvh-4PJr80c7-fcoxCu6yzdBj0GgTgcut3IN_NmORskC9Rbd2R5x5CdKboxvbL9pLhBFHnqkALeDrpQEymZAvm9jcw9j8t8iEC9M92XXR1rJSLTgP2nOPLpahUbCQi9d6VN-nHAgbFp0hqfWHvJk2DRfVzJ1itVMMaaYHXDan9Oatjtq3z4LtnfwLOkXbMkSqmwe7PI3EhR6xWaO2njXOIr7qGsR3iVAuL49NyTWfsZbdtcdoufCyXGPiT6rTNwG7oGuW6olotOlI7-FxElsmSfDQK_ZOi-Ex2TZ8y54vh4RFslPk7jqRuhULvPQDe3ckxM3cAoycBBFqbstQ-LcXhJq0QVZIeVl9N4Ho-WtoUQzsnQ3lj5aEMHJFVb_x1O_io1tG9-QQ724FRohz1fA5LDcusgEfwk45F5WBZcOp29aBpu6MF1tTs4GK3w2HToDzKTXaMmaTFG7bSPO4BZ307yE0nQHyhuq_WBdQ-qw4rvIDvEOi96FV5S0NUAS4RkYSs_0lXcapSKRuzjpsdFEdFHF2RIFGItkm36pffjoKZzq_ZuzQ5zxWsb4HastWBybtwgkRiXgafrkv5Lg1EmnDuyvBoUN8TKJSgr_Q4AxpBlfMHveK3ytvCvO5SQ_eJup1_A4Wwfgi3vVrh0U0s-R9gT3Fhgea6z5pRDjH7V8PnqnYWcZ_VKjvo98BnrCGS5M3pBTGKrD9oT9iFlN5PR6xofUSfQEVjsRYy5nWtZmQxkpRfj5LkPCdGGTpqmPcXbZ1SoYwi_TrgCPGaR7TDss4mTPLBRjD6N94hVpaEo-enMyV-jy2hQIO1En-hcmqrG9pN5Ld2fWUD7gerLCobFD3bz5X_DQLhUIVI4uTc-dAVGFIvGQnB1bW8wVtpQ-GNTk8Ha_wlnVyFrzz2DOlwEZUaRTQlMcNPZNMl1hUSOTvSvNpCH5dAocRszAj0WGnU2bnJT45mhK-XTN7T7YGhB5-6K_9y38ZakmUt6Z773zOaSB9TrVUiXbLD9f08F7Iome97sH1RnrEHj4DBVaggNpXOxVR3-BSVNCwmIY6cKvPK8SLElkjwfqgEDo08fX35MRpnATtmDOfEY3ZZvkRFM7i9LU42ql25fD7FxUlRac7mHUOAvSub7GqOyB8BBQmSxfQCUxlsYeO4_YhOiMEaCqkaHiBeYsjsqiwuFHeGsIlnLIREMY3ZeNCA6EnCZosVFSkBMkKxaEJftLVYDH-3_78PYF-x_Sk4nPfEhnhzQxyfGFF7c6FvYbUtzEEXp6TXN5LNP0_Xg3xI3GddVkMdZkoG4Zyy_LejcM4Vh0BgT2IRsHUApeft0dgyJHBbyzOXgvtaZEim-fVKGBrMjHFCrXV3mgQLuIF83dJJHcrwwEzm7xpfHWMiJ-bWwtr3-T_lzGY9ce8mCQ45QLxxarrY9_QIS0PYtz1Ep3Tp_JnNCa-eJiz9p7zwtEBaqCLyuWWIO7r4slw8SvFf3STF5k32Ur-4G0xXQGIUu2mexyW7u6zenTccw-xaQ-v5LbaY6Z8-l1rVSstBRs8L8ZGuiq5uqeLbie2ltYXnbvahFyLwI7JyoSE6m79c4-lii5hftCNDXDqT90hn_xxYxZA-x0Nbyqb0eVYXcSi9DVCJ_tfWutP2mICzNl3GCBhoRAaceHPZffupuyMxL78fFS6vvfZFEtCjkrJJa8tUAF7nK4M4r5iV44Othg9EfUURQd3gAPpSA3hjYFw3j6F2XO7f4LwPo_2mnOWu750Czajyr77jDu1WHCynM9KSH8mk6CjA5Qk3tnTXFFNwzMYZZsd0oF4MJp19AqAMqlBIGT49kHpiHyc1qZ6cF70-yC5J5-PrK998FNpeLsvAmeibDfzclw8F3GdBMh2eM3JrXiM418Vm3GgybWhSTgOnsfgGrstVZbeHx9NqhWmwC9eLNtwfiiQ3Vi2CPNKBtZVV1meRO7J3aBMRAuhmR90V3AX3U0afhGh9UQfgj0_H74ztHr_E4Fy2JEkZIptqMufsBUzjIJb6EOCs2IVc5V0CAarQVsypYkKfW5v_5J5poX8b4c79NynyvVNZRSLB9FBqHtuZzbOkZ6e4wt0Kz9so1-KSEMyffFgDnTgkv0JrQmuu2WAhKNRsTdM5-42CrMYnndkVOc_YkL2TnrRlAk-yBq4ZLmfQgu-VaRD-sZJJt4DVyz_rVnYJBTPnBuWnSYzT7BzkKyXdGtK1YLbII8TiW6XNneJj-y2aMJ2jhxGity_7Y0sUYtzkDIrvYrVH8eD4CSoDi-7W1xI8ZQD57yIz-cxuE3-H9GGPaUf__lJDE5Nm8pSyULnAmQkGUck91isgfmidVUGPWJID2wS01GWe51vQ2sFIY155ddQdRtYau5NMcbm94vhxZEqUSnENltKb67SYV_aUjk4AJFZXrxHvJB3TJ129ZnPVLeOIHs1FTH5yoVsBy8JqRAwuG6CL22XeYwIsM88QkEfWpKniMxm9rL71s7pP-ixSNCspXxBc-nLiqKioQFnqCqLgVPelUHMUPcIhdrXuxnHadPYJgeqcOTtqZ-obL6F8VdVVFzGwiDQyM-4-NwFBOndy2AxU8TgYmhB1FJMG0GsVJxZxAJOuHAgEXwep9TxKVa5km54wjaDajfYBGkZ4VrbQhgCv9raKymb-8-ol8fEqcs-XAL6XyWsA1ETtg7kx38t7WJkh6Yaib2YojizYo7Po_RL9U5VWaWeawam8DGxvRiiYxGtctSpjxxjumLzb4JkW1UFouN9-TCB9SuOKtm2gK5OwRLV6q1Y9XzdvLM84hQKpflXZlQsHJxcUCqDhluvaAw2fUY4lWblGvb0GcOwcNwhnBZKGctU30FEZ_cFOKbqQcAAiA9Iy1-1I5d0zyZg8pt66m_nQfJroC8_dycU1VGdHxjLiOCJ5HP4Juul-fpufDlSLpvXv8Qc4yzlowc5zsgils7bBQRYP86LGjz3D30ryGPfzdLy643EREKBIXE1xPMV5ey5up_iivSWigucthklhGyyCBA49aoDrdBGcdDUW-TEJxb-IeeVvT83f01Sy86hQWKmCWtKGl5n1sglLwEKXWLdxpERjahVfTtNtOE-u8yaf_l183qQisLOql48l_mXq1K-aQwQmdG-HDsV5rgSorf5fy7b1keJkfWDJMlZY6LnsjqZzn8D4Il159IQdBBD13cz1TRNuXNR_UHE9OUQuNSrDEQRwTnjbLAhESHiK9Nfq0QW8GYUvvnRiGSyW4gur_pXjIJfnuCJDjElOu9d-A1rmy6JmdBkE4OCRGivfkn6DQDOpwhpns9fZb7OCEvD_AM7N46gIoib-34xrL&cid=CAQSTADUE5ymx9J_RthbzGpk3cgrAnaU1lIuQzA2p3ZGc65D9JofQI2VZGT6zlOC32v_Ix17eVWlw8PEOJ9ZyeapSJmAi9xy6oCQgtmeovgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.wtnzfox43.com%2F&ds=l&xdt=1&iif=1&cor=11428273821934920000&adk=250412560&idt=110&cac=0&dtd=6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 139c36234c15d74808b6156ef8e3d533a4a2dfd4ea6447428091ad4b6916b8da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 23:13:46 GMT content-encoding br x-content-type-options nosniff age 9656 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10784 x-xss-protection 0 server cafe etag 15652644324719269315 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Mar 2023 23:13:46 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 8DF4	41 KB 15 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 17:13:20 GMT content-encoding gzip x-content-type-options nosniff age 290482 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 18 Feb 2024 17:13:20 GMT
GET DATA	200 OK	truncated / Frame 8DF4	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a3a0ec55327f91e2b6df62c8656609a760d47c11682b5a34b0ea234b77de0fa3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET H3	200	container.html Show response 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2170	6 KB 3 KB	22ms 22ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.wtnzfox43.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 01:54:41 GMT expires Thu, 22 Feb 2024 01:54:41 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H/1.1	200 OK	imp.php Show response trends.revcontent.com/	0 344 B	781ms 208ms	XHR text/html	54.201.4.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trends.revcontent.com/imp.php Requested by Host: cdn.revcontent.com URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.201.4.129 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-201-4-129.us-west-2.compute.amazonaws.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=931536000; includeSubDomains Request headers Accept */* Referer https://www.wtnzfox43.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers X-RC-Region us-west-2c Date Wed, 22 Feb 2023 01:54:43 GMT Strict-Transport-Security max-age=931536000; includeSubDomains Server openresty Content-Type text/html; charset=UTF-8 access-control-allow-origin https://www.wtnzfox43.com access-control-allow-credentials true Connection keep-alive Content-Length 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame D62F	22 KB 8 KB	24ms 23ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 290481 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 18 Feb 2023 17:13:21 GMT expires Sun, 18 Feb 2024 17:13:21 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 7BC8	640 B 265 B	44ms 42ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLCql9sBMAE&v=APEucNW3L_wp_79vPo_Vb5TrSZRANyB4zU-zZPeXhHsnQLYhlrQExCVAu9p1LQmvjgwlX-B5h721Wey-1sWyAyKj7Q2LY5Q2Rm5DsoR6xr1ZM4xBEtMSaidkKoI1FBI9si4gw0RGfzBi7VYKiXUmFlN-teQkGr-KQGCWZTKi6b5oXirbzMq7Z0I Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 01:54:42 GMT expires Wed, 22 Feb 2023 01:54:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 2170	78 KB 27 KB	50ms 48ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27790 x-xss-protection 0 server cafe etag 3677590245327912432 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Wed, 22 Feb 2023 01:54:42 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2170	42 B 63 B	58ms 56ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AHk590gKoFt8pbepUja_vKcOxiXitPZ7YPID5o3DZFtFwgr--bkq9YwHtgPidx9pcw00_osl7y5d1rmjMioGWOnuEmc5VlqkagZYlJFltBuAA6Bmo Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2170	0 20 B	58ms 57ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7334458504080570052&x=1&ct=77 Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/ Frame 2170	2 KB 3 KB	45ms 44ms	Script application/javascript	2a02:26f0:6c00::210:ba29 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=198000&plc=6985912&sid=18330&dvregion=0&unit=300x250 Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Wed, 22 Feb 2023 01:54:42 GMT X-GUploader-UploadID ADPycdtNtAjlYdrta-l3UqO7FDE-_iwXAjfeaJIoKxhbJdY-eR9FHPhh5_adX6s8buye_b84yVlklAZf9vx9b3Inf8t_6lQSbDxc x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity Connection keep-alive Content-Length 1922 Last-Modified Tue, 10 Jan 2023 11:02:09 GMT Server UploadServer x-goog-meta-previous-generation-number 1673253614982549 ETag "87b6182d03ee779aa68e37632f67656e" x-goog-generation 1673348529482061 Content-Type application/javascript x-goog-hash crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg== Cache-Control max-age=86400 x-goog-stored-content-length 1922 Accept-Ranges bytes x-goog-meta-pipeline-id 742670731 Expires Wed, 18 Jan 2023 13:56:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 2170	3 KB 1 KB	26ms 24ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 23:21:56 GMT content-encoding br x-content-type-options nosniff age 9166 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Mar 2023 23:21:56 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 2170	20 KB 8 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 23:21:55 GMT content-encoding br x-content-type-options nosniff age 9167 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8274 x-xss-protection 0 server cafe etag 9471482037410804447 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Mar 2023 23:21:55 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2170	157 KB 48 KB	45ms 44ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49018 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1676996822105882" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 22 Feb 2023 01:54:42 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/9207762793243928649/ Frame BE18	4 KB 1 KB	72ms 21ms	Document text/html	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9207762793243928649/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 655e5b473b56dfeae0671352351b2567724004e928001ed7144992a045ea8a8c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 491580 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 1283 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Thu, 16 Feb 2023 09:21:42 GMT expires Fri, 16 Feb 2024 09:21:42 GMT last-modified Tue, 14 Feb 2023 14:28:33 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 8DF4	0 0	150ms 70ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5UFhDOjRLM7xHuD0U17sPPDn4h8j3xZpXQXOCY1DnIeJnEnFc0AmR-grFvbSkZvQf_ap0XZMPj2vHJbcmDxdOHYVOpvTk2bTjKveCRA4OSeACjBHLaXDSmH7-wlxgFfk0szOlJmPM4pAA6irmn-QxqtlA8nwEdUFf50BxpeNLFe4H3PUQbZiualkOE60Q89BmdZn6rd55RbDhSIqrsy0FpHMMTyUJFyWsLfjGOoNDloqbVa7MSAc0UXU-16b6fgvkz_3iYgtfe6ykA894DFoyNlUK8OFRu3oI9eUig7Fji80Kotslo3064iVksyJDxfYZhClWDWxITFHPZbQEb9HsthyefC0Uwoa4_98DEHcV2zQrmB2c_gU3TdaBWoGTuJDfLN-a2_L4kzEvbNIPXrWj6wlVSnA2Zm7q3NgXdKfMZs6iCIMZlWsqhuh-SjMr2snaVrkQzCZklb9NQupwnQqEhBpdKsneNB4xXl0VGFKNywMY0MxkqLeBm4klyHivyGTZLO7nWu0rYfDThf7vZgS6twBlzF0k3iMkKG_-fTtXcOk5ba-Qc6sNPWEZkZPAkyb6rACmQBM0bQWpR1crAHQLQrcZwxa2hQdwpv74wKvXNCSl3qp4-eTAYGGga5DsVbQag2Diaq7JVg2H9SWiLq-EvJSZw-PRKxntjFOQKh4ihgDCWVFUTSJP07_034AjuuRdRmN2vI0HqD6wVI84o2u_J-ZiXjN9FVoabP7BEy6OIvmJG4PU-Djka1iS0wNnLVKAzsSx-RXgIxovWJrFQmnaj14BFZKxBOiOEEhhT4Mi0VQXUlNdUSI7K_F3FJfswX7aDmDvg5-hv2_A4XR8UUGw52qi4bZByYlBoWD5Cra4AOvuC8JpkFOjCl3xIyyU3JkdAh66GP1uYKAHXMJcG-Cg3OWcI1aJALCAJESfwLcrhnOlwRfl0c1YAEyTWAwRwDXL5K0W2f-6q6CLqc36l1mNrL726DBYL_xGE_bIGM5IuFoLUwvgJwcqBXyVUnJZukieTJM0MXAGNv7uUUXX7hSLUs4BlFaimlT08eYl73f_pa8N0DCkqiafmqEHsWa1_0xpLxMiz2-pS9Yo9xX-QQUjZt4GRoDMUFgMszU7TUSBvBH4gslvoCtu7xSEOwszTrM0T1NoeLAJU8R0YWU09Him7voEexXwqbXZMs6WbtidQzqlzjswu6PFHkWevcE9DRy3GU0cOcCzLlo5rwNqovUOOLETm8Le8emTqEfn6DAXatRvse5UdcVfc6Rc_ICtI93bu2LZBGWti7PMa9eU7dvzjwtxRvdDLoo&sai=AMfl-YQMdWQIWisEougwvTXhsaNb74S4-nWE0lpbIgWzNnHWQgx9SJ-ctq60gBsRKktaRCKBGQjV3YkX5fs5OAziQXm9eY6EGBQYU9bg4yUj9pPUW_F8W1B6RiqfG8gTPWWju0haCtvka_FW2opwsg48TGiBGCeQYuTWZVtRgD-ieNx_MjwqsCiWZLVujhBWSG5OnN0M8dsI4M8Mjk7qY_FQilUMsqPKbQ_rcLvA9cuIUCBb_2gJV2KV_p04_u6Pbq4GXftjlU0P7sbbsnzkHhrgf6IIpWDT1tLdjonu&sig=Cg0ArKJSzBr2nvpzxvwLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=143&cisv=r20230216.25295&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 22 Feb 2023 01:54:42 GMT
GET H/1.1	200 OK	ai.aspx m.exactag.com/ Frame 8DF4	43 B 1 KB	125ms 30ms	Image image/gif	85.14.248.71 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://m.exactag.com/ai.aspx?extProvId=8&extPu=72950-dcm&extLi=29413838&extCr=186754252&extPm=359829049 Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Wed, 22 Feb 2023 01:54:41 GMT X-Content-Type-Options nosniff P3P policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" cross-origin-resource-policy cross-origin Connection close X-ET-Monitoring 1 Content-Length 43 X-Xss-Protection 0 Pragma no-cache Last-Modified Mi, 22 Feb 2023 01:54:42 GMT X-ET-Code 0 Accept-CH sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64 Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com Cache-Control private Access-Control-Allow-Credentials true X-ET-Camp 1605 Access-Control-Allow-Headers * Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response pagead2.googlesyndication.com/bg/ Frame D62F	36 KB 14 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 20:13:52 GMT content-encoding br x-content-type-options nosniff age 20450 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14287 x-xss-protection 0 last-modified Mon, 13 Feb 2023 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 21 Feb 2024 20:13:52 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 7BC8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB4FEq6XnLxQmmCFOHfQCOc&google_cver=1	43 B 114 B	55ms 34ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB4FEq6XnLxQmmCFOHfQCOc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLCql9sBMAE&v=APEucNW3L_wp_79vPo_Vb5TrSZRANyB4zU-zZPeXhHsnQLYhlrQExCVAu9p1LQmvjgwlX-B5h721Wey-1sWyAyKj7Q2LY5Q2Rm5DsoR6xr1ZM4xBEtMSaidkKoI1FBI9si4gw0RGfzBi7VYKiXUmFlN-teQkGr-KQGCWZTKi6b5oXirbzMq7Z0I Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB4FEq6XnLxQmmCFOHfQCOc&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cm us-u.openx.net/w/1.0/ Frame 7BC8	43 B 304 B	88ms 32ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLCql9sBMAE&v=APEucNW3L_wp_79vPo_Vb5TrSZRANyB4zU-zZPeXhHsnQLYhlrQExCVAu9p1LQmvjgwlX-B5h721Wey-1sWyAyKj7Q2LY5Q2Rm5DsoR6xr1ZM4xBEtMSaidkKoI1FBI9si4gw0RGfzBi7VYKiXUmFlN-teQkGr-KQGCWZTKi6b5oXirbzMq7Z0I Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT content-encoding gzip via 1.1 google server OXGW/0.0.0 vary Accept, Accept-Encoding content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	um sync.teads.tv/ Frame 7BC8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm https://sync.teads.tv/um?eid=3&uid=CAESELp3p9mdR6G3JihwUP6iO2s&google_cver=1	23 B 172 B	112ms 60ms	Image image/gif	104.111.217.42 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=CAESELp3p9mdR6G3JihwUP6iO2s&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLCql9sBMAE&v=APEucNW3L_wp_79vPo_Vb5TrSZRANyB4zU-zZPeXhHsnQLYhlrQExCVAu9p1LQmvjgwlX-B5h721Wey-1sWyAyKj7Q2LY5Q2Rm5DsoR6xr1ZM4xBEtMSaidkKoI1FBI9si4gw0RGfzBi7VYKiXUmFlN-teQkGr-KQGCWZTKi6b5oXirbzMq7Z0I Protocol H2 Server 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-217-42.deploy.static.akamaitechnologies.com Software akka-http/10.2.9 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers expires Wed, 22 Feb 2023 01:54:42 GMT pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.9 content-length 23 content-type image/gif Redirect headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um?eid=3&uid=CAESELp3p9mdR6G3JihwUP6iO2s&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 281 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	um sync.teads.tv/ Frame 7BC8	23 B 172 B	150ms 59ms	Image image/gif	104.111.217.42 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLCql9sBMAE&v=APEucNW3L_wp_79vPo_Vb5TrSZRANyB4zU-zZPeXhHsnQLYhlrQExCVAu9p1LQmvjgwlX-B5h721Wey-1sWyAyKj7Q2LY5Q2Rm5DsoR6xr1ZM4xBEtMSaidkKoI1FBI9si4gw0RGfzBi7VYKiXUmFlN-teQkGr-KQGCWZTKi6b5oXirbzMq7Z0I Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-217-42.deploy.static.akamaitechnologies.com Software akka-http/10.2.9 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers expires Wed, 22 Feb 2023 01:54:42 GMT pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.9 content-length 23 content-type image/gif
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2170	0 20 B	56ms 56ms	Ping image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1856355513921&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2170	0 20 B	55ms 55ms	Ping image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1856355513921&version=m202301230201&ct=77&x=1&cor=7334458504080570000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 2170	15 KB 11 KB	53ms 52ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Agu3LIqFH9y7uGH5lNwdPqTzO2T_xRQCWygmJJR5Vt9GF0CholrJPJTViil4Otij5Xx7Bke3MmneObpQoHwPvcZ7JYN3xd-o7g-Db-FhkRpRac2Jp9fw_dfoUJzGkQOt917AsO39Y4GdjS8ksEcJ2_toadjD10WxLbxR4SJLq-gJMHZnY&cry=1&dbm_d=AKAmf-D7TSVSeGzmJ_D7W8llxZqYYdHjvLXwlRykbNn-ZmDmwl9DWS6AswltwBduOcYot0c8wTInvym3KoljFNw3sW3-87MlCoTARw5o-R6g7dqXZB-O6MsH1nYV1EMXkzUKeI8lyywQhSTOEycKNrsqLtRKsID_39gEuJ0uPW4XG0mMNxPVqqk78duwDq8gFO5cQEypwZzc_fJ4Zq-2fyNLq12PD9cXrH70L1B7S2KKciAqytPJcRb2Rjf3F5Vn8pbFf39rS_dRFZFYZjCG04GtvGUYRX7G9otQSVbgrIPhNSkFhhTJ5_7wg8pJQhmcb1oKPPD0whWvTa_eeIBr1FmvAr99mxdBzEzHlQtRhBoSenYor5XsyKa9oNZOpktZ95ADoAbGkt4gJDXOeF_o6r-sJu-KKjii1Jozmzx_YnqniZlkBHsLyeaVeyMbFO8u-XMpFDq7TCSebDPLURmt8SUxTT7vO1dSFeRd-vgJiQMW4u6f1-hhjL4LYXuMFy8i88A-vOh2EuxAAov_u6b7pDSyDl8tryJGf3ikwaTODtaHvi8fjDP8eEhiYT_DRu_ePI5KySoQMlv4zfauF1xzjwY8VdBGqL78GEHn0w6TqyPtNgXmdX2OYNWu4nSDsUO3DXO3thC6xldwltxtt4GHY5gvI_5MhhPsjIzT3TGgNbXV-8SKZi6n8hWA9JEO5_5G-OOIBthSDO-kWXUQw-sGrzT_yT0RrU-oc3KuBYafFcsed0bUbAiJ2SXe6cFAOpWSkXIOjYIxy69ZBrz1WPCmDslCmor6-1XouHfU-aOs18RAreoIIevhPQQAKGPByFgzfue3MaSj3s9Onc63xPjLPTAJdKhj9cnARcTWvSIasOQPtV1oupIwXPfYYBKXK1XEff-o06jdVvUvRyXxjL-Hm2WRZyMc_U9bwTSfe2npM7ec4gjKe0Vts2UQOYDbNgOPWguceDaF2S3dnyuQZad_2SEbxVd8l1fG6et5BcAaayw6fVauR904iyfaMb36h2wKnU8HipQCW-8EPtl1bMET3ULD8eKavhzvEs5D2SkWA_Svzxnv9fgnHdBbEGBT2eNkOzbpNOl6jLkrdyKB7VFfvdSax-3LrZrZeE8WJYCcEuHiDQnhnylYMZgWpOsVwOR_xxo9AeDu7DyIyjV3ktoJoFvnsMmpRJtahJMhubMVI04dEiYzEPW5MCVAU207FM5E7_DfNzd6bckPv0RTbSXx7XXNt6tgJ0AeMYVdAXHgnqoYD-PDWnz9uh76-DzwSDArZeOOxkWoo_u8lUP5UD_KN8b9C4wppWCY1vh5fkcpI6vtOlh2muk_ek7n7vhZsgcqBmoevjuUoG2P1dA2wZw5lDAHCRU14Jh9OKza0OxUnZIGk-xOela3uw-6ZS77P9vV340_vW-u42Me-MKbduBkawkMppfuAiGCE0PIWX4A5KAT8-yond2A1n-urxJMvzoO7ZIWjO5vHi1vsXZaHa0ynx4nR3-c19QdOzuxL4sB93ygfKtsS3VCXwQ4Z676zLXW7z2fdGxMQNSB-6XzOH_T7A4EsCyHb3HI9n0nqSMuxSXG85rtYOSHfex7FIZ7ecesPbyEP-Y9REvNMelfVJN06IKTJdwg1xuIYRsGaWGeqMJTShiRYAXOyfA4FOMZmVWaW5hprAKmV9wdLV2HksvQB8T_GUgLHUD2AArvvJHiqvsD2rSPxGD2GUPkDGYQrPhaxx7HNPLQEyvfMxqKU9EG2zstW8vzo8I7hWyxON_EtMZZZU7xbLQzWYL00VtIulj_tNaw1Kvaz78MLIdayoG364w6RO0Zpuk35wRXtwGKrN5m5iUYXY_sB-ngsfiRhAp6OGIoWy1ifA4deEGrwYr4dQS0Vfc9l40s8TbIY5EgQCnI3pcKXoYhTf5QRSH2qUXwHdpEFEysCaxIR-1LE8pP23FpMRfio3Uh6JqwGOwPt1mbkjbCs437g3JEykrIOnfE6OmVGjeUX46gMRJ9eRvjDdsxJhzK1FfOD2aoOZqqvgZA9WX2phLhZrudjv0FKSjrt2QNhhuvnsBRx6tbdEnGBZsd0lItWN1QI1fWkLHIcLMLPtWXg3M4vEBhLL0dURWvz4oP5SZCVKbN6wO-h9NkqHEqo43fGyGGEe3gwuJEQVo_bzYsglZgrFGBll0G4GE5Xrfq4gK8ZVYCj2WiohNo8npDs6YleZDM95-6lCIm8hBXDytJl1lImvMyiiBkB0dIZiTV40qJUZgfrbd9voyKNffZTTZ4aXpLX6yXfo0maJl33t5-cBnY91vY-HfymlLBpVlDV1GT1gAS3ELwvSJL74CRICjh6HhyDkgS5mYzcCosUaiN5ZvPL91DvS2F2WAcY_4Rt1XJuNXKFXazc4x8RSvNm8CufPzRgEIWKAsSJ1qazEOctPCLkTY8lyo-AnPwCa8Gs-Nn24rrv7wQXjpxgZePKbhZNNBIdIfv07ZKU-AbxRNnt5Wyl3h_nxmmw2-eyOC7FdZID8140FPj-5ijoDb3_-9db-DJyb5dORKnTStXdELK0ENBc_VKg5f1IT_PpTHLnPUHdUr39izzL5_9D-N7coCYZmxcdJsodIl5wVOCiINGdiVHczg633O_Nb96IhmFC895D-9DrS9E0RJuyI-BfysLkvXLHAx0RJZ5h6_KBi4_fZogKq30-4Yv0qx5aCrp0b0TP7_EfHAd9-IxCxIPHNQC7dI90KLeKJkn_cIVzPpd8NpIlXJSXekcwIWp7eycVWxb14dvQ1YjVKDgqsZFHhgju16QYrO1h9RF6mIbFOcXLWKNqin9eNG-UyfnTQUYJKCY5oakyNn-cwy4qH_LQb26CIJbhW9flatQsBTpsGIiAb82B10Vi3QtqRDDZiLoAOsltSpwPsKwBjjX15nmxTjrPF4RpdzgyF1jv6NPXgsM5GQ2b2CTM3RAmhL1ZKZ6TeoOMpgAdTT17UtrxeLtCd6cJYqK-prEEwfH6hbhW_nSSoNSuBytvQ5KCwi2IGtk2oe03XWTp1YtVm7icxS1UGGroOnSk4-VNjQfUVrCzbuAwAjXa_I1U3ycPDolgMXf7Tk4e-ZhvkCIK60cvCUJ5geLb-JqSNpAWO0l7bsFX1p55RazR65HXAZRx8jBELY1viqOpJfmBzLToZ_DQhtcrcH4nZx_23CouLcQ2e4zaWDFu4GLfokoPS_JFHKUZZTz23fArocs7cd0FqDSZif5Z-9d-3eq3Palqr9AHxfCVU8_ex77fi1sEXrPMqSG-bdCLji1s03VVWh_Rx6ZwpyuQjVkfwN-s2xUXNdr3mmfVDD0ajn3Itxatb6aCaKQ4lCYlPTsHq-azDLiIeJ6MnJG8aUJu1bf_eoM_7SzNk-DgBmh0uneqg4GgrCQ8wrbaCFMMzODS4CYdFgcBavDmP5vi2vi_ZH4B04VoqsXeJA5SxeIfiMMRD3gbYTskfGQd_wNJpvPfKvHV3EYLwLFWkK_bYUEuVS_gqlEzQCv_XWstcE2x2JmYllaR0XQRwvMWD-bxrjSmmDAP6dgvolqd_UZguPHjA7l-OnyrZbZV8TGF9KbXN7-CcI&cid=CAQSSwDUE5ymbDRv09ZAnfc78MnrpIikAB6LLwmCKxC9gdfj57E44eQO7_a7iOedtJf0Qea_l9VqosDYOP40zlpJtbEIQ3HAxs8yIozbBhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.wtnzfox43.com%2F&ds=l&xdt=1&iif=1&cor=7334458504080570000&adk=1964084972&idt=59&cac=0&dtd=4 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b0d7bd86db871f5921dfedddd35ddb51f35c1ea6f065ee7403b4b380a1e9f716 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11300 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	style.css s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/ Frame BE18	1 KB 440 B	21ms 20ms	Stylesheet text/css	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9207762793243928649/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f955476d563626d86409c767e00a293f35f44a13f01bbef3714e98ecca3297f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9207762793243928649/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 15:20:15 GMT content-encoding gzip x-content-type-options nosniff age 556467 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 411 x-xss-protection 0 last-modified Tue, 14 Feb 2023 14:28:33 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 15 Feb 2024 15:20:15 GMT
GET H2	200	TweenMax.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame BE18	113 KB 33 KB	25ms 24ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9207762793243928649/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1595382 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 33534 last-modified Mon, 04 May 2020 16:10:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e71-1c274" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEKxxEurqO%2BRobfwe4UU2L12Suv3g5FzFuxvwCHxVw8xH6AfBlZTbTyY639egOjnAMp59c%2Bhl4Ee4Gwx37IzTFkHjZLwd1nvzLznoBDr0VJwMX1wes5q0MrHslCSnrr2knDmrTwjpyWmPIuuEieuNqcf"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 79d418680f799186-FRA expires Mon, 12 Feb 2024 01:54:42 GMT
GET H3	200	main.js Show response s0.2mdn.net/sadbundle/9207762793243928649/javascripts/ Frame BE18	1 KB 617 B	23ms 22ms	Script application/x-javascript	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9207762793243928649/javascripts/main.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9207762793243928649/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2d70609598b7cf3a867cd2ead73fbc9ceb066917710ea84063c8b6cba1be77d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9207762793243928649/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 05:12:26 GMT content-encoding gzip x-content-type-options nosniff age 506536 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 588 x-xss-protection 0 last-modified Tue, 14 Feb 2023 14:28:33 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 16 Feb 2024 05:12:26 GMT
GET H3	200	stream.png s0.2mdn.net/sadbundle/9207762793243928649/images/ Frame BE18	77 KB 77 KB	22ms 21ms	Image image/png	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9207762793243928649/images/stream.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1f2f2d1337fbdd766512a892838bec4bc8ae5e554e4da39edc4ba010e1781d73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 09:39:58 GMT x-content-type-options nosniff age 576884 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78506 x-xss-protection 0 last-modified Tue, 14 Feb 2023 14:28:33 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 15 Feb 2024 09:39:58 GMT
GET H3	200	bumper.png s0.2mdn.net/sadbundle/9207762793243928649/images/ Frame BE18	8 KB 8 KB	38ms 37ms	Image image/png	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9207762793243928649/images/bumper.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1e9080973b7b67731277a287ec29881011276f137fdfa31d3373d6453ba06e19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 12:27:01 GMT x-content-type-options nosniff age 566861 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8501 x-xss-protection 0 last-modified Tue, 14 Feb 2023 14:28:33 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 15 Feb 2024 12:27:01 GMT
GET H3	200	cta.png s0.2mdn.net/sadbundle/9207762793243928649/images/ Frame BE18	4 KB 4 KB	42ms 41ms	Image image/png	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9207762793243928649/images/cta.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53949acc8dca79d4f2aa38c39b49ad67b1861c82e922dedae62fa2b7b0df60bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 11:12:17 GMT x-content-type-options nosniff age 484945 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3700 x-xss-protection 0 last-modified Tue, 14 Feb 2023 14:28:33 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 16 Feb 2024 11:12:17 GMT
GET H3	200	logo.png s0.2mdn.net/sadbundle/9207762793243928649/images/ Frame BE18	7 KB 7 KB	25ms 24ms	Image image/png	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9207762793243928649/images/logo.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ebfe3e7b3928287639c14da1b67ec98f510b81432722f6e4ee3bfeaa46a6d142 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 09:39:58 GMT x-content-type-options nosniff age 576884 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6982 x-xss-protection 0 last-modified Tue, 14 Feb 2023 14:28:33 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 15 Feb 2024 09:39:58 GMT
GET H3	200	product.png s0.2mdn.net/sadbundle/9207762793243928649/images/ Frame BE18	14 KB 14 KB	26ms 25ms	Image image/png	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9207762793243928649/images/product.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bf1b5d4bde00aa6bd9196984247e8fd8c8e6c8e2d9e767108010abff91adba64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 12:28:24 GMT x-content-type-options nosniff age 566778 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14390 x-xss-protection 0 last-modified Tue, 14 Feb 2023 14:28:33 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 15 Feb 2024 12:28:24 GMT
GET H3	200	push1_a.png s0.2mdn.net/sadbundle/9207762793243928649/images/ Frame BE18	3 KB 3 KB	35ms 34ms	Image image/png	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9207762793243928649/images/push1_a.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 03e9b90c884bcd673dde14899034ff99c611097c4c9a82141bb33fd3d499c88f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 09:00:16 GMT x-content-type-options nosniff age 492866 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3338 x-xss-protection 0 last-modified Tue, 14 Feb 2023 14:28:33 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 16 Feb 2024 09:00:16 GMT
GET H3	200	push1_b.png s0.2mdn.net/sadbundle/9207762793243928649/images/ Frame BE18	3 KB 3 KB	43ms 42ms	Image image/png	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9207762793243928649/images/push1_b.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 614374ff47bcad3b38fd4cb829ca64da41a9d450e0704c07e3ceca914f107932 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9207762793243928649/stylesheets/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 09:24:38 GMT x-content-type-options nosniff age 491404 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3181 x-xss-protection 0 last-modified Tue, 14 Feb 2023 14:28:33 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 16 Feb 2024 09:24:38 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 2170	41 KB 15 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Agu3LIqFH9y7uGH5lNwdPqTzO2T_xRQCWygmJJR5Vt9GF0CholrJPJTViil4Otij5Xx7Bke3MmneObpQoHwPvcZ7JYN3xd-o7g-Db-FhkRpRac2Jp9fw_dfoUJzGkQOt917AsO39Y4GdjS8ksEcJ2_toadjD10WxLbxR4SJLq-gJMHZnY&cry=1&dbm_d=AKAmf-D7TSVSeGzmJ_D7W8llxZqYYdHjvLXwlRykbNn-ZmDmwl9DWS6AswltwBduOcYot0c8wTInvym3KoljFNw3sW3-87MlCoTARw5o-R6g7dqXZB-O6MsH1nYV1EMXkzUKeI8lyywQhSTOEycKNrsqLtRKsID_39gEuJ0uPW4XG0mMNxPVqqk78duwDq8gFO5cQEypwZzc_fJ4Zq-2fyNLq12PD9cXrH70L1B7S2KKciAqytPJcRb2Rjf3F5Vn8pbFf39rS_dRFZFYZjCG04GtvGUYRX7G9otQSVbgrIPhNSkFhhTJ5_7wg8pJQhmcb1oKPPD0whWvTa_eeIBr1FmvAr99mxdBzEzHlQtRhBoSenYor5XsyKa9oNZOpktZ95ADoAbGkt4gJDXOeF_o6r-sJu-KKjii1Jozmzx_YnqniZlkBHsLyeaVeyMbFO8u-XMpFDq7TCSebDPLURmt8SUxTT7vO1dSFeRd-vgJiQMW4u6f1-hhjL4LYXuMFy8i88A-vOh2EuxAAov_u6b7pDSyDl8tryJGf3ikwaTODtaHvi8fjDP8eEhiYT_DRu_ePI5KySoQMlv4zfauF1xzjwY8VdBGqL78GEHn0w6TqyPtNgXmdX2OYNWu4nSDsUO3DXO3thC6xldwltxtt4GHY5gvI_5MhhPsjIzT3TGgNbXV-8SKZi6n8hWA9JEO5_5G-OOIBthSDO-kWXUQw-sGrzT_yT0RrU-oc3KuBYafFcsed0bUbAiJ2SXe6cFAOpWSkXIOjYIxy69ZBrz1WPCmDslCmor6-1XouHfU-aOs18RAreoIIevhPQQAKGPByFgzfue3MaSj3s9Onc63xPjLPTAJdKhj9cnARcTWvSIasOQPtV1oupIwXPfYYBKXK1XEff-o06jdVvUvRyXxjL-Hm2WRZyMc_U9bwTSfe2npM7ec4gjKe0Vts2UQOYDbNgOPWguceDaF2S3dnyuQZad_2SEbxVd8l1fG6et5BcAaayw6fVauR904iyfaMb36h2wKnU8HipQCW-8EPtl1bMET3ULD8eKavhzvEs5D2SkWA_Svzxnv9fgnHdBbEGBT2eNkOzbpNOl6jLkrdyKB7VFfvdSax-3LrZrZeE8WJYCcEuHiDQnhnylYMZgWpOsVwOR_xxo9AeDu7DyIyjV3ktoJoFvnsMmpRJtahJMhubMVI04dEiYzEPW5MCVAU207FM5E7_DfNzd6bckPv0RTbSXx7XXNt6tgJ0AeMYVdAXHgnqoYD-PDWnz9uh76-DzwSDArZeOOxkWoo_u8lUP5UD_KN8b9C4wppWCY1vh5fkcpI6vtOlh2muk_ek7n7vhZsgcqBmoevjuUoG2P1dA2wZw5lDAHCRU14Jh9OKza0OxUnZIGk-xOela3uw-6ZS77P9vV340_vW-u42Me-MKbduBkawkMppfuAiGCE0PIWX4A5KAT8-yond2A1n-urxJMvzoO7ZIWjO5vHi1vsXZaHa0ynx4nR3-c19QdOzuxL4sB93ygfKtsS3VCXwQ4Z676zLXW7z2fdGxMQNSB-6XzOH_T7A4EsCyHb3HI9n0nqSMuxSXG85rtYOSHfex7FIZ7ecesPbyEP-Y9REvNMelfVJN06IKTJdwg1xuIYRsGaWGeqMJTShiRYAXOyfA4FOMZmVWaW5hprAKmV9wdLV2HksvQB8T_GUgLHUD2AArvvJHiqvsD2rSPxGD2GUPkDGYQrPhaxx7HNPLQEyvfMxqKU9EG2zstW8vzo8I7hWyxON_EtMZZZU7xbLQzWYL00VtIulj_tNaw1Kvaz78MLIdayoG364w6RO0Zpuk35wRXtwGKrN5m5iUYXY_sB-ngsfiRhAp6OGIoWy1ifA4deEGrwYr4dQS0Vfc9l40s8TbIY5EgQCnI3pcKXoYhTf5QRSH2qUXwHdpEFEysCaxIR-1LE8pP23FpMRfio3Uh6JqwGOwPt1mbkjbCs437g3JEykrIOnfE6OmVGjeUX46gMRJ9eRvjDdsxJhzK1FfOD2aoOZqqvgZA9WX2phLhZrudjv0FKSjrt2QNhhuvnsBRx6tbdEnGBZsd0lItWN1QI1fWkLHIcLMLPtWXg3M4vEBhLL0dURWvz4oP5SZCVKbN6wO-h9NkqHEqo43fGyGGEe3gwuJEQVo_bzYsglZgrFGBll0G4GE5Xrfq4gK8ZVYCj2WiohNo8npDs6YleZDM95-6lCIm8hBXDytJl1lImvMyiiBkB0dIZiTV40qJUZgfrbd9voyKNffZTTZ4aXpLX6yXfo0maJl33t5-cBnY91vY-HfymlLBpVlDV1GT1gAS3ELwvSJL74CRICjh6HhyDkgS5mYzcCosUaiN5ZvPL91DvS2F2WAcY_4Rt1XJuNXKFXazc4x8RSvNm8CufPzRgEIWKAsSJ1qazEOctPCLkTY8lyo-AnPwCa8Gs-Nn24rrv7wQXjpxgZePKbhZNNBIdIfv07ZKU-AbxRNnt5Wyl3h_nxmmw2-eyOC7FdZID8140FPj-5ijoDb3_-9db-DJyb5dORKnTStXdELK0ENBc_VKg5f1IT_PpTHLnPUHdUr39izzL5_9D-N7coCYZmxcdJsodIl5wVOCiINGdiVHczg633O_Nb96IhmFC895D-9DrS9E0RJuyI-BfysLkvXLHAx0RJZ5h6_KBi4_fZogKq30-4Yv0qx5aCrp0b0TP7_EfHAd9-IxCxIPHNQC7dI90KLeKJkn_cIVzPpd8NpIlXJSXekcwIWp7eycVWxb14dvQ1YjVKDgqsZFHhgju16QYrO1h9RF6mIbFOcXLWKNqin9eNG-UyfnTQUYJKCY5oakyNn-cwy4qH_LQb26CIJbhW9flatQsBTpsGIiAb82B10Vi3QtqRDDZiLoAOsltSpwPsKwBjjX15nmxTjrPF4RpdzgyF1jv6NPXgsM5GQ2b2CTM3RAmhL1ZKZ6TeoOMpgAdTT17UtrxeLtCd6cJYqK-prEEwfH6hbhW_nSSoNSuBytvQ5KCwi2IGtk2oe03XWTp1YtVm7icxS1UGGroOnSk4-VNjQfUVrCzbuAwAjXa_I1U3ycPDolgMXf7Tk4e-ZhvkCIK60cvCUJ5geLb-JqSNpAWO0l7bsFX1p55RazR65HXAZRx8jBELY1viqOpJfmBzLToZ_DQhtcrcH4nZx_23CouLcQ2e4zaWDFu4GLfokoPS_JFHKUZZTz23fArocs7cd0FqDSZif5Z-9d-3eq3Palqr9AHxfCVU8_ex77fi1sEXrPMqSG-bdCLji1s03VVWh_Rx6ZwpyuQjVkfwN-s2xUXNdr3mmfVDD0ajn3Itxatb6aCaKQ4lCYlPTsHq-azDLiIeJ6MnJG8aUJu1bf_eoM_7SzNk-DgBmh0uneqg4GgrCQ8wrbaCFMMzODS4CYdFgcBavDmP5vi2vi_ZH4B04VoqsXeJA5SxeIfiMMRD3gbYTskfGQd_wNJpvPfKvHV3EYLwLFWkK_bYUEuVS_gqlEzQCv_XWstcE2x2JmYllaR0XQRwvMWD-bxrjSmmDAP6dgvolqd_UZguPHjA7l-OnyrZbZV8TGF9KbXN7-CcI&cid=CAQSSwDUE5ymbDRv09ZAnfc78MnrpIikAB6LLwmCKxC9gdfj57E44eQO7_a7iOedtJf0Qea_l9VqosDYOP40zlpJtbEIQ3HAxs8yIozbBhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.wtnzfox43.com%2F&ds=l&xdt=1&iif=1&cor=7334458504080570000&adk=1964084972&idt=59&cac=0&dtd=4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 17:13:20 GMT content-encoding gzip x-content-type-options nosniff age 290482 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 18 Feb 2024 17:13:20 GMT
GET H/1.1	200 OK	dvbs_src_internal117.js Show response cdn.doubleverify.com/ Frame 2170	57 KB 19 KB	46ms 45ms	Script application/javascript	2a02:26f0:6c00::210:ba29 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src_internal117.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=198000&plc=6985912&sid=18330&dvregion=0&unit=300x250 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Wed, 22 Feb 2023 01:54:42 GMT Content-Encoding gzip Last-Modified Tue, 10 Jan 2023 11:00:18 GMT Server Microsoft-IIS/10.0 ETag "0cda5b9e224d91:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080000 Connection keep-alive Accept-Ranges bytes Content-Length 18840
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 5AF7	22 KB 8 KB	22ms 21ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 290481 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 18 Feb 2023 17:13:21 GMT expires Sun, 18 Feb 2024 17:13:21 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 8DF4	0 0	60ms 60ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5UFhDOjRLM7xHuD0U17sPPDn4h8j3xZpXQXOCY1DnIeJnEnFc0AmR-grFvbSkZvQf_ap0XZMPj2vHJbcmDxdOHYVOpvTk2bTjKveCRA4OSeACjBHLaXDSmH7-wlxgFfk0szOlJmPM4pAA6irmn-QxqtlA8nwEdUFf50BxpeNLFe4H3PUQbZiualkOE60Q89BmdZn6rd55RbDhSIqrsy0FpHMMTyUJFyWsLfjGOoNDloqbVa7MSAc0UXU-16b6fgvkz_3iYgtfe6ykA894DFoyNlUK8OFRu3oI9eUig7Fji80Kotslo3064iVksyJDxfYZhClWDWxITFHPZbQEb9HsthyefC0Uwoa4_98DEHcV2zQrmB2c_gU3TdaBWoGTuJDfLN-a2_L4kzEvbNIPXrWj6wlVSnA2Zm7q3NgXdKfMZs6iCIMZlWsqhuh-SjMr2snaVrkQzCZklb9NQupwnQqEhBpdKsneNB4xXl0VGFKNywMY0MxkqLeBm4klyHivyGTZLO7nWu0rYfDThf7vZgS6twBlzF0k3iMkKG_-fTtXcOk5ba-Qc6sNPWEZkZPAkyb6rACmQBM0bQWpR1crAHQLQrcZwxa2hQdwpv74wKvXNCSl3qp4-eTAYGGga5DsVbQag2Diaq7JVg2H9SWiLq-EvJSZw-PRKxntjFOQKh4ihgDCWVFUTSJP07_034AjuuRdRmN2vI0HqD6wVI84o2u_J-ZiXjN9FVoabP7BEy6OIvmJG4PU-Djka1iS0wNnLVKAzsSx-RXgIxovWJrFQmnaj14BFZKxBOiOEEhhT4Mi0VQXUlNdUSI7K_F3FJfswX7aDmDvg5-hv2_A4XR8UUGw52qi4bZByYlBoWD5Cra4AOvuC8JpkFOjCl3xIyyU3JkdAh66GP1uYKAHXMJcG-Cg3OWcI1aJALCAJESfwLcrhnOlwRfl0c1YAEyTWAwRwDXL5K0W2f-6q6CLqc36l1mNrL726DBYL_xGE_bIGM5IuFoLUwvgJwcqBXyVUnJZukieTJM0MXAGNv7uUUXX7hSLUs4BlFaimlT08eYl73f_pa8N0DCkqiafmqEHsWa1_0xpLxMiz2-pS9Yo9xX-QQUjZt4GRoDMUFgMszU7TUSBvBH4gslvoCtu7xSEOwszTrM0T1NoeLAJU8R0YWU09Him7voEexXwqbXZMs6WbtidQzqlzjswu6PFHkWevcE9DRy3GU0cOcCzLlo5rwNqovUOOLETm8Le8emTqEfn6DAXatRvse5UdcVfc6Rc_ICtI93bu2LZBGWti7PMa9eU7dvzjwtxRvdDLoo&sai=AMfl-YQMdWQIWisEougwvTXhsaNb74S4-nWE0lpbIgWzNnHWQgx9SJ-ctq60gBsRKktaRCKBGQjV3YkX5fs5OAziQXm9eY6EGBQYU9bg4yUj9pPUW_F8W1B6RiqfG8gTPWWju0haCtvka_FW2opwsg48TGiBGCeQYuTWZVtRgD-ieNx_MjwqsCiWZLVujhBWSG5OnN0M8dsI4M8Mjk7qY_FQilUMsqPKbQ_rcLvA9cuIUCBb_2gJV2KV_p04_u6Pbq4GXftjlU0P7sbbsnzkHhrgf6IIpWDT1tLdjonu&sig=Cg0ArKJSzBr2nvpzxvwLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=347&vt=11&dtpt=196&dett=3&cstd=143&cisv=r20230216.25295&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 22 Feb 2023 01:54:42 GMT
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/ Frame 2170	1 KB 903 B	121ms 30ms	Script text/javascript	34.149.12.213 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_951180533913&jsTagObjCallback=__tagObject_callback_951180533913&num=6&ctx=15911784&cmp=198000&plc=6985912&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=951180533913&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=110&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&aUrlD=-1&m1=13&noc=4&fcifrms=5&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DHE%3FK7%40Icb%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DHE%3FK7%40Icb%5D4%40%3ETar9EEADTbpTauTaufe%60ba5gcbc%6074f657_574%607ffe6g32%60h%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5DHE%3FK7%40Icb%5D4%40%3ETauDE%40CJTaucgc%60dffhTau25G2%3F465%5C3%3AE4%40%3A%3F%5C492%3A%3F%5C%40A6%3FD%5C4CJAE%40%5C%3E%3A%3F%3A%3F8&dvp_exetime=7.90&callbackName=__verify_callback_951180533913 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal117.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 213.12.149.34.bc.googleusercontent.com Software / Resource Hash dc73d7512d045f33552a5fc88430361ac9738231224f7698f0615859f019a07e Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Feb 2023 01:54:42 GMT Content-Encoding br X-DV-Response 1 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Connection keep-alive Expires 02/21/2023 01:54:42
GET H3	200	bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response pagead2.googlesyndication.com/bg/ Frame 5AF7	36 KB 14 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 20:13:52 GMT content-encoding br x-content-type-options nosniff age 20450 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14287 x-xss-protection 0 last-modified Mon, 13 Feb 2023 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 21 Feb 2024 20:13:52 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D62F	0 20 B	57ms 56ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BE3rL4nX1Y4GEEMb-7_UP3ZauMAAAAAA4AeAEAg&bg=!ISKlInbNAAZYlHKzeJQ7ADkAdvg8WqJ17EYES-Q_xv2d_AL8pTVMgXvchAYF0rdpENW2nPZkLMCvDK_eGAZ6sE2oabEIrYvk6dgCAAAAeVIAAAACaAEHmQLjPV8slwYvUmjUrsarJCeAO_ux7TIJqUl5LsbcVk6DmifLKa2DZwDPk7QjV9pUSmPDhy2lxJlqhsLvcSb1Df3r7xHKM7G7rra13OOnFfkgLVp2DyAX3tH76058AsNeev9Jy5vX1IJU3BanaQQcLcNyMVbiJeicq9LLlK4syDD_njvxgxaW7XtTm8AB5gVzQawC4dyvC_RSE53zgTaNx0Nhc0ArpbEShg55GnAP5RiJVfqrzT61J3faqa70to7ccCUCSJPUflnp3KDzz1xYCZledlGoyVUQhCbsJh-dSG4xlXv5zfVY614AHo7o_Lbtj-yW18_IKOD2lY61TXHliQvA5jP-JZcmKqvNoYXgpn4kSkSjrvI9mkIsColRTtbOhXuP1eQdsiRenzYinDUDqEEscD7oFrdgCw0f8R2OISVQ5_oPZ-PNTojxeKdxnAwK49bzUmbwyDImEpO8eNeiYEqZn4rwAD1dwtuD09Ev7RQrJalPIamaZnWVU9vXuIOSw-qqTY9sBD4Nd7wYMhKkPy-3q03Pgfcl5VFygl16YziUOVODtyP9BKh3GW6ZlLGOgMyGfAXPPurV7df3ierxrpC90zDWHRmoemnJTMLq-sb_uEqSBb9TWbwPaJz982BSUKBsK6ntGPOHThH8wdSRYBRsvrjGL-LrDXGt0RtuC629H_5B1TZ3SC1PyUiE7BP0ZvUKSz8RLm5wUEjlOYf4HsXz7xg1rjNnQdykOETolPcvCciDeuyyooMIuEdpQT3AhnT_wXsYMal1h5XglolyPXMhcsSFGse4TlBvVCXOotKvoeXpyJt6Dfa9O8FPivV_R_pjdga1X_YRZXSRuxcEsCe7WJjmj2JSE4g0TQwMoIw_Mk9fXSdOF9WF7-iqEDd__wxuVEB46kC2DKInau5qILy-4FD_gAMALjGTU3ACW9w1HK_6KbbLULi2OJR801Wx0A0tUuoPclQzMWKxPAfQ0YSIUixXsQ Requested by Host: www.wtnzfox43.com URL: https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 393E	42 B 64 B	102ms 56ms	Fetch image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLlg2khDrDbXgmzYc9bwRWAhc5tHIMQUSK32sNYb_dmDsOIA5d7ywoaHWqxu8RBK0H7WdsLbQM2qt5NSOqZmv32R1cHFsQ4RY_hosst414R0QDyLf8&sig=Cg0ArKJSzP1kiZDwiPNGEAE&id=lidar2&mcvt=1011&p=159,436,249,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230215&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3085882104&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677030881644&rpt=151&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	bsevent.gif rtbc-eu3.doubleverify.com/ Frame 2170	0 234 B	65ms 22ms	Ping text/plain	34.149.12.213 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=c1075fd56b384621bac1b6af1aad311a&vfdur=122&cbust=1677030882811975 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal117.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 213.12.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Access-Control-Allow-Origin * Pragma no-cache Date Wed, 22 Feb 2023 01:54:42 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 02/21/2023 01:54:42
GET H3	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame 2170	16 KB 7 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal117.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:09 GMT content-encoding gzip x-content-type-options nosniff age 33 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6883 x-xss-protection 0 last-modified Wed, 15 Feb 2023 19:52:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Wed, 22 Feb 2023 02:54:09 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5AF7	0 20 B	58ms 57ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvFCI4nX1Y7PZIvqVjuwPy9ydoAEAAAAAOAHgBAI&bg=!_P-l_6vNAAZYlHKzeJQ7ADkAdvg8WkiiJOId04d1iOwczxR-XTxdtLqv-heXKFdknz7jth3wa7un8u5Qv8tq0HyIU51Ph3Hpxp8CAAAAXFIAAAACaAEHmQLq2wk21hVQPq3qJQJiOOPoKuYIHTk0UjPE_xZp69qi_JOZSnpx6m2euUReYkAMXpQt7PjQ3hp8G_b2YBnTYRU3KOaK5lbskjFS4VmKbRAx1NbIdCQH-ab5dBkqVl6MRE7HEqSWQPMFwSYHJCNmJPh66yfMF3z2hUPgM6-8OuLC5XbZWYWriv_Km8oT6Fa_YVR2Bv7pafNwsuhx_6dc_YolSE83Oiz7JcE3OGjMw4hjXGK2pvwnlhES_SGS9b8hmAt8nHXqSXPAmul2u--dlcP95L0Rth9aMjSRV7HmNVmYES5HQniK9CwiFwmBXDTtcjRxnj_cMFBHYrYQYJupA2caIcs6AmHjf3clkwyX56ff7OgEulYgs_gxnqsRRJnCBgdYl6JtMRU2SYzSUJeRNlD-14IixQUUgtPkt8gvU-EcphCzubnu_PoLdKjj88cPjP6owGQ5ehj3lI5ON9jIWqHahJ20jn5A3nqEQ0WS1ISICVWthX_plxVRHkLB2-U7q7EFIVueeBKulAG0vL6LSSitHzRgu_nBZXhNSDqgluXpxW82LrNJVPn4wI0W93fPXHxGhrwoS2TWMb0zPOCJMYA121JXsff2q1HDXFQ0TWY6Vd1AZhYCcdLT9BlHNWNe8OoqVul381MiF9nAx_yBVAIcu8SzXjy-0TY22Tj_hYvV3xuAoiYNgiYQRiqYllQ1jJJGAiEKE2Sj_WaLmyjUQIoziL62VZQAFia0w8plI5CQS-3RhvQEHDunVn3gNQznrwSFxgAj5QOUBSDf3tgDty4OpGPXgxcOofIASITmDlX53FSVHeA9t9TRZvSrODLdiQU5IeqyKjk-oZ7SNz3JFsnXzJBV3b-3rD1klxXQ_Xb2R9WvHq1pGVJqy4jo01AmEEKvQlOXYwF5aUjaODPut2xTFl1W2xzYa0CewjxGsGmTlDByRhrUSieie3bo5EWrjm0ZVIwQZjNloq5O8keLLFqlWFcOYObbMuX5gcA Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	impl_v95.js Show response www.googletagservices.com/dcm/ Frame 2170	60 KB 23 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v95.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 16:22:50 GMT content-encoding gzip x-content-type-options nosniff age 552712 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23368 x-xss-protection 0 last-modified Mon, 13 Feb 2023 18:47:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 15 Feb 2024 16:22:50 GMT
GET H2	200	B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=3395800993;ord=u7p7d5;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wtnzfox43.com%2F$0;xdt=1;crl... Show response ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 2170	55 KB 26 KB	123ms 59ms	Script text/javascript	142.250.186.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=3395800993;ord=u7p7d5;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wtnzfox43.com%2F$0;xdt=1;crlt=BfF21vQ)b8;stc=1;chaa=1;sttr=34;prcl=s Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/impl_v95.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f6.1e100.net Software cafe / Resource Hash 474b49b592163f86e568065c9cdcca16ff1e09139b2f41e1ac55b510b2ca7e2c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:42 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26195 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/ Frame 2170	8 KB 3 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/omrhp.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=3395800993;ord=u7p7d5;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wtnzfox43.com%2F$0;xdt=1;crlt=BfF21vQ)b8;stc=1;chaa=1;sttr=34;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 23:11:08 GMT content-encoding br x-content-type-options nosniff age 9815 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2986 x-xss-protection 0 server cafe etag 3296546412363819624 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Mar 2023 23:11:08 GMT
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 2170	0 0	58ms 58ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVInlhyEamy7frGS88b4Y2EG9bDvsJhmTEZwSggEzhaKrw_d4c0oeyLLg6iGYZq9CCevsmMQB-nihjiRtMnU7aS2GkFX1adzuvnFmGwhA_jBcA41k4w4Nje9QTyL-4CxvzKKJJeY2zCwRuAf8FFiIf3AVfeFUA1ne3wQ&sai=AMfl-YTOuy3TEuyAtNRhd3NuKeM0L_YiEdfbwqs8hE7vPa0EZzQdMX2S85L4Z_LGRcnZpM_YFXf4lOmlkEliBnQ2_zQsjJXqXnc6HNMwrQ&sig=Cg0ArKJSzHL8U8ODet6BEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230216.03069&arae=0&ftch=1&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=3395800993;ord=u7p7d5;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wtnzfox43.com%2F$0;xdt=1;crlt=BfF21vQ)b8;stc=1;chaa=1;sttr=34;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:43 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 22 Feb 2023 01:54:43 GMT
GET H3	200	2418735279377567735 s0.2mdn.net/simgad/ Frame 2170	47 KB 47 KB	21ms 20ms	Image image/jpeg	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/2418735279377567735 Requested by Host: 76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com URL: https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d22ae6bbaa3c79a6d31667177a7bf1b209536858fe3caf1a95a21af65d76f15b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Fri, 17 Feb 2023 10:56:36 GMT x-content-type-options nosniff age 399487 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48252 x-xss-protection 0 last-modified Thu, 26 May 2022 20:28:04 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 17 Feb 2024 10:56:36 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame BDBB	22 KB 8 KB	21ms 21ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 290482 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 18 Feb 2023 17:13:21 GMT expires Sun, 18 Feb 2024 17:13:21 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 2170	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d268042b77dcec220848fca7d4c5f85e3b10190d529a580c190c7db86151549a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 2170	0 0	59ms 59ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVInlhyEamy7frGS88b4Y2EG9bDvsJhmTEZwSggEzhaKrw_d4c0oeyLLg6iGYZq9CCevsmMQB-nihjiRtMnU7aS2GkFX1adzuvnFmGwhA_jBcA41k4w4Nje9QTyL-4CxvzKKJJeY2zCwRuAf8FFiIf3AVfeFUA1ne3wQ&sai=AMfl-YTOuy3TEuyAtNRhd3NuKeM0L_YiEdfbwqs8hE7vPa0EZzQdMX2S85L4Z_LGRcnZpM_YFXf4lOmlkEliBnQ2_zQsjJXqXnc6HNMwrQ&sig=Cg0ArKJSzHL8U8ODet6BEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=76&vt=11&dtpt=75&dett=2&cstd=0&cisv=r20230216.03069&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=3395800993;ord=u7p7d5;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wtnzfox43.com%2F$0;xdt=1;crlt=BfF21vQ)b8;stc=1;chaa=1;sttr=34;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:43 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 22 Feb 2023 01:54:43 GMT
GET H2	200	_ate.track.config_resp Show response v1.addthisedge.com/live/boost/ra-5df7946c3ca1934d/	2 KB 859 B	96ms 87ms	Script application/javascript	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://v1.addthisedge.com/live/boost/ra-5df7946c3ca1934d/_ate.track.config_resp Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software / Resource Hash 5a79c9c881a501568df71e355b7dc09e93cf7f9695952e58636c998f8a914d0a Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:43 GMT content-encoding gzip etag -1453869967--gzip vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control public, max-age=10, s-maxage=86400 content-disposition attachment; filename=1.txt content-length 682
GET H2	200	300lo.json Show response m.addthis.com/live/red_lojson/	89 B 249 B	186ms 144ms	Script application/javascript	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://m.addthis.com/live/red_lojson/300lo.json?si=63f575e14484d0cc&bkl=0&bl=1&pdt=1801&sid=63f575e14484d0cc&pub=ra-5df7946c3ca1934d&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.wtnzfox43.com&fp=story%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1677030883120&jsl=1&uvs=63f575e1c88b68c7000&skipb=1&callback=addthis.cbs.jsonp__51400103718466460 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software / Resource Hash ec8a19853a6ad4400b74ea8a66fafc235959c144aab52197469185f982cecd83 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:43 GMT cache-control max-age=0, no-cache, no-store, no-transform content-disposition attachment; filename=1.txt content-length 89 content-type application/javascript;charset=utf-8
GET		sh.f48a1a04fe8dbf021b4cda1d.html s7.addthis.com/static/ Frame D5CE	0 0
GET H2	200	sh.f48a1a04fe8dbf021b4cda1d.html Show response s7.addthis.com/static/ Frame 321D	71 KB 26 KB	58ms 58ms	Document text/html	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.wtnzfox43.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, max-age=86313600 content-encoding gzip content-length 26421 content-type text/html date Wed, 22 Feb 2023 01:54:43 GMT etag W/"5f971164-11adc" last-modified Mon, 26 Oct 2020 18:11:48 GMT p3p CP="NON ADM OUR DEV IND COM STA" server nginx/1.15.8 strict-transport-security max-age=15724800; includeSubDomains timing-allow-origin * vary Accept-Encoding x-host s7.addthis.com
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	36ms 36ms	XHR application/json	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f7c7d06928aaa26a8ef213779f797c5fbd74d40a4b057b12f0bc50d10a9c2471 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:43 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11136 x-xss-protection 0
GET H3	200	7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response pagead2.googlesyndication.com/bg/ Frame BDBB	36 KB 14 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 13:19:29 GMT content-encoding br x-content-type-options nosniff age 45314 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14233 x-xss-protection 0 last-modified Mon, 13 Feb 2023 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 21 Feb 2024 13:19:29 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 22 Feb 2023 01:54:43 GMT
GET H2	200	layers.fa6cd1947ce26e890d3d.js Show response s7.addthis.com/static/	263 KB 76 KB	26ms 26ms	Script application/javascript	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip date Wed, 22 Feb 2023 01:54:43 GMT last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag W/"5f971164-41cf5" vary Accept-Encoding content-type application/javascript cache-control public, max-age=86313600 x-host s7.addthis.com timing-allow-origin * content-length 77617
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame C958	13 KB 5 KB	26ms 25ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.wtnzfox43.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 15278 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 21 Feb 2023 21:40:05 GMT expires Wed, 21 Feb 2024 21:40:05 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame CBA2	783 B 1 KB	88ms 34ms	Document text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7d33368ba309eac5c941c6f8364b65aea64bf3c0310c6e2f38b755fa2132cc59 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-oMa0P-VULtdMxAAlRw6QWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.wtnzfox43.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 513 content-security-policy script-src 'report-sample' 'nonce-oMa0P-VULtdMxAAlRw6QWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 01:54:43 GMT expires Wed, 22 Feb 2023 01:54:43 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	200	shares-post.json Show response api-public.addthis.com/url/serviceapi/	2 B 300 B	199ms 182ms	XHR application/json	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.wtnzfox43.com%2Fstory%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.wtnzfox43.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-type text/plain Response headers strict-transport-security max-age=15724800; includeSubDomains date Wed, 22 Feb 2023 01:54:43 GMT surrogate-key sFbt=https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining last-modified Wed, 22 Feb 2023 01:00:00 GMT server nginx/1.15.8 content-type application/json access-control-allow-origin https://www.wtnzfox43.com cache-control no-transform, max-age=0, s-maxage=14400 access-control-allow-credentials true content-length 2
GET H2	200	shares.json Show response api-public.addthis.com/url/	33 B 324 B	213ms 197ms	Script application/json	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.wtnzfox43.com%2Fstory%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining&callback=_ate.cbs.rcb_cyap0 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 089a599d761bd0ff5f8148a95bdf86e9248805b862063ba0973bb1d37956ab3c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip surrogate-key www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining last-modified Wed, 22 Feb 2023 01:54:43 GMT server nginx/1.15.8 date Wed, 22 Feb 2023 01:54:43 GMT vary Accept-Encoding content-type application/json cache-control no-transform, must-revalidate, max-age=0, s-maxage=3600 content-length 53
GET H2	200	shares.json Show response api-public.addthis.com/url/	33 B 324 B	211ms 195ms	Script application/json	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.wtnzfox43.com%2Fstory%2F48415779%2Fadvanced-bitcoin-chain-opens-crypto-mining&callback=_ate.cbs.rcb_5kcy0 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash c34fec430d680e24d257182488128a793f342f69f38a46eb229e76d4f47d6565 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip surrogate-key www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining last-modified Wed, 22 Feb 2023 01:54:43 GMT server nginx/1.15.8 date Wed, 22 Feb 2023 01:54:43 GMT vary Accept-Encoding content-type application/json cache-control no-transform, must-revalidate, max-age=0, s-maxage=3600 content-length 53
GET DATA	200 OK	truncated /	443 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET H3	200	bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response pagead2.googlesyndication.com/bg/ Frame C958	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 20:13:52 GMT content-encoding br x-content-type-options nosniff age 20451 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14287 x-xss-protection 0 last-modified Mon, 13 Feb 2023 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 21 Feb 2024 20:13:52 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame CBA2	0 0	54ms 54ms	Image text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=1751001215231520&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame BDBB	0 20 B	57ms 57ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bem5O4nX1Y4HpOqyrx_APt5C_GAAAAAA4AeAEAg&bg=!0dKl0obNAAZYlHKzeJQ7ADkAdvg8WrWsysZGqgcXDyZ3Rn4Vf5RGFTHUcjOov7wx_qkANOngDdDIBz7WpetvOXcdiLgTbzvnOm0CAAAAuVIAAAADaAEHCgB8iLAvCzUmqwJpa0E7tqGUrBLYOvNliPNAgyCeUheNRRRKPAk-u7EtECqHALz8tIQ7ElgbxG-g-5LLeHwYyahvzlyo-Vzgz20YJrgLozrAo3wmrXY2k1F3mk60dOHTkN27S-w-8nCNJXErq_tUL8I1vqPqrnpLs1sHWRGh1JkC6SaNmzOgqvjRdkwkelkmsK4iEe7krozeNAdknM8SA2b0MnSpOGmi7yx_Xbpu6ZCnZrlY8SyNOORABUVLegsDMWvGjF3fGcZ6I5LZoQQlxSVLpSeOuKZKtQLMhJR7rp_qgA5ZnKxKECcbsHUBSGH7J32jiohRwbhYleDWdq2o6aAF8rck7McVbBzxi3icw4fRo7fNcyor3KA7PoslKLaDfne2J_5lu779LfeeFrrXTOEpnT9Ul3fUK5iCPF4aJ3tW28UzD3ncHKazNfgRAsW6hQj71IpA48gA_D7Ee4uw8HhpE9FqTWyYt-Ak879WO4kpVoT4zOimzEFV_CDJn85hw3O7DHDkjT6bjxu05COzzeJ3kSVfZqEy70zz2zxKqZ4qMbYxnOg_TOw5U2vTikQQfpeXoeSQJLYPOkzqTnuUvu3cogmI9b8EAQBRRy_Y2W9zyDpeZBgSZxRZ6WcNmD5nGbT2Lt1v2cv_Af_pqyWkSStv3GRP-WNaGOPdADn3JvL9BRezj_2kWIpbPCwRqV_EId_XXFtKFg6vsm4j2MiR72koV8W1cThkfu91QHd_gpSiB53Bxyxh2fiYP0dhp_cpsryT9B6vDTirYhCYkHDqoYoMYS89cFdO0sOesWDbqedVqnE6_Pn4_9nAKNB3TFSlXuNGanc_U7XCviQ_mg2A0ml-oZFmFCjWMBwQtpi6veX1Nn58cYU2U6T3g2P3Dn2PZLyED3cS4FggmkI4Sab5QuZCnO0rs_6XhoVTZPDllxZOtFQayRGhDxQbsQqVFpAYwAzPZuiwDDHHuVsnWJwckI-_qKLpIoBHW95E3pVH6dsR5d39NflUshGLlLWyQLLUTw2LoH1IMqk9lVgKfl8g8CRNdgggIqwtDDJzQFqqQXL9K7pQUTv22Z_3ZHKcoKSrNpMG0i-Ia_4gALZv07nY8NMId8g2Hn6hitbCXTLTmvaIUfBWNwFFKY48FjYtitIA8jgXYxIKnOZwU8I Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame C958	0 10 B	21ms 21ms	Image text/plain	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?VQGkQQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:43 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 8DF4	42 B 64 B	61ms 61ms	Fetch image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstM2_H_uP-4mjwweZw_RUNvG6OCIjv6u3wLZHQViClLAQBY39rQEok45dsVJ4DmeLExbGkPwYxPW4pFmbKp8NaNa97HgSYgjAPpiykRb-ZVb1OrVIi4qzXtB35qtqXHlpoAz3GfZg&sai=AMfl-YS-4O0VZ7a9x_W_uUySg__ax3N1tsqukyvl60gacSygAecNbhFA5cksWhz9GP_9DtLFObRFj5KC8BUuTAhWcw4cbnNGshbd6CNLefhmSKS3pN8fukuidNP4wMjtXNt1cZCPHQjve88Y_lBMSw&sig=Cg0ArKJSzHmxeEAZbFiTEAE&cid=CAQSTADUE5ymx9J_RthbzGpk3cgrAnaU1lIuQzA2p3ZGc65D9JofQI2VZGT6zlOC32v_Ix17eVWlw8PEOJ9ZyeapSJmAi9xy6oCQgtmeovgYAQ&id=lidar2&mcvt=1001&p=993,1449,1033,1490&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4001668881&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677030882078&rpt=294&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:43 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8DF4	0 20 B	56ms 56ms	Ping image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7131051075210&version=m202301230201&ct=76&x=1&cor=11428273821934920000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	58ms 57ms	Image text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021601&jk=1751001215231520&bg=!bm2lbTnNAAZYlHKzeJQ7ADkAdvg8WuEf_IGP9Nn-Uhf7kV6dLM9bTV2Kowi9qZy5ztCAwH5bFlIbQ9WbuNU2S-J9CqLNmBuIgoQCAAAAV1IAAAACaAEHmQKpgmmnyo8lvSC4HU7A7nVlmgA9q_ds4hn6C8E4tGWGbey0wB488cwantH3rSXLL1qAJ_hztMh1vcAN5iXjM-y2F9eopaKqz9TzVgdJSc2edA6g22Rlfq2ZH8x_RFJvjM-sXUy3NylFBi011e7_6sL4HVN7IOk0A9mu_F2eGl9KdNC65fKs859yN-uAi8dWucDA1LnFUs574Jd08oh4I3EJLSzRoEV_ICQY7lcStQdTU-u42IukKpHP4ucqEi02C4SBo5BIA4bGDiHVI5a8_WbwgeARsdLHsNfYT0Kmi69z3IWjZTWembLau4a1w2PGorE0pZq3NT_o-xQI2exbaactN7UloEDzwJ4BgoXuLjXJ1SrS9BkQSjBzaUcpIC3Am3eZRiZd_3p9K5S1cUDLSdV0ZUQ6-6fJIUPdWuPC_sX_JUEtZtdSWhfx-ylvoK7Sz67ror_gM0IBpZj3iLtVjgo79ZGhyMONfBsifR96o8_hUh1IlQvCm980GOKxp5iAkYpOhUiWjMv5yJmjwkLoIrAa-5WCIRTqami9RufEAfhzN0LHdHnT1bEFBgTCWme1Zwpnm9T5_jd62BYgTp34vcivSblXWOmI9w9FqojsKsIcAsDvpa77psvVzRc7wVmgiXfp7OVSYx3LpynrceKpo0hGNxojbKYiEZvDJ0RtGXmcRo7H4gn_s7Us6xyR-g2sk9bFw9U_Q6C_vZJ5ggacnwbQSsOpdZ4CaqnKQNjhnG3PHJ1khNie1az1Ry-4IEcBlXJKENnRty-lwtZMTiKxDnlrexKgGLIwASyly-wd8Dd1Cvg5t_lgBouMQHj4FvEZ4oqmMsERo9Vy2IRHITDq8c78ZEqU5hycKLY024Bj1yRXIDu-9Nc4-qjqeShITtuPNKfKdIri3B1BCywx Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 2170	42 B 64 B	56ms 55ms	Fetch image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvZBUfHo3VRYRQfHMwVNZJ7Lq3niWUbuP5cDLcviUb_F4T5A660Gp9MTF4WWY_XT4Vp9JmwSS3fqDVBjp8piFoNLU7rrWK&sig=Cg0ArKJSzNDNFhNn_b2HEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3395800993&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677030882403&rpt=690&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:44 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 2170	42 B 64 B	60ms 59ms	Fetch image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspsJITF2BFdU_R4iM2x7LPElU-iOWlvpmEN4wKicNLUk-d-EGeZpUrOnWTCDIP_IgGBL1D1zy3J5awnLp3b1y-b9QdhCosd0_JoJu8c9XdtPjxf-R37KKBDgC4&sai=AMfl-YTde0knkLCOuPQRtRDIbkgkrNeh5XnKpghbCDli-qZ849RcQA4e5gKkASOdKOkaxNBD4yVYlnowMc8Vtg8T2HxJM5SRiIpBU10v8TvSQBp50LbhWCmVp4KfBQDMvKP2d0Bgm6YQb9YtigoG&sig=Cg0ArKJSzMKojYj6V2YnEAE&cid=CAQSSwDUE5ymbDRv09ZAnfc78MnrpIikAB6LLwmCKxC9gdfj57E44eQO7_a7iOedtJf0Qea_l9VqosDYOP40zlpJtbEIQ3HAxs8yIozbBhgB&id=lidar2&mcvt=1002&p=313,1190,567,1490&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=1896545879&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677030882403&rpt=686&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:44 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2170	0 20 B	55ms 54ms	Ping image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1856355513921&version=m202301230201&ct=77&x=1&cor=7334458504080570000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://76132d84341fc7edf0dfc1f776e8ba19.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 01:54:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	resources Show response www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/	841 B 608 B	391ms 391ms	XHR application/json	2606:4700::6812:1e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/resources?zipcode=37763 Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-5b9f93f28db5b7224e66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69f5676bb5ef01b109749b0ca6a6e0f21a7a446079aeaac33863098351a73d7b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:44 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED x-dns-prefetch-control off content-length 458 x-xss-protection 1; mode=block x-response-time 253ms server cloudflare etag W/"349-OxZiJYsoUn4OpVh0VGGC3vnCU+M" x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=180 accept-ranges bytes cf-ray 79d41872f92b30f4-FRA expires Wed, 22 Feb 2023 01:57:44 GMT
GET H2	200	26_cloudy_day_night.png ngw-static.franklyinc.com/assets/static/	2 KB 2 KB	32ms 31ms	Image image/png	2606:4700::6812:10d4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ngw-static.franklyinc.com/assets/static/26_cloudy_day_night.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10d4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5986fbf89a06e3788ae62c05a8fbe38cac3034377a9602bdab3c651c7a19eb9e Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:44 GMT cf-cache-status HIT x-amz-request-id PQWHJGRRZ992DXTM age 2642 content-length 1983 x-amz-id-2 GnnGJZzFJBnCMbRMipFPrM2m83LADJcOb3DB/UrfEntGbBoeldRtLwrF29pMleBfhL6a5FbXKjE= last-modified Tue, 03 Mar 2020 16:09:54 GMT server cloudflare etag "febd94620a53d84f3d864c9cf5526544" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=14400 accept-ranges bytes cf-ray 79d418730bba5b74-FRA expires Wed, 22 Feb 2023 05:54:44 GMT
POST H/1.1	204 No Content	event.png tpsc-eu3.doubleverify.com/ Frame 5564	0 234 B	70ms 22ms	Ping text/plain	34.149.12.213 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpsc-eu3.doubleverify.com/event.png?impid=5b6b3ee40eee43b28e06c016aa41deac&flavor=0&gdpr=&gdpr_consent=&vdur=113&eoid=14&msrjs=3536&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=156&tetms=8&msltms=92&vltms=113&sei=289&vetms=16&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=8648&msrcannum=4&ismms=42&isumms=41&nvr=6&isgmmims=42&isgmv4mims=42&elmtp=3&isbxdms=3042&b11=3199&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&lftb=3199&sftb=3199&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=951&isuiabvms=951&isgmpims=41&isgmv4dpims=951&ispmxpms=951&engalms=40&dvp_hdnAd=0&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3161&cbust=1677030885087414 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements3536.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 213.12.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.wtnzfox43.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Access-Control-Allow-Origin * Pragma no-cache Date Wed, 22 Feb 2023 01:54:45 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 02/21/2023 01:54:45
GET H2	200	resources Show response www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/	853 B 613 B	197ms 196ms	XHR application/json	2606:4700::6812:1e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/resources?zipcode=37738 Requested by Host: ngw-static.franklyinc.com URL: https://ngw-static.franklyinc.com/assets/10775/app-5b9f93f28db5b7224e66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0576a801582b43d70c714c959a7491077a218260addd38ed3412f3e717669e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://www.wtnzfox43.com/story/48415779/advanced-bitcoin-chain-opens-crypto-mining accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:54:47 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED x-dns-prefetch-control off content-length 465 x-xss-protection 1; mode=block x-response-time 49ms server cloudflare etag W/"355-2elTkoFqtx2n/T0zSdTnPI26LFk" x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=180 accept-ranges bytes cf-ray 79d41885b97b30f4-FRA expires Wed, 22 Feb 2023 01:57:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s7.addthis.com

URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html